CloudSoftwareHardware
Software Stack
DepthAI
OAK Apps
AI Models
Troubleshooting

ON THIS PAGE

  • API Key Security - Good Practices
  • General Recommendations
  • Modes & Secure Setup Options

API Key Security - Good Practices

This page describes recommended practices for handling Luxonis Hub API keys securely when developing, deploying, and running apps.An API key is a credential issued by HubAI. You can obtain one by signing up for a free account and generating an API key in your team settings. The API key acts as a way to authenticate with Luxonis Hub, allowing your apps, scripts, or devices to securely interact with Hub services.Including API keys directly into git-tracked files (e.g., oakapp.toml), which is not recommended because you can accidentally reveal sensitive access information to the public. Instead, we encourage secure handling patterns that avoid committing secrets into source control.

General Recommendations

  • Never commit API keys directly into repositories (e.g., .toml, .json, .yaml, or .py files under git).
  • Prefer using environment variables or .env files (excluded from git via .gitignore).
  • For deployment on hub.luxonis.com, use built-in key management tools (oakctl, web UI) rather than hardcoding.
  • Keep .env files local only, and avoid sharing them.

Modes & Secure Setup Options

Standalone Mode
Peripheral Mode

Standalone Mode

Hub setup

Go to hub.luxonis.com where you can deploy Apps to the camera without code. In this case you don't need to worry about the API key security because everything is already handled in the backend.

Local setup

Option 1 - Device adopted

If the device is adopted by your team in Hub then the DEPTHAI_HUB_API_KEY is already set up correctly and you can run your app locally with:
Command Line
1oakctl app run .

Option 2 - Override the Key

If your device is unadopted or adopted under a different team than the one you want to use, then you need to override the DEPTHAI_HUB_API_KEY value. In this case, have your main main.py take the parameter with load_dotenv
Python
1import os
2from dotenv import load_dotenv
3
4load_dotenv(override=True)
5
6print(os.environ["DEPTHAI_HUB_API_KEY"])
Then store the key in a .env file next to main.py:
Command Line
1cd <INSERT_PATH_TO_PROJECT>
2echo "DEPTHAI_HUB_API_KEY=<INSERT_YOUR_DEPTHAI_HUB_API_KEY>" > .env
3echo ".env" >> .gitignore
Then run:
Command Line
1oakctl app run .
oakctl ensures that .env file copied over to the App environment on the camera. Then, similarly as for other examples, you need to implement your own mechanism in the App for reading variables from that .env file (for example, using dotenv.load_dotenv()).