GET

API Keys

Create, inspect, and revoke API keys

Manage API keys with account endpoints.

Send Verification Code

POST /auth/api-key/send-code

Response `200 OK`

Sends the email confirmation code required for API key creation.

Create API Key

POST /auth/api-key

Request Body

Field

Type

Required

Description

code

string

Yes

Email confirmation code

otp

string

2FA OTP code if 2FA is enabled

expiresAt

string

Expiration time in ISO 8601. null means no expiry

Response `200 OK`

{
  "id": "key_live_primary",
  "key": "op_k_live_primary",
  "secret": "sec_live_primary_base64url",
  "createdAt": "2026-01-15T10:30:00Z",
  "expiresAt": null
}

Field

Type

Description

string

API key record ID

key

string

Public API key

secret

string

Secret for HMAC signing

createdAt

string

Creation timestamp in ISO 8601

expiresAt

string

Expiration timestamp or null

The secret is returned only once.

Creating a new key deactivates the previous key.

Get Active API Key

GET /auth/api-key

Response `200 OK`

Returns active key metadata. The secret is not returned.

Revoke API Key

DELETE /auth/api-key

Response `200 OK` or `204 No Content`

Revokes the active key.

Last updated 1 month ago

Was this helpful?

hashtagSend Verification Code

hashtagResponse 200 OK

hashtagCreate API Key

hashtagRequest Body

hashtagResponse 200 OK

hashtagGet Active API Key

hashtagResponse 200 OK

hashtagRevoke API Key

hashtagResponse 200 OK or 204 No Content

Send Verification Code

Response `200 OK`

Create API Key

Request Body

Response `200 OK`

Get Active API Key

Response `200 OK`

Revoke API Key

Response `200 OK` or `204 No Content`