Skip to main content
Key-based authentication lets you authenticate fal API requests using a secret key generated from the dashboard. This is the recommended authentication method for production applications, CI/CD pipelines, and any environment where you need programmatic access. Keys are scoped to control what operations they can perform, giving you fine-grained control over access. You can create and manage keys from the fal dashboard at any time.

Overview

There are two main reasons to use key-based authentication:
  1. When calling ready-to-use models
  2. In headless remote environments or CI/CD (where GitHub authentication is not available)

Generating the keys

Navigate to our dashboard keys page and generate a key from the UI fal.ai/dashboard/keys

Scopes

Scopes provide a way to control the permissions and access level of a given key. By assigning scopes to keys, you can limit the operations that each key can perform. Currently there are only two scopes, ADMIN and API. If you are just consuming ready-to-use models, we recommend that you use the API scope.

API scope

  • Grants access to all models on fal, including ready-to-use models and your own deployed endpoints.
  • Grants access to API-scoped Platform APIs.

ADMIN scope

  • Grants full access to private models.
  • Grants full access to CLI operations.
  • Grants access to ready-to-use models.
  • Grants access to API-scoped and ADMIN-scoped Platform APIs.