Sandbox Mode
Sandbox mode provides a completely isolated testing environment for development and CI pipelines. Sandbox data never touches production, and production keys cannot access sandbox resources.
Free on all plans
Sandbox mode is available on all plans, including Free. Every account can create sandbox keys alongside production keys at no additional cost.
How It Works
Sandbox keys use the rk_test_ prefix and route all requests to an isolated environment. The Rekall API automatically detects the key type and directs traffic accordingly.
Sandbox
Isolated data store, separate from production. All memories, entities, relationships, and agent states live in the sandbox.
rk_test_...Production
Live data store with full rate limits and SLA guarantees. Your users' real data and agent states.
rk_live_...Complete isolation
There is no way to access sandbox data with a production key or vice versa. Attempting to do so returns a SANDBOX_PRODUCTION_MISMATCH error (403).
Creating Sandbox Keys
Create sandbox keys in your dashboard settings by selecting "Sandbox" as the environment when creating a new API key. Sandbox keys support the same scopes as production keys.
# Sandbox key (testing)REKALL_API_KEY=rk_test_abc123def456ghi789# Production key (live data)REKALL_API_KEY=rk_live_xyz789abc123def456
import Rekall from '@rekall/sdk';// Sandbox client - automatically detected from key prefixconst sandbox = new Rekall({apiKey: process.env.REKALL_SANDBOX_KEY, // rk_test_...});// Production clientconst production = new Rekall({apiKey: process.env.REKALL_API_KEY, // rk_live_...});// Both use the same API, different isolated environmentsconst testMemory = await sandbox.memories.create({type: 'episodic',content: 'Test memory for CI pipeline',});
What's Available
The sandbox environment supports nearly all Rekall features. Your tests can exercise the full memory lifecycle without affecting production.
Limitations
Sandbox mode has intentional limitations to keep the testing environment lightweight and to prevent accidental misuse.
No webhook delivery
Webhook events are logged but not delivered to external endpoints in sandbox mode. Use the dashboard to inspect logged events.
Reduced rate limits
Sandbox is limited to 50 requests/minute and 100 memories/month. This is sufficient for integration testing but not for load testing.
Data auto-purge
Sandbox data is automatically purged every 7 days. Do not use sandbox for persistent storage. Data can also be manually purged from the dashboard.
No SSO
Enterprise SSO (SAML/OIDC) is not available in sandbox mode. Use API key authentication for testing.
No SLA
Sandbox mode does not carry any uptime SLA. Sandbox infrastructure may have periodic maintenance windows.
Transitioning to Production
When your integration is tested and ready, transitioning to production requires only swapping the API key. The API surface is identical between environments.
Create a production API key
In the dashboard, create a new key with the "Production" environment and the same scopes as your sandbox key.
Update your environment variable
Replace the rk_test_ key with the new rk_live_ key in your production environment.
Configure webhooks (if needed)
Set up your production webhook endpoints in the dashboard. Webhooks are only delivered in production mode.
Keep sandbox for CI
Continue using your sandbox key in CI pipelines and automated tests. This ensures test runs never affect production data.
CI Configuration
Store your sandbox key as a CI secret and use it for integration tests.
# .github/workflows/test.ymlname: Integration Testson: [push, pull_request]jobs:test:runs-on: ubuntu-latestenv:REKALL_API_KEY: ${{ secrets.REKALL_SANDBOX_KEY }}steps:- uses: actions/checkout@v4- run: npm install- run: npm test
