Skip to main content
All endpoints require authentication. API keys are scoped to the authenticated company — you cannot view or delete keys belonging to other companies.

POST /v1/keys

Creates a new API key for the authenticated company. Optionally attaches a human-readable label.

Request body (optional)

Response 201

Example


GET /v1/keys

Lists all API keys for the authenticated company. Key values are returned in full — treat this response as sensitive.

Response 200

Example


DELETE /v1/keys/:key

Deletes an API key. The key is immediately invalid for future requests. You cannot delete the last key for a company (that would lock you out).
This action is irreversible. Any service using the deleted key will receive 401 Unauthorized on its next request.

Path parameters

Response 200

Error responses

Example