API Locker

Tracking since Apr 2, 2026.

Changelog

• May 16, 2026
  description

  API Locker — Secure API Key Manager for Developers
  
  Stop hunting for API keys across browser tabs, .env files, and 
  sticky notes. API Locker stores all your API keys in one secure, 
  encrypted vault — right in your browser.
  
  🔐 AES-256-GCM ENCRYPTION
  Every key is encrypted with military-grade AES-256-GCM using your 
  master password. Your password never leaves your device. We can't 
  see your keys — even if we wanted to.
  
  ⚡ SMART SITE DETECTION
  Open OpenAI? API Locker suggests your OpenAI key automatically. 
  Works with 50+ providers: Anthropic, GitHub, Stripe, AWS, 
  Supabase, Resend, and more.
  
  🗝️ ONE-CLICK COPY
  Click any key to copy instantly. No typing, no hunting, no 
  mistakes.
  
  ☁ SYNC ACROSS DEVICES (Pro)
  Encrypted cloud sync via Supabase. Only AES-256 encrypted blobs 
  are sent — the server never sees your plaintext keys.
  
  ⏰ EXPIRY ALERTS (Pro)
  Set expiry dates on keys and get warned before they expire.
  
  ---
  
  FREE PLAN — No account required
  ✓ Up to 3 API keys
  ✓ AES-256-GCM local encryption
  ✓ Smart site detection (50+ providers)
  ✓ One-click copy
  ✓ Export & import backup
  ✓ Email backup
  
  PRO PLAN
  ✓ Unlimited API keys
  ✓ Cloud sync across devices
  ✓ Expiry date alerts
  ✓ Priority support
  
  ---
  
  🔒 PRIVACY FIRST
  - 100% local by default
  - Zero telemetry on free plan
  - No account required
  - Open architecture — no hidden network calls
  - Master password never transmitted
  
  Perfect for: developers, freelancers, DevOps engineers, AI 
  builders, and anyone who works with APIs daily.
  
  Supports 32+ API providers including major cloud services, AI platforms, payment processors, and developer tools.

  API Locker — Secure API Key Manager for Developers
  
  If you've ever pasted an API key into the wrong tab, lost a secret key buried in a .env file, or spent 10 minutes hunting for a token you copied yesterday — API Locker was built for you.
  
  API Locker is a Chrome extension that works as your personal API key vault. It stores, organizes, and auto-suggests your API keys and secret tokens directly in your browser. Your keys are encrypted with AES-256-GCM before they ever touch storage. Your master password never leaves your device. Even we can't see your keys.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🔐 MILITARY-GRADE LOCAL ENCRYPTION
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Every API key, secret token, and credential you store is encrypted with AES-256-GCM — the same standard used by banks and government systems. Your master password is used to derive the encryption key via PBKDF2 and is never stored anywhere. Close the browser? Your vault locks automatically. Your keys are safe even if your device is compromised.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ⚡ SMART SITE DETECTION — 50+ PROVIDERS
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  API Locker recognizes which platform you're visiting and automatically surfaces the right key. Working on an AI language model platform? Your AI API key is ready. Configuring a cloud storage bucket? Your cloud credentials appear. Setting up a payment integration? Your payment API key is one click away.
  
  Supported provider categories include:
  • AI and machine learning platforms
  • Cloud infrastructure providers
  • Payment processing and billing APIs
  • Developer collaboration and version control platforms
  • Email delivery and transactional messaging services
  • Database and backend-as-a-service platforms
  • Monitoring, logging, and analytics tools
  • Communication and messaging APIs
  • E-commerce and marketplace APIs
  • Authentication and identity providers
  
  No more switching between your password manager and your terminal just to find a developer key. The right key appears right when you need it.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🗝️ ONE-CLICK COPY — INSTANT ACCESS
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Click any saved key to copy it instantly to your clipboard. No double-clicking, no selecting text, no risk of accidentally exposing your key by selecting the wrong area. API Locker also lets you label keys (e.g., "Production", "Staging", "Personal"), add notes, and organize by provider — so you always know which key is which.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ☁️ CLOUD SYNC ACROSS DEVICES (Pro)
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Work across multiple computers? The Pro plan syncs your encrypted vault across all your devices. Only the AES-256-GCM encrypted blob is ever uploaded to the cloud — your master password and plaintext keys never leave your device. Even our servers see nothing but ciphertext.
  
  Add a key on your work Mac. Open your home laptop. Your vault is already up to date.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ⏰ EXPIRY DATE TRACKING (Pro)
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  API keys expire. Rotating credentials is a security best practice. But it's easy to forget — until your production app breaks at 2am because a key silently expired. API Locker lets you set expiry dates on any key and alerts you before they expire, so you can rotate credentials proactively.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  📦 FREE PLAN — NO ACCOUNT REQUIRED
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  You don't need to create an account or hand over your email to get started. Install, set your master password, and start storing keys immediately. Everything works 100% locally.
  
  FREE PLAN includes:
  ✓ Up to 3 API keys stored locally
  ✓ AES-256-GCM encryption
  ✓ Smart site detection for 50+ provider categories
  ✓ One-click copy
  ✓ Label and notes per key
  ✓ JSON export and import for backup
  
  PRO PLAN includes everything in Free, plus:
  ✓ Unlimited API keys
  ✓ Encrypted cloud sync across all devices
  ✓ Expiry date tracking and alerts
  ✓ Priority support
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🔒 BUILT FOR PRIVACY
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  • Your master password is never stored, never transmitted
  • Free plan: zero network calls — completely offline
  • No analytics, no telemetry, no tracking on the free plan
  • Open architecture — every network call is documented
  • Your encrypted blob is the only thing that ever leaves your device (Pro plan)
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  👨‍💻 WHO IS API LOCKER FOR?
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  API Locker is built for anyone who manages API credentials as part of their daily work:
  
  • Software developers integrating third-party APIs
  • DevOps engineers managing cloud infrastructure credentials
  • AI and machine learning engineers working with multiple model APIs
  • Freelancers and consultants managing keys for multiple clients
  • Full-stack developers juggling production, staging, and development keys
  • Security-conscious professionals who want encryption, not just a note app
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  ❓ FREQUENTLY ASKED QUESTIONS
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  Q: Is this the same as a password manager?
  A: No. General-purpose password managers are built for websites and login credentials. API Locker is purpose-built for API keys, secret tokens, and developer credentials. It understands API provider workflows, auto-detects the right key per platform, and is designed for the developer use case — not for saving your Netflix password.
  
  Q: What happens if I forget my master password?
  A: Your master password is the only way to decrypt your vault. We do not store it and cannot recover it. This is by design — zero-knowledge means truly zero knowledge. We recommend keeping a secure backup of your master password.
  
  Q: Can I use this on multiple computers?
  A: Yes. With the Pro plan, your encrypted vault syncs across all devices. On the free plan, you can manually export and import your vault as a JSON backup.
  
  Q: Does the extension read my browsing history or other tabs?
  A: No. API Locker only reads the hostname of your active tab (to detect which API provider you're visiting) and only when you open the extension. It does not run in the background, does not track your browsing, and does not communicate with any server on the free plan.
  
  Q: Is my data safe if my device is stolen?
  A: Yes. Your vault is encrypted with AES-256-GCM. Without your master password, the encrypted data is mathematically unreadable. There is no backdoor.
  
  Q: What is the difference between API Locker and storing keys in a .env file?
  A: .env files are plaintext. They can be accidentally committed to version control, exposed in build logs, or leaked through misconfigured deployments. API Locker encrypts everything locally with a master password, and your keys never appear in any file that could be accidentally shared.
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  🚀 GET STARTED IN 30 SECONDS
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  1. Install API Locker
  2. Set your master password (stored nowhere — remember it)
  3. Add your first API key
  4. Visit any supported API platform — your key appears automatically
  
  
  ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  
  API Locker — Because your API keys deserve better than a sticky note.

• Apr 22, 2026
  description

  API Locker is a secure, local-first API key manager for developers.
  
  🔐 AES-256-GCM encryption — your keys are encrypted before storage
  🏠 100% local — no servers, no databases, no telemetry
  ⚡ Smart detection — automatically detects popular API provider sites
  📋 One-click copy — grab your key instantly from any page
  🔒 Session lock — vault auto-locks when you close the browser
  
  HOW IT WORKS
  1. Set a master password to create your encrypted vault
  2. Add your API keys with provider names
  3. Visit any supported API provider site — API Locker detects it automatically
  4. Click the badge → see your keys → copy with one click
  
  Works seamlessly with the tools developers use every day — from AI platforms to payment processors, cloud providers, and developer infrastructure services.
  
  PRIVACY & SECURITY
  • All encryption happens locally in your browser (WebCrypto API)
  • Master password is never stored — only used to derive the encryption key
  • PBKDF2 with 100,000 iterations for key derivation
  • Zero telemetry, zero network requests, zero servers
  
  Perfect for developers and indie hackers who work with multiple APIs daily.

  API Locker — Secure API Key Manager for Developers
  
  Stop hunting for API keys across browser tabs, .env files, and 
  sticky notes. API Locker stores all your API keys in one secure, 
  encrypted vault — right in your browser.
  
  🔐 AES-256-GCM ENCRYPTION
  Every key is encrypted with military-grade AES-256-GCM using your 
  master password. Your password never leaves your device. We can't 
  see your keys — even if we wanted to.
  
  ⚡ SMART SITE DETECTION
  Open OpenAI? API Locker suggests your OpenAI key automatically. 
  Works with 50+ providers: Anthropic, GitHub, Stripe, AWS, 
  Supabase, Resend, and more.
  
  🗝️ ONE-CLICK COPY
  Click any key to copy instantly. No typing, no hunting, no 
  mistakes.
  
  ☁ SYNC ACROSS DEVICES (Pro)
  Encrypted cloud sync via Supabase. Only AES-256 encrypted blobs 
  are sent — the server never sees your plaintext keys.
  
  ⏰ EXPIRY ALERTS (Pro)
  Set expiry dates on keys and get warned before they expire.
  
  ---
  
  FREE PLAN — No account required
  ✓ Up to 3 API keys
  ✓ AES-256-GCM local encryption
  ✓ Smart site detection (50+ providers)
  ✓ One-click copy
  ✓ Export & import backup
  ✓ Email backup
  
  PRO PLAN
  ✓ Unlimited API keys
  ✓ Cloud sync across devices
  ✓ Expiry date alerts
  ✓ Priority support
  
  ---
  
  🔒 PRIVACY FIRST
  - 100% local by default
  - Zero telemetry on free plan
  - No account required
  - Open architecture — no hidden network calls
  - Master password never transmitted
  
  Perfect for: developers, freelancers, DevOps engineers, AI 
  builders, and anyone who works with APIs daily.
  
  Supports 32+ API providers including major cloud services, AI platforms, payment processors, and developer tools.

• Apr 22, 2026
  short_description

  Secure API key manager with smart site detection. AES-256 encrypted, 100% local — your keys never leave your device.

  Store, organize & auto-suggest API keys in Chrome. AES-256 encrypted. Smart site detection. Your keys never leave your device.

• Apr 17, 2026
  host_permissions

  <all_urls>

  <all_urls>, https://*.supabase.co/*

Permissions & access

Permissions

storageactiveTabtabs

Host access

<all_urls>, https://*.supabase.co/*

Screenshots