Anthropic Claude API
AnthropicAI API2 credentials
API Key
anthropic / api-key
Anthropic Claude API requests authenticate with an API key from the Anthropic Console. Anthropic documents x-api-key as the API-key header and also supports Authorization bearer tokens for short-lived workload identity access tokens.
Looks like
examplesk-ant-api03-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXLocation
ANTHROPIC_API_KEYx-api-keyAnthropic API key header
application config, scripts, notebooks, examples, committed .env files
.env, local shell profiles, deployment manifests, server config
CI/CD variables, cloud secret managers, platform environment stores
HTTP client debug logs that include x-api-key or Authorization headers
Notes
API keys and short-lived workload identity bearer tokens are different credential types. API keys are long-lived bearer secrets from Console; workload identity bearer tokens are obtained through the OAuth token endpoint and should be triaged by their identity provider and lifetime.
Workload Identity Bearer Token
anthropic / workload-identity-bearer-token
Anthropic supports Authorization: Bearer tokens for Workload Identity Federation. These are short-lived access tokens obtained from the Anthropic OAuth token endpoint rather than static Console API keys.
Location
AuthorizationBearer token used for Anthropic Workload Identity Federation requests
workload identity exchange logs and HTTP client debug output
temporary environment variables used by workloads
workload runtime token caches and orchestration platforms
Notes
These tokens are intentionally short-lived and opaque. Exposure still matters during the token lifetime, and the upstream identity federation rule should be reviewed if tokens appear outside the intended workload.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.