> ## Documentation Index
> Fetch the complete documentation index at: https://docs.useanima.sh/llms.txt
> Use this file to discover all available pages before exploring further.

# Patch api keys



## OpenAPI

````yaml /openapi.json patch /api-keys/{id}
openapi: 3.1.1
info:
  title: Anima API
  version: 0.1.0
  description: >-
    The Anima API provides programmatic access to unified infrastructure for AI
    agents: create and manage agents; send and receive email; place phone calls
    and send/receive SMS and voice; store and retrieve vault credentials; manage
    agent identity; and configure webhooks for real-time events. Authenticate
    using a Bearer token or an API key passed via the X-API-Key header.
  contact:
    name: Anima Labs
    url: https://useanima.sh
    email: support@useanima.sh
  license:
    name: MIT
    url: https://opensource.org/licenses/MIT
servers:
  - url: https://api.useanima.sh/v1
    description: Production
security:
  - BearerAuth: []
  - ApiKeyAuth: []
tags:
  - name: Agents
    description: Create and manage AI agents with email and phone capabilities
  - name: Inboxes
    description: Manage email inboxes and their configurations
  - name: Messages
    description: Send, receive, and search email messages
  - name: Webhooks
    description: Register and manage webhook subscriptions for real-time events
  - name: Organizations
    description: Manage organizations and team settings
  - name: Domains
    description: Configure and verify custom email domains
  - name: Phone
    description: Manage phone numbers and SMS/voice capabilities
  - name: Invoices
    description: Track invoices, match receipts, and reconcile payments
  - name: Billing
    description: View usage, tiers, and billing information
  - name: Security
    description: Configure security policies and access controls
  - name: Vault
    description: Store and retrieve encrypted secrets
  - name: API Keys
    description: Create and manage API keys for programmatic access
paths:
  /api-keys/{id}:
    patch:
      operationId: apiKeys.update
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
            pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
            description: Unique identifier of the API key to update
      requestBody:
        required: false
        content:
          application/json:
            schema:
              type: object
              properties:
                name:
                  type: string
                  minLength: 1
                  maxLength: 100
                  description: Updated human-readable label
                scopes:
                  type: array
                  items:
                    enum:
                      - '*'
                      - email:read
                      - email:send
                      - phone:read
                      - phone:sms
                      - phone:voice
                      - phone:provision
                      - messages:read
                      - messages:send
                      - messages:search
                      - voice:read
                      - vault:read
                      - vault:write
                      - vault:share
                      - vault:oauth
                      - identity:read
                      - identity:write
                      - agents:read
                      - agents:write
                      - inbox:read
                      - inbox:write
                      - domains:read
                      - domains:write
                      - addresses:read
                      - addresses:write
                      - pods:read
                      - pods:write
                      - webhooks:read
                      - webhooks:write
                      - billing:read
                      - audit:read
                    type: string
                    description: >-
                      A single permission scope, or the wildcard '*' for full
                      access
                  minItems: 1
                  description: Updated permission scopes
                expiresAt:
                  anyOf:
                    - type: string
                      format: date-time
                    - type: 'null'
                  description: Updated expiration timestamp, or null to remove expiration
              required: []
              description: Request body for updating an existing API key
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
                properties:
                  id:
                    type: string
                    pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
                    description: Unique identifier for the API key
                  orgId:
                    type: string
                    pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
                    description: Organization that owns this API key
                  agentId:
                    anyOf:
                      - type: string
                        pattern: ^[0-9A-HJKMNP-TV-Z]{26}$
                      - type: 'null'
                    description: Agent this key is restricted to, null if unrestricted
                  name:
                    anyOf:
                      - type: string
                      - type: 'null'
                    description: Human-readable label for the API key
                  prefix:
                    type: string
                    description: Non-secret prefix of the key for identification
                  mode:
                    enum:
                      - LIVE
                      - TEST
                    type: string
                    description: Environment mode of the key
                  scopes:
                    type: array
                    items:
                      type: string
                    description: Permission scopes granted to this key
                  revoked:
                    type: boolean
                    description: Whether the key has been revoked
                  createdAt:
                    type: string
                    format: date-time
                    description: ISO 8601 timestamp when the key was created
                  lastUsedAt:
                    anyOf:
                      - type: string
                        format: date-time
                      - type: 'null'
                    description: >-
                      ISO 8601 timestamp when the key was last used, null if
                      never used
                  expiresAt:
                    anyOf:
                      - type: string
                        format: date-time
                      - type: 'null'
                    description: >-
                      ISO 8601 timestamp when the key expires, null if no
                      expiration
                  createdBy:
                    anyOf:
                      - type: string
                      - type: 'null'
                    description: User ID of the key creator, null if created by system
                  extension:
                    anyOf:
                      - type: object
                        properties:
                          authPolicy:
                            enum:
                              - session
                              - pre_approved
                              - prompt_owner
                            type: string
                          tokenTtl:
                            enum:
                              - 15m
                              - 1h
                              - session
                            type: string
                        required:
                          - authPolicy
                          - tokenTtl
                      - type: 'null'
                    description: >-
                      Extension-token settings surfaced from metadata. Present
                      only for extension:bridge keys.
                required:
                  - id
                  - orgId
                  - agentId
                  - name
                  - prefix
                  - mode
                  - scopes
                  - revoked
                  - createdAt
                  - lastUsedAt
                  - expiresAt
                  - createdBy
                description: API key resource without the secret value
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        JWT Bearer token obtained from authentication. Pass as: Authorization:
        Bearer <token>
    ApiKeyAuth:
      type: apiKey
      in: header
      name: X-API-Key
      description: 'API key for programmatic access. Pass as: X-API-Key: <your-key>'

````