Create an API key for a tenant
POST
/v1/admin/api-keys
Provisions a new API key bound to a tenant. This is the only time the full key secret is returned. Store it securely.
KEY FORMAT: - Prefix: cyc_live_{random} or cyc_test_{random} - Random part: 32 characters, cryptographically random - Stored as: bcrypt hash of full key
PERMISSIONS: - Default for tenant keys: [reservations:, balances:read] - Admin keys: [admin:, reservations:, balances:] - Can be restricted to specific scopes via scope_filter
EXPIRY: - Recommended: 90 days for security - Can be set indefinitely but not recommended - Expired keys auto-fail validation
Authorizations
AdminKeyAuth
Administrative API key with full system access
Type
API Key (header: X-Admin-API-Key)
Request Body
application/json
JSON "tenant_id": "string", "name": "string", "description": "string", "permissions": [ "string" ], "scope_filter": [ "string" ], "expires_at": "string", "metadata": { }
{
}
Responses
API key created
application/json
JSON "key_id": "string", "key_secret": "string", "key_prefix": "string", "tenant_id": "string", "permissions": [ "string" ], "created_at": "string", "expires_at": "string"
{
}