Skip to main content
POST
JavaScript

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

API key ID

Body

application/json
days_to_expire
integer | null

Lifetime in days for the new key, up to 3650. Omit to reuse the rotated key's original lifetime, or never-expires if it had none.

Required range: 1 <= x <= 3650
Example:

30

expire_in_days
integer | null

Grace period in days before the rotated key expires. Use 0 to expire it immediately. Omit for the default grace period of 7 days.

Required range: 0 <= x <= 3650
Example:

7

Response

New API key created from the rotation

API key returned immediately after creation. Includes the plaintext key once.

id
string
required

Unique API key identifier

Example:

"ckv9w8q2f000001l5r3j7k9m4"

name
string
required

Label for the API key. API keys are not addressable by name; use the ID or key identifier for stable references.

Example:

"production"

created_at
string<date-time>
required

When the API key was created

created_by
object
required
expires_at
string<date-time> | null
required

When the API key expires

deleted_at
string<date-time> | null
required

When the API key was deleted (soft-deleted). Null for keys that have not been deleted.

project_id
string | null
required

Project identifier for project-scoped API keys. Null means org-wide.

Example:

"proj_abc123"

project_name
string | null
required

Project name for project-scoped API keys. Null means the key is org-wide or the project name is unavailable.

Example:

"Production"

masked_key
string
required

Masked version of the API key

Example:

"sk_1234...abcd"

key
string
required

Plaintext API key. Only returned once when the key is created.

Example:

"sk_1234abcd"