Create API key
POST/admin/api-keys/
Generates a new API key for programmatic access to the GridLink platform.
Use Cases:
- Enable third-party integrations and custom applications
- Create service accounts for automated workflows
- Provide API access for mobile apps or dashboards
- Set up monitoring and analytics tools
- Configure webhook receivers with authentication
Important Security Notes:
- SECRET SHOWN ONCE: The API key secret is returned ONLY in this creation response
- Store Securely: Save the secret immediately in a secure credential store
- No Recovery: Lost secrets cannot be recovered - revoke and create new key
- Rotate Regularly: Set expiration dates and rotate keys periodically
Best Practices:
- Use descriptive names identifying the application or purpose
- Set narrow scopes limiting permissions to minimum required
- Configure expiration dates for time-limited access
- Monitor key usage via audit logs
- Revoke unused or suspicious keys immediately
danger
CRITICAL: The API key secret is returned ONLY during creation and cannot be retrieved later. Store it securely immediately.
warning
Generated keys have full access by default. Always specify scopes to limit permissions following the principle of least privilege.
tip
Set expiresAt for temporary integrations or testing. Production keys should be rotated every 90 days for security.
Request
Responses
- 201
- 400
- 401
- 403
- 404
- 500
Response after creating an API key
Standard error response format
Standard error response format
Standard error response format
Standard error response format
Standard error response format