Create API key
API Keys
Create API Key
Create a new API key for an organization. Plain key is returned only once!
POST
Create API key
Creates a new API key for programmatic access.
Permissions
User must be owner or admin.Security
- API keys are prefixed with
sk_ - Full key value is only shown once during creation
- Store the key securely (never commit to git)
- Keys are hashed before storage
Using API Keys
Include the API key in theX-API-Key header:
Example
Best Practices
- Use descriptive names for keys
- Create separate keys for different environments
- Rotate keys regularly
- Revoke unused keys immediately
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Path Parameters
Body
application/json
API key name
Required string length:
3 - 50Example:
"Production API Key"
API key description
Maximum string length:
200Example:
"Used for production server"
API key scopes (permissions). Defaults to ['read:user'] if not provided
Available options:
read:user, write:user, read:organization, write:organization, read:members, write:members, read:webhooks, write:webhooks, read:api-keys, write:api-keys Example:
["read:user", "write:webhooks"]Rate limit per minute
Required range:
1 <= x <= 10000Example:
60
Rate limit per hour
Required range:
1 <= x <= 100000Example:
1000
Allowed IP addresses (CIDR notation supported)
Example:
["192.168.1.1", "10.0.0.0/24"]Expiration date
Example:
"2025-12-31T23:59:59Z"
Response
API key created successfully. Save the plain key securely!