xAI
xAIAI API1 credential
API Key
xai / api-key
xAI API keys authenticate requests to api.x.ai. xAI's docs show Authorization: Bearer headers for REST requests and SDK examples that read the key from XAI_API_KEY.
Location
XAI_API_KEYAuthorizationBearer token used by xAI API calls
apps, OpenAI-compatible clients, notebooks, committed .env files
.env, deployment manifests, server config, shell profiles
CI/CD variables, cloud secret managers, hosted app settings
HTTP client debug logs and gateway request logs
Notes
xAI keys are opaque bearer credentials with no reliable public prefix in the referenced docs. xAI exposes OpenAI-compatible usage patterns, so leaked keys may appear in generic OpenAI SDK configuration with a custom base URL as well as in provider-specific XAI_API_KEY variables.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.