Create API Key via API
This method allows you to create a new API key for the currently authenticated user.
Tip: You can explore and test this endpoint interactively using our OpenAPI documentation.
URL
/security/api_keys
HTTP Method
POST
Supported Parameters
All parameters are wrapped in an api_key key.
description- A description for the API key to help identify its purpose (optional)read_only- Whentrue, the key may only call read endpoints; any write request (creating deployments, editing projects, changing account settings, and so on) is rejected. Defaults tofalse(full access). (optional)
Example cURL Request
curl -H "Content-type: application/json" \
-H "Accept: application/json" \
--user adam@atechmedia.com:my-api-key \
-X POST \
-d '{ \
"api_key": { \
"description": "CI/CD Pipeline Key", \
"read_only": true \
} \
}' \
https://test.deployhq.com/security/api_keys
Example Response
{
"api_key": "abc123def456ghi789jkl012mno345pqr678stu901",
"identifier": "b2c3d4e5-6f78-9012-abcd-ef3456789012",
"description": "CI/CD Pipeline Key",
"user_id": 12345,
"device": null,
"read_only": true
}
Notes
- The full
api_keyvalue is only shown once in the response when the key is created - Make sure to copy and securely store the key immediately after creation
- If you lose the key value, you will need to revoke it and create a new one
- You can create multiple API keys with different descriptions to track usage across different integrations
- A read-only key is useful for integrations that only need to read data, such as monitoring or reporting tools. If a read-only key attempts a write, the API responds with
403 Forbiddenand anapi_key_read_onlyerror code - A key's read-only setting is fixed when it is created and cannot be changed afterwards. To switch between read-only and full access, revoke the key and create a new one