Projects & keys

Everything in Galacha lives under a project. You create one per app you want to record.

What a project owns

Thing	Purpose
Project key	The long hex token the SDK authenticates with
Project ID	Internal UUID for dashboard routing (you never pass this anywhere)
Platform	`web`, `react-native`, `flutter`, `swift`, `kotlin` — picks the default snippet
Display name	Shown in the dashboard sidebar
Members	Team permissions (owner / admin / viewer)
Credits	How many sessions you can still record

The project key

The only thing the SDK cares about. It's a 48-character hex string that looks like this:

4d4b83bcd00acd4cbc8ab5a7d94bab5abbc31887dbc1bf3f

Pass it to init():

// Web + React
<GalachaProvider projectKey="4d4b83bcd00a..." />
 
// React Native
Galacha.init({ projectKey: "4d4b83bcd00a..." });

The backend uses it to route events to the right project and check your credit balance.

Where to find it

Sign in to galacha.me
Click New Project (or open an existing one)
Copy the project key from the project detail page

Never commit the key inline. Use environment variables:

Framework	Variable name
Next.js	`NEXT_PUBLIC_GALACHA_PROJECT_KEY`
Vite	`VITE_GALACHA_PROJECT_KEY`
Create React App	`REACT_APP_GALACHA_PROJECT_KEY`
Expo	`EXPO_PUBLIC_GALACHA_PROJECT_KEY`

All browser-exposed env vars must carry the framework's public prefix or the build step strips them.

Can I use the same key in dev and prod?

Yes, but you'll mix sessions. Cleaner: create two projects (myapp-dev + myapp-prod) and pass the key via env var. The dashboard filters are per-project, so the dev noise stays out of your prod dashboard.

What if the key leaks?

The project key is write-only. It can only POST events to api.galacha.me/api/v1/events. It cannot read sessions, access the dashboard, delete data, or modify billing. Worst case: someone spams events into your project, burning credits.