Syntext DOCS
Get Started
API Create API Key
POST/v1/projects/{projectId}/api-keys

Create API Key

Create a new API key. The full key is returned only once, in this response — store it securely. Only a SHA-256 hash is persisted server-side.

Path Parameters

The project ID.

Request Body

A descriptive name (1–100 chars), e.g. "CI deploy key".

One of full, build, or read.

Optional expiry, 1–365 days. Omit for a non-expiring key.

Example

curl -X POST https://api.syntext.dev/v1/projects/prj_abc123/api-keys \
-H "Authorization: Bearer stx_abc12345_..." \
-H "Content-Type: application/json" \
-d '{
"name": "CI deploy key",
"scope": "build",
"expiresInDays": 90
}'
const key = await client.apiKeys.create('prj_abc123', {
name: 'CI deploy key',
scope: 'build',
expiresInDays: 90,
})

Response — 201 Created

{
  "data": {
    "id": "key_789",
    "name": "CI deploy key",
    "key": "stx_a1b2c3d4_9XyZ...fullKeyShownOnlyOnce",
    "prefix": "stx_a1b2c3d4",
    "scope": "build",
    "expiresAt": "2026-10-01T10:00:00Z",
    "createdAt": "2026-07-03T10:00:00Z"
  }
}

The key field is only returned at creation (and on rotation). If you lose it, rotate the key — it cannot be retrieved.

Key Format

Keys look like stx_{8-char prefix}_{secret}. The prefix is safe to display and log; the full key is a secret.

Assistant
Responses are generated using AI and may contain mistakes.

Ask me anything about the documentation.

ESC