Create API key
Generates a new API key for the environment. The response includes the plaintextKey which is shown only once — store it securely. The key is hashed with SHA-256 before storage and cannot be retrieved later. Optionally set an expiresAt timestamp for automatic expiry.
In: header
Response Body
curl -X POST "https://loading/v1/manage/workspaces/{workspaceId}/environments/{environmentId}/api-keys"List API keys GET
Returns all API keys for the environment. Each key shows its name, prefix, suffix (last 4 characters), enabled state, and last-used timestamp. The full plaintext key is only available at creation time.
Revoke API key POST
Disables the API key so it can no longer be used for authentication. The key record is preserved for audit purposes. This endpoint is idempotent — revoking an already-revoked key returns success. Returns 409 if the key is already in a revoked state.