Create a new API key
Creates a new API key for authenticating with the API. New keys start in ACTIVE status and can be used immediately for authentication. The response includes the one-time raw API key value which will not be retrievable later - clients must save this value as it cannot be recovered. Requires CREATE_APIKEY_OWN permission (or CREATE_APIKEY_ANY for admin users). Side effects include generating cryptographically secure key material, recording creation timestamp, and tracking creator ID. Returns INVALID_ARGUMENT if expires_at is set to a time in the past.
In: header
API key configuration
Key-value pairs of metadata associated with the API key. Used for organization and filtering.
{"purpose":"production","service":"recommendation-engine"}properties <= 10Empty Object
Expiration timestamp in milliseconds since epoch. If not provided, the key does not expire.
1672531200000int64Optional client-provided UUID for idempotent creation. If not provided, server generates a new UUID. Returns ALREADY_EXISTS if ID is already in use.
uuidResponse Body
curl -X POST "http://localhost:8080/v1/apikeys" \ -H "Content-Type: application/json" \ -d '{ "labels": { "purpose": "production", "service": "chat-ui", "environment": "development" }, "expiresAt": 1735689600000, "apiKeyId": "550e8400-e29b-41d4-a716-446655440000" }'{
"apiKeyMetadata": {
"apiKeyId": "550e8400-e29b-41d4-a716-446655440000",
"userId": "b3303d0a-1a4a-493f-b9bf-38e37153b5a2",
"keyPrefix": "gm_12345...",
"status": "ACTIVE",
"labels": {
"purpose": "production",
"service": "recommendation-engine"
},
"expiresAt": 1672531200000,
"lastUsedAt": 1640995200000,
"createdAt": 1640908800000,
"updatedAt": 1640908800000,
"createdById": "b3303d0a-1a4a-493f-b9bf-38e37153b5a2",
"updatedById": "b3303d0a-1a4a-493f-b9bf-38e37153b5a2"
},
"rawApiKey": "gm_12345678901234567890123456789012345678901234567890"
}