Skip to main content

Documentation Index

Fetch the complete documentation index at: https://concentrate.ai/docs/llms.txt

Use this file to discover all available pages before exploring further.

Dormant key activation detects when an API key that has been inactive for a configurable number of days suddenly starts making requests again. This can help flag unauthorized usage, forgotten integrations coming back online, or compromised keys.

How it works

Each evaluation cycle:
  1. Queries billing data for the key from billing_daily, ordered by date descending
  2. Checks for recent activity — if the most recent activity is within the last 2 days, the key may have reactivated
  3. Finds the previous activity — looks for the last day the key was active before the current burst
  4. Calculates the dormant period — the gap in days between the previous activity and the reactivation
  5. Compares against your threshold — if the dormant period is greater than or equal to dormant_days, an alert is triggered

Configuration

You can configure dormant key alerts from the Alerts page in your dashboard.
SettingDescriptionOptions
EnabledToggle the alert on or offtrue / false
Dormant DaysMinimum days of inactivity before reactivation triggers an alertAny positive integer (e.g., 30)
ScopeWhat entities to monitoruser, key

Scope

  • User — monitors all API keys you own, evaluated at the user level.
  • Key — monitors each of your active API keys individually.

Edge cases

Key with no history

If a key has never been used (no billing data at all), no alert is fired — there is no dormant period to measure.

Key still dormant

If a key’s most recent activity is older than 2 days, it is considered still dormant (not reactivated), and no alert is fired.

Continuously active keys

If a key has been used every day (or nearly every day), the gap between activity periods is zero or very small, and no alert is fired regardless of the threshold.

Notifications

When a dormant key activation alert fires, you are notified via your configured channels:
  • Email — includes the key name, how many days it was dormant, the reactivation date, and a link to manage your keys
  • SMS — a shorter summary with the key name and dormant period
Each key is subject to a 24-hour cooldown after an alert fires.