What you’ll learn
- How to generate and configure API keys
- How to rotate and revoke keys securely
- How to store keys as CI secrets
Create a Key
TestDino issues two credential types from the same place. Pick the one that matches what you’re doing:
| Credential | Use it for | Where it’s used |
|---|---|---|
| API Key | Uploading Playwright test results | CLI uploads (Node.js / Python), CI pipelines |
| Access Token | Public API access and external integrations | Public API v1, Azure DevOps Extension |
Project vs Organization settingsOrganizations have their own Settings page (billing, members, etc.), but API keys and Access Tokens always belong to a single project. If you don’t see the API Keys tab, you’re likely in Org Settings — navigate into a project first.
Token prefixes
Every credential carries a prefix that identifies its type. Check the prefix to confirm you are using the right token for the surface.| Prefix | Token type | Scope | Accepted by |
|---|---|---|---|
tdp_ | Project Access Token | Project-scoped (public-api, azureext) | Public API v1, Azure DevOps Extension, CLI uploads |
tpu_ | User Access Token | User-scoped | MCP and in-app contexts. Rejected by Public API v1 |
tdp_ token in the header: Authorization: Bearer tdp_.... A tpu_ token returns an authorization error on Public API v1. User tokens are created from your user settings and are used by the MCP integration, not from the project API Keys tab.
API Key (test reporting)
Use this for the CLI uploaders that send Playwright reports to TestDino.- Open your project in TestDino
- Go to Project Settings → API Keys tab
- In the Keys & Tokens section, click + New → API Key
- Enter a Key Name and Expiration (1 to 365 days)
- Click Create API Key
Access Token (Public API & integrations)
Use this for the Public API or external integrations like the Azure DevOps Extension.
- Open your project in TestDino
- Go to Project Settings → API Keys tab
- In the Keys & Tokens section, click + New → Access Token
- Enter a Token Name
- Select Scopes —
public-apifor Public API v1 read-only access,azureextfor the Azure DevOps Extension - Set Expiration (days) (1 to 365 days)
- Click Create Token
Use your API key
- Node.js
- Python
Pass the key to the CLI with the Or set it as an environment variable:
--token flag:Set up CI/CD secrets
Never hardcode API keys in your workflow files. Store them as secrets and reference them at runtime.- GitHub Actions
- GitLab CI
- Jenkins
- Azure DevOps
- CircleCI
- Go to your repository → Settings → Secrets and variables → Actions
- Click New repository secret
- Name it
TESTDINO_TOKEN - Paste your API key
- Click Add secret
Rotate a key
When a key expires or you suspect it’s been exposed:- Generate a new key in Project Settings → API Keys tab
- Update your CI secrets with the new key
- Run one upload to confirm the new key works
- Revoke or delete the old key
Security Practices
- Use short expiration periods for CI keys
- Create separate keys for different pipelines or environments
- Rotate keys if you suspect exposure
- Never commit keys to version control
Key Limits
| Plan | Keys per project |
|---|---|
| Community | 2 |
| Pro | 5 |
| Team | 10 |
| Enterprise | Unlimited |
Next steps
With a key in hand, install a reporter to upload from your machine, or set up CI to upload on every run.Reporters
Install the Node.js or Python CLI and run your first upload
CI Setup
Automate uploads in GitHub, GitLab, Azure DevOps, and more
Public API
Use an Access Token to query test data over the API
Project Settings
All project configuration