Creating different API keys for UAT and Production under the same LiveKit Ship subscription is a good practice for access management, but the available documentation does not explicitly confirm that this guarantees complete isolation between the environments. While each API key is used for authentication, it is unclear if requests authenticated with the UAT API key can be fully prevented from reaching the Production environment under the same subscription. LiveKit generally recommends using separate instances or projects for staging, production, and development environments to ensure proper isolation. Each instance or project would have its own unique URL, API key, and secret to avoid cross-environment request accidental routing. Therefore, although different API keys provide logical separation credentials-wise, environment isolation is best ensured using separate instances/projects. If strict isolation between UAT and Production environments is critical, using distinct LiveKit projects or instances is advised. If you require a more definitive answer on how LiveKit Ship enforces environment separation for API keys under a single subscription or any specific configurations to prevent cross-environment interactions, I can escalate this to a specialized agent or assist you further. Sources: Deploying to production | LiveKit Docs | LiveKit | LiveKit Security | packages/basics/.env.example | agent-examples/.env.examples | examples/nextjs/.env.example | LiveKit | server/.env.example | .env.example