Api keys

List API keys

List active (non-revoked) API keys for the organization.

GET/api/api-keys

Authorization

better-auth.session_token<token>

Cookie session from Better Auth. Requires X-Org-Id header for org-scoped routes.

In: cookie

Header Parameters

X-Org-Id?string

Organization ID. Required for cookie auth. Not needed for API key auth (org resolved from key).

Formatuuid
curl -X GET "https://loading/api/api-keys"
{
  "apiKeys": [
    {
      "id": "string",
      "name": "string",
      "keyPrefix": "string",
      "scopes": [
        "string"
      ],
      "createdBy": "string",
      "createdByName": "string",
      "expiresAt": "2019-08-24T14:15:22Z",
      "lastUsedAt": "2019-08-24T14:15:22Z",
      "revokedAt": "2019-08-24T14:15:22Z",
      "createdAt": "2019-08-24T14:15:22Z"
    }
  ]
}
{
  "type": "https://docs.appstrate.dev/errors/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "Invalid or missing session",
  "code": "unauthorized",
  "requestId": "req_abc123"
}
{
  "type": "https://docs.appstrate.dev/errors/forbidden",
  "title": "Forbidden",
  "status": 403,
  "detail": "Insufficient permissions",
  "code": "forbidden",
  "requestId": "req_abc123"
}

Create an API key

Previous Page

List available scopes

Next Page