Reference / Governance

mint an API key inheriting the account's scopes (secret shown once).

POST /v1/service-accounts/{id}/keys
Secret API key operationId: issue_service_account_key

Authorization

Server-to-server. Send a secret key as a Bearer token plus the x-application-id header.

Path parameters

  • id string<uuid> required

    Service account id

Request body · required

  • expires_in_days integer<int64> int64

Responses

201 Key minted
422 Disabled account

Request

curl -X POST "http://localhost:8080/v1/service-accounts/018f3c4a-7b2e-7c1d-9e0a-1f2b3c4d5e6f/keys" \
  -H "Content-Type: application/json" \
  -d '{
  "expires_in_days": 0
}'

Try it

live request
POST http://localhost:8080/v1/service-accounts/018f3c4a-7b2e-7c1d-9e0a-1f2b3c4d5e6f/keys

Path parameters

Request body

application/json