Create API Key
Create a new API key scoped to your workspace.
name and, optionally, an expires_at timestamp. The key’s raw secret — the
value you send as a bearer token — is returned only in this response, so
capture it immediately.
The returned token is a 64-character hexadecimal string. Use it on every
subsequent request as Authorization: Bearer <token>.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
Human-readable label for the key, shown in the dashboard alongside its usage metrics. Required and must be non-empty (a blank name is rejected with 400). Labels do not need to be unique.
"production-pipeline"
Optional expiry, as an RFC 3339 / ISO 8601 timestamp. Once this moment passes the key stops authenticating and requests made with it receive 401. Omit the field to create a key that never expires.
"2026-12-31T23:59:59Z"
Response
API key created. The token field is present only in this response.
Returned only by Create. The same fields as an API key, plus the one-time raw token.
Unique identifier for the new key (a UUID).
"9b7e2c1a-4f3d-4a2b-8c1e-2d6f5a0b7c34"
The label you supplied.
"production-pipeline"
The raw API key — a 64-character hexadecimal string. Send it as a bearer token on every request (Authorization: Bearer <token>). Returned only in this response; Byteport stores only a hash, so it cannot be recovered later.
"7f3a9c1eb2d48056e1a7c93f0d6b8254aa31ff90c4e27b156d8e0fa39b21c7d4"
The expiry you supplied, echoed back. Omitted if the key never expires.
"2026-12-31T23:59:59Z"

