API Keys API

Create, list, and manage API keys for server-to-server authentication.

POST
/rest/v1/rpc/list_api_keys
List all API keys for the current tenant. Key values are not returned for security.

Authentication

Requires JWT token (Bearer token). Tenant ID is extracted from the JWT token.

Parameters

NameTypeRequiredDescription
p_tenant_idstringRequiredTenant ID (extracted from JWT if not provided)

Responses

200List of API keys
[
  {
    "key_id": "uuid",
    "tenant_id": "tenant-123",
    "name": "Production API Key",
    "key_prefix": "ll_abc123",
    "created_at": "2025-01-15T10:00:00Z",
    "last_used_at": "2025-01-15T12:00:00Z",
    "revoked_at": null,
    "status": "active"
  }
]
POST
/rest/v1/rpc/create_api_key
Create a new API key. The full key value is only returned once upon creation.

Authentication

Requires JWT token (Bearer token). Tenant ID is extracted from the JWT token.

Parameters

NameTypeRequiredDescription
p_tenant_idstringRequiredTenant ID
p_namestringRequiredHuman-readable name for the API key

Request Body

interface CreateApiKeyRequest {
  p_tenant_id: string
  p_name: string
}
Example
{
  "p_tenant_id": "tenant-123",
  "p_name": "Production API Key"
}

Responses

200Created API key with full key value
{
  "key_id": "uuid",
  "tenant_id": "tenant-123",
  "name": "Production API Key",
  "key_prefix": "ll_abc123",
  "key_value": "ll_abc123def456ghi789jkl012mno345pqr678stu901vwx234yz",
  "created_at": "2025-01-15T10:00:00Z",
  "status": "active"
}
400Invalid API key name
POST
/rest/v1/rpc/revoke_api_key
Revoke an API key. Revoked keys cannot be used for authentication.

Authentication

Requires JWT token (Bearer token). Tenant ID is extracted from the JWT token.

Parameters

NameTypeRequiredDescription
p_tenant_idstringRequiredTenant ID
p_key_idstring (UUID)RequiredAPI key ID

Request Body

interface RevokeApiKeyRequest {
  p_tenant_id: string
  p_key_id: string
}
Example
{
  "p_tenant_id": "tenant-123",
  "p_key_id": "uuid"
}

Responses

200Successfully revoked
404API key not found
POST
/rest/v1/rpc/get_api_key_usage
Get usage statistics for an API key.

Authentication

Requires JWT token (Bearer token). Tenant ID is extracted from the JWT token.

Parameters

NameTypeRequiredDescription
p_tenant_idstringRequiredTenant ID
p_key_idstring (UUID)RequiredAPI key ID

Responses

200API key usage statistics
{
  "key_id": "uuid",
  "name": "Production API Key",
  "created_at": "2025-01-15T10:00:00Z",
  "last_used_at": "2025-01-15T12:00:00Z",
  "days_since_creation": 5,
  "days_since_last_use": 0
}
404API key not found

Security Best Practices

  • Store API keys securely in environment variables
  • Never commit API keys to version control
  • Use different keys for different environments (development, staging, production)
  • Rotate keys regularly
  • Revoke keys immediately if compromised
  • Monitor key usage through the usage endpoint