Valara

Create an API key

POST
/keys

Mints a new API key and returns the full secret once in key. Only its hash and a display prefix are stored, so the secret is never retrievable again. Session-authenticated (dashboard or CLI) — an API key cannot create keys.

Authorization

sessionAuth
session<token>

A Valara dashboard session cookie (or the CLI device session token). Required by key-management endpoints; an API key cannot manage keys.

In: cookie

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/keys" \  -H "Content-Type: application/json" \  -d '{    "name": "string"  }'
{  "id": "string",  "object": "api_key",  "name": "string",  "prefix": "string",  "scopes": [    "reviews:read"  ],  "last_used_at": "string",  "expires_at": "string",  "revoked_at": "string",  "created_at": "string",  "key": "string"}
{  "error": {    "type": "invalid_request",    "message": "string",    "param": "string",    "request_id": "string"  }}
{  "error": {    "type": "invalid_request",    "message": "string",    "param": "string",    "request_id": "string"  }}
{  "error": {    "type": "invalid_request",    "message": "string",    "param": "string",    "request_id": "string"  }}
{  "error": {    "type": "invalid_request",    "message": "string",    "param": "string",    "request_id": "string"  }}