Openapi
Revoke API key
Disables the API key so it can no longer be used for authentication. The key record is preserved for audit purposes. This endpoint is idempotent — revoking an already-revoked key returns success. Returns 409 if the key is already in a revoked state.
Authorization<token>
In: header
Response Body
curl -X POST "https://loading/v1/manage/workspaces/{workspaceId}/environments/{environmentId}/api-keys/{apiKeyId}/revoke"Empty
Create API key POST
Generates a new API key for the environment. The response includes the `plaintextKey` which is shown only once — store it securely. The key is hashed with SHA-256 before storage and cannot be retrieved later. Optionally set an `expiresAt` timestamp for automatic expiry.
Delete API key DELETE
Permanently removes the API key record. Any requests using this key will immediately receive 401 responses. This action is irreversible and idempotent.