Create an API key
The plaintext key is returned exactly once and cannot be retrieved later. mode is independent of the key you authenticate with, so a test key may mint a live key.
Authorizations
API key: Authorization: Bearer sk_test_... or sk_live_....
Headers
Pin a dated API release (Stripe-style). Omit to use the current version. An unknown value returns 400 request.invalid_version. Echoed back on every response.
"2026-07-10"
Connect: act on behalf of one of your connected accounts (its acct_…/org_… id). Omit to act as your own organization. Not honored on /v1/api_keys.
"org_2P9connectedacct"
Safely retry any POST. The first response is stored for 24h and replayed byte-for-byte for identical retries (the replay adds an idempotent-replayed: true header). Reusing the key with a different body is 409 idempotency.key_reuse; an in-flight duplicate is 409 idempotency.key_processing. This makes retrying a 502/429 safe — no duplicate stamp.
"a1b2c3d4-e5f6-4789-8abc-1234567890ab"
Body
Response
Default Response
Always "api_key".
api_key API-key id, e.g. "ak_2P9K3sample".
Human label, or null if unset.
Environment this key stamps against: "test" or "live".
test, live Non-secret key prefix, e.g. "sk_live_ab12".
Plaintext secret, e.g. "sk_live_…" — shown exactly once. Store it now; it cannot be retrieved again.
Creation timestamp, ISO-8601 UTC.
Always null on creation.
Pinned dated API version, or null.