The API key is used to check whether a login is permitted. To do this, a single request is sent to the Torn API and the faction and the role within the faction are evaluated. The API key is then not saved or used or shared in any other way.