Implement Langfuse security best practices for API keys and data privacy.
Use when securing Langfuse integration, protecting API keys,
or implementing data privacy controls for LLM observability.
Trigger with phrases like "langfuse security", "langfuse API key security",
"langfuse data privacy", "secure langfuse", "langfuse PII".
Security practices for Langfuse LLM observability: credential management, PII scrubbing before tracing, self-hosted hardening, data retention, and secret scanning.
Prerequisites
Langfuse instance (cloud or self-hosted)
API keys provisioned
Understanding of data privacy requirements (GDPR, SOC2, HIPAA)
Instructions
Step 1: Credential Security
Langfuse uses two keys with different security profiles:
// Startup validation -- catch misconfigurations early
function validateLangfuseCredentials() {
const publicKey = process.env.LANGFUSE_PUBLIC_KEY;
const secretKey = process.env.LANGFUSE_SECRET_KEY;
if (!publicKey || !secretKey) {
throw new Error("LANGFUSE_PUBLIC_KEY and LANGFUSE_SECRET_KEY are required");
}
// Catch key swap (common mistake)
if (secretKey.startsWith("pk-lf-")) {
throw new Error("LANGFUSE_SECRET_KEY contains a public key (pk-lf-). Keys are swapped.");
}
if (publicKey.startsWith("sk-lf-")) {
throw new Error("LANGFUSE_PUBLIC_KEY contains a secret key (sk-lf-). Keys are swapped.");
}
return { publicKey, secretKey };
}
// Use validated credentials
const { publicKey, secretKey } = validateLangfuseCredentials();
Key security rules:
Public key (): Identifies the project. Safe in client-side code.
// Usage with tracing
import { observe, updateActiveObservation } from "@langfuse/tracing";
import { scrubPII, scrubObject } from "./lib/pii-scrubber";
const tracedChat = observe(async (userMessage: string) => {
// Scrub input before tracing
updateActiveObservation({ input: scrubPII(userMessage) });
// Send original to LLM (unscrubbed)
const response = await callLLM(userMessage);
// Scrub output before tracing
updateActiveObservation({ output: scrubPII(response) });
return response;
});
Step 3: Self-Hosted Hardening
# docker-compose.yml -- production-hardened
services:
langfuse:
image: langfuse/langfuse:latest
environment:
# Disable open registration
- AUTH_DISABLE_SIGNUP=true
# Enforce SSO for your domain
- AUTH_DOMAINS_WITH_SSO_ENFORCEMENT=company.com
# Least-privilege default role
- LANGFUSE_DEFAULT_PROJECT_ROLE=VIEWER
# Encrypt data at rest
- ENCRYPTION_KEY=${ENCRYPTION_KEY}
# Data retention (days)
- LANGFUSE_RETENTION_DAYS=90
# Database
- DATABASE_URL=${DATABASE_URL}
- NEXTAUTH_SECRET=${NEXTAUTH_SECRET}
- SALT=${SALT}
Step 4: Git Secret Scanning
Prevent Langfuse keys from being committed:
# .gitignore
.env
.env.local
.env.production
# .github/workflows/secret-scan.yml
name: Secret Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check for Langfuse keys
run: |
if grep -rn "sk-lf-[a-zA-Z0-9]" --include="*.ts" --include="*.js" --include="*.py" .; then
echo "ERROR: Secret key found in source code!"
exit 1
fi
Step 5: Scoped API Keys and Least Privilege
// Create separate API keys per service/environment
// In Langfuse dashboard: Settings > API Keys
// Backend API service -- full write access
// LANGFUSE_SECRET_KEY=sk-lf-backend-...
// Analytics worker -- read-only access
// Use Langfuse API with read-only key
// LANGFUSE_SECRET_KEY=sk-lf-readonly-...
// CI/CD pipeline -- scoped to test project
// LANGFUSE_SECRET_KEY=sk-lf-ci-test-...
// LANGFUSE_PUBLIC_KEY=pk-lf-ci-test-...