Post api keys
Authorizations
JWT Bearer token obtained from authentication. Pass as: Authorization: Bearer
Body
Request body for creating a new API key
Permission scopes granted to this key. Use ['*'] for full access, or list specific scopes from the catalogue (e.g. ['email:read', 'email:send']). An empty array is rejected — empty no longer means 'full access'.
1A single permission scope, or the wildcard '*' for full access
*, email:read, email:send, phone:read, phone:sms, phone:voice, phone:provision, messages:read, messages:send, messages:search, voice:read, vault:read, vault:write, vault:share, vault:oauth, identity:read, identity:write, agents:read, agents:write, inbox:read, inbox:write, domains:read, domains:write, addresses:read, addresses:write, pods:read, pods:write, webhooks:read, webhooks:write, billing:read, audit:read Human-readable label for the API key
1 - 100Environment mode for the key
LIVE, TEST Restrict this key to a specific agent by ID
^[0-9A-HJKMNP-TV-Z]{26}$ISO 8601 timestamp when the key automatically expires
Response
OK
API key resource including the secret value, returned only on creation
Unique identifier for the API key
^[0-9A-HJKMNP-TV-Z]{26}$Organization that owns this API key
^[0-9A-HJKMNP-TV-Z]{26}$Agent this key is restricted to, null if unrestricted
^[0-9A-HJKMNP-TV-Z]{26}$Human-readable label for the API key
Non-secret prefix of the key for identification
Environment mode of the key
LIVE, TEST Permission scopes granted to this key
Whether the key has been revoked
ISO 8601 timestamp when the key was created
ISO 8601 timestamp when the key was last used, null if never used
ISO 8601 timestamp when the key expires, null if no expiration
User ID of the key creator, null if created by system
Full secret API key value, only returned once at creation time
Extension-token settings surfaced from metadata. Present only for extension:bridge keys.
