✅ Now Live on Chrome Web Store

Your API Keys,
Organized & Secure

The Chrome extension that stores your API keys with AES-256-GCM encryption, then auto-suggests them when you visit the right site.

🔐 Add to Chrome — Free See how it works ↓
platform.openai.com/api-keys
You're on OpenAI — 2 keys saved in API Locker
🔐
OpenAI Keys
Production
sk-pro••••••••j0A
Copy
Development
sk-dev••••••••G0A
Copy
Supports 32+ API Providers
🔍 Free Tool

API Key Leak Checker

Find out which provider your key belongs to and how risky it is if exposed.
Enter only the first 4–6 characters — never your full key.

We never store or transmit your key prefix. Everything runs in your browser.

Features

Everything you need,
nothing you don't

Built for developers who are tired of hunting for API keys across 10 different browser tabs.

🎯
Smart Site Detection
Visit platform.openai.com? API Locker instantly shows your OpenAI keys. Goes to Stripe dashboard? Your Stripe keys appear. Zero manual searching.
🏢
Provider Logos & Grouping
Each key is tagged with its provider's logo and name. 32+ providers supported — OpenAI, Anthropic, AWS, Stripe, GitHub, Supabase and more.
One-Click Copy
Keys masked by default for security. Click Copy and the full key goes straight to your clipboard — no popup, no searching, no friction.
📦
Multiple Keys Per Provider
Label your keys (Production, Development, Client A...) and store as many as you need for the same provider. Switch between them instantly.
📅
Expiry Reminders
Set an expiry date on any key. Get warned 14 days before it expires — and see expired keys highlighted in red so nothing slips through.
💾
Import & Export
Back up your entire vault to a JSON file. Restore it on any device instantly. Migrate between computers without re-entering everything manually.
📊
Vault Impact Tracker
See how many times API Locker auto-detected your keys, how many copies you made, and how much time you saved. Share your stats with one tap.
🔗
Share Your Vault Stats
Generate a shareable security card showing your vault stats — keys protected, copies made, time saved. Post it to X/Twitter with one click.
How It Works

Up and running in 60 seconds

1
Install & Set Master Password
Add API Locker from the Chrome Web Store. Choose a strong master password — this is the only password you'll ever need to remember.
2
Add Your API Keys
Select a provider, paste your key, add a label like "Production" or "Client A". Optional: set an expiry date. Done in 5 seconds per key.
3
Auto-Suggest on Every Site
Visit any supported API dashboard and your keys appear automatically. Click Copy. Paste. That's it. Never search for an API key again.
Security

Zero-knowledge.
Zero-cloud.

Your keys never leave your device. We never see them — not even encrypted.

🔐
AES-256-GCM Encryption
Every key is encrypted with AES-256-GCM, the same standard used by governments and financial institutions.
🧂
PBKDF2 Key Derivation
Your master password goes through 100,000 iterations of PBKDF2 before becoming an encryption key. Brute-force resistant.
💻
Zero-Knowledge Cloud Sync
Cloud sync sends only AES-256-GCM encrypted blobs — the server never sees your keys or master password. Offline-first by default.
🚫
No Telemetry, No Tracking
We collect zero data about you or your keys. No analytics, no usage tracking, no crash reports sent anywhere.
Pricing

Simple, honest pricing

Start free. Upgrade when you need more.

Free
£0
Perfect for getting started
  • Up to 3 API keys
  • All 32+ providers
  • Smart site detection
  • One-click copy overlay
  • AES-256 encryption
  • Email backup
  • Vault Impact Tracker
  • Share vault stats
  • Import & export
  • Expiry reminders
  • Cloud sync
  • Team sharing
Install Free
⭐ Most Popular
Pro
£4.49 / month
For power users & freelancers
  • Unlimited API keys
  • All 32+ providers
  • Smart site detection
  • Import & export
  • Expiry reminders
  • Vault Impact Tracker
  • Share vault stats
  • Cloud sync ☁
  • Team sharing
Get Pro Monthly 🔥 Lifetime Deal — £39.99
Team Coming Soon
£7.49 / user / mo
For dev teams & agencies
  • Everything in Pro
  • Shared team vaults
  • Role-based access
  • Key-level permissions
  • Email invite system
  • Cloud sync ☁
  • Priority support
🔔 Join Waitlist
FAQ

Common Questions

How do I securely store API keys in Chrome?

The safest way to store API keys in Chrome is with a dedicated encrypted extension like API Locker. It encrypts every key with AES-256-GCM using a master password that never leaves your device. Avoid storing API keys in plain text files, browser notes, or unencrypted password managers that treat keys as plain passwords.

What happens if I forget my master password?

API Locker is zero-knowledge — your master password is never sent anywhere and there is no recovery mechanism by design. If you forget your master password, your encrypted vault cannot be decrypted. This is a feature, not a bug: it means no third party, including us, can ever access your keys. Write your master password down and store it somewhere safe.

Are my API keys sent to the cloud?

Only if you enable cloud sync (Pro feature). Even then, only AES-256-GCM encrypted blobs are sent — the server never sees your plaintext keys or master password. The free plan stores everything locally on your device only.

How is API Locker different from a regular password manager?

Password managers are built for website logins. API Locker is purpose-built for developers: it detects which API dashboard you're visiting and surfaces the right key automatically, supports 32+ providers with their logos, handles multiple keys per provider with labels like "Production" and "Development", and warns you before keys expire.

What is smart site detection?

When you visit a supported API dashboard (like platform.openai.com or dashboard.stripe.com), API Locker automatically shows only the relevant keys for that provider. No searching, no scrolling — the right key appears the moment you need it.

Can I use API Locker across multiple devices?

Yes, with the Pro plan. Cloud sync keeps your encrypted vault in sync across all your Chrome installations. Your keys are encrypted with your master password before leaving your device, so syncing is completely safe.

Which API providers does API Locker support?

API Locker supports 32+ providers out of the box including OpenAI, Anthropic, Stripe, GitHub, AWS, Google Cloud, Twilio, SendGrid, Hugging Face, Replicate, and many more. You can also add any custom provider manually.

✅ Now Live

Already live — Install now

API Locker is available on the Chrome Web Store. Free to install, with Pro features available when you're ready.

🔐 Add to Chrome — Free
📬 Stay in the loop

Get updates & early access

New features, Pro tips & early access to the Team plan. No spam, ever.

Join developers already using API Locker. Unsubscribe anytime.

📚 Guides & Free Tools

Learn API Key Security

Free guides and tools to help you store, manage, and protect your API keys.

🗝️
API Key Manager
What is an API key manager and why every developer needs one.
🔐
API Key Security Best Practices
12 proven practices to keep your API keys safe from exposure.
💾
How to Store API Keys Securely
Step-by-step guide comparing storage methods for every use case.
🛠️
API Key Management Tools
Compare the top tools for managing API keys in 2025.
🏗️
API Key Storage Best Practices
Environment variables, vaults, secret managers — which to use when.
🧩
API Key Manager Chrome Extension
Why a browser extension is the smartest place to manage API keys.
🔍
API Key Leak Checker
Identify your key's provider and risk level from just the first 4-6 characters.
✅ You're on the list! We'll be in touch.