Managing API Keys

Your user can have multiple API keys, but it's recommended to use a single key for security and simplicity. To manage your API key(s), you can use the following endpoints:

Getting full API key data

Pass the ID as a query parameter. The organization ID is required as a header, but doesn't alter the behavior of this request. Simply pass the id of an organization you have admin access to. More information on organizations and admin access can be found in the Organizations and Agents section.

fetch('http://localhost:3000/api/auth/api-key/get?id=id-of-api-key', {
  headers: {
    'X-API-KEY': '',
    'X-ORGANIZATION-ID': ''
  }
})

List API keys

Provides a list of all API keys belonging to the user.

fetch('http://localhost:3000/api/auth/api-key/list', {
  headers: {
    'X-API-KEY': '',
    'X-ORGANIZATION-ID': ''
  }
})

Update API key

Update endpoint can be used to change name, toggle enabled/disabled, and change expiration dates on API keys.

fetch('http://localhost:3000/api/auth/api-key/update', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
    'X-API-KEY': '',
    'X-ORGANIZATION-ID': ''
  },
  body: JSON.stringify({
    keyId: '',
    name: '',
    enabled: '', //set to "true" or "false"
    expiresIn: '',
  })
})

To make change to your API key, use the field schema below.

Field schema: keyId is mandatory, but the fields below are optional. By default, no restrictions (rate limiting, usage limits, required refill intervals, key expiration) are placed on keys.

  • name: string
  • enabled: boolean
  • remaining: int, controls number of remaining requests that can be validated with API key. Defaults to null, allowing unlimited requests.
  • refillAmount: int, controls the number of requests "refilled" to the key based on refillInterval
  • refillInterval: int, corresponds with a number of seconds between refills
  • metadata: string
  • expiresIn: float, corresponds with number of seconds before key expiration
  • rateLimitEnabled: boolean, apply rate limiting or not. Defaults to false.
  • rateLimitTimeWindow: float, corresponds with number of seconds to evaluate whether rate limit has been exceeded
  • rateLimitMax: int, max requests within rateLimitTimeWindow

Delete API key

fetch('http://localhost:3000/api/auth/api-key/delete', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
    'X-API-KEY': '',
    'X-ORGANIZATION-ID': ''
  },
  body: JSON.stringify({
    keyId: ''
  })
})