Documentation Index
Fetch the complete documentation index at: https://docs.vane.build/llms.txt
Use this file to discover all available pages before exploring further.
All endpoints require authentication. API keys are scoped to the authenticated company — you cannot view or delete keys belonging to other companies.
POST /v1/keys
Creates a new API key for the authenticated company. Optionally attaches a human-readable label.
Request body (optional)
| Field | Type | Required | Description |
|---|
label | string | No | Human-readable label. Useful for identifying which service uses which key. |
Response 201
| Field | Type | Description |
|---|
key | string | The new API key (prefix: counsel_). Shown once. |
createdAt | string | ISO 8601 creation timestamp. |
Example
curl -s -X POST http://localhost:3000/v1/keys \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{ "label": "production-agent" }'
{
"key": "counsel_f7e8d9c0b1a2...",
"createdAt": "2026-01-01T00:01:00.000Z"
}
GET /v1/keys
Lists all API keys for the authenticated company. Key values are returned in full — treat this response as sensitive.
Response 200
| Field | Type | Description |
|---|
keys | Array | Array of key objects, ordered by creation time. |
keys[].key | string | The API key value. |
keys[].label | string | null | Label, or null if none was set. |
keys[].createdAt | string | ISO 8601 creation timestamp. |
Example
curl -s http://localhost:3000/v1/keys \
-H "Authorization: Bearer $API_KEY"
{
"keys": [
{
"key": "counsel_a1b2c3d4...",
"label": "bootstrap",
"createdAt": "2026-01-01T00:00:00.000Z"
},
{
"key": "counsel_f7e8d9c0...",
"label": "production-agent",
"createdAt": "2026-01-01T00:01:00.000Z"
}
]
}
DELETE /v1/keys/:key
Deletes an API key. The key is immediately invalid for future requests. You cannot delete the last key for a company (that would lock you out).
This action is irreversible. Any service using the deleted key will receive 401 Unauthorized on its next request.
Path parameters
| Parameter | Type | Description |
|---|
key | string | The full API key to delete. Must belong to the authenticated company. |
Response 200
Error responses
| Status | Body | Meaning |
|---|
404 | { "error": "API key not found" } | Key does not exist or belongs to a different company. |
Example
curl -s -X DELETE \
http://localhost:3000/v1/keys/counsel_f7e8d9c0b1a2... \
-H "Authorization: Bearer $API_KEY"
