Skip to main content
PUT
/
organizations
/
{organizationId}
/
api-keys
/
{id}
Update API key
curl --request PUT \
  --url http://sandbox.mintlify.com/organizations/{organizationId}/api-keys/{id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Production API Key",
  "description": "Used for production server",
  "scopes": [
    "read:user",
    "write:webhooks"
  ],
  "rateLimitPerMinute": 60,
  "rateLimitPerHour": 1000,
  "allowedIps": [
    "192.168.1.1",
    "10.0.0.0/24"
  ],
  "expiresAt": "2025-12-31T23:59:59Z"
}
'
Updates an API key’s settings.

Permissions

User must be owner or admin.

What Can Be Updated

  • Name and description
  • Scopes (permissions)
  • Rate limits (per minute/hour)
  • Allowed IP addresses
  • Expiration date
Note: The API key value itself cannot be changed. To rotate a key, delete and create a new one.

Example

curl -X PUT http://localhost:3001/api/organizations/{organizationId}/api-keys/{id} \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated API Key Name",
    "scopes": ["read:user", "write:webhooks"]
  }'

Security Considerations

  • Changing scopes immediately affects API access
  • Rate limit changes take effect on next request
  • IP restrictions are enforced in real-time

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

organizationId
string
required
id
string
required

Body

application/json
name
string

API key name

Required string length: 3 - 50
Example:

"Production API Key"

description
string

API key description

Maximum string length: 200
Example:

"Used for production server"

scopes
enum<string>[]

API key scopes (permissions). Defaults to ['read:user'] if not provided

Available options:
read:user,
write:user,
read:organization,
write:organization,
read:members,
write:members,
read:webhooks,
write:webhooks,
read:api-keys,
write:api-keys
Example:
["read:user", "write:webhooks"]
rateLimitPerMinute
number

Rate limit per minute

Required range: 1 <= x <= 10000
Example:

60

rateLimitPerHour
number

Rate limit per hour

Required range: 1 <= x <= 100000
Example:

1000

allowedIps
string[]

Allowed IP addresses (CIDR notation supported)

Example:
["192.168.1.1", "10.0.0.0/24"]
expiresAt
string

Expiration date

Example:

"2025-12-31T23:59:59Z"

Response

API key updated successfully