> ## Documentation Index
> Fetch the complete documentation index at: https://docs.px0.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Create an API Key

> Generates a new programmatic API key for accessing authorized resources.
The full, secret API key is returned ONLY once in this response and cannot be recovered later.




## OpenAPI

````yaml /openapi.yaml post /v1/api-keys
openapi: 3.1.0
info:
  title: px0 API
  description: >
    px[0] is an open-source prompt infrastructure toolkit for managing prompts
    in production. It replaces hardcoded prompt strings with versioned
    templates, in-process caching, and OpenTelemetry observability, so teams can
    iterate on prompts without touching application code. This is the OpenAPI
    specification for all the public APIs of px0.
  version: 1.0.0
servers:
  - url: http://localhost:3000
    description: Local development server
security: []
paths:
  /v1/api-keys:
    post:
      tags:
        - API Keys
      summary: Create an API Key
      description: >
        Generates a new programmatic API key for accessing authorized resources.

        The full, secret API key is returned ONLY once in this response and
        cannot be recovered later.
      operationId: createAPIKey
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateAPIKeyRequest'
      responses:
        '201':
          description: API key created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIKeyCreatedResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
        '500':
          description: Internal Server Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/APIError'
      security:
        - BearerAuth: []
components:
  schemas:
    CreateAPIKeyRequest:
      type: object
      properties:
        name:
          type: string
          description: Descriptive name for the key.
          example: ci-pipeline
        org_id:
          type: string
          format: uuid
        team_ids:
          type: array
          items:
            type: string
            format: uuid
        operation:
          type: string
          enum:
            - read_render
            - all
            - admin
          default: read_render
      required:
        - name
        - org_id
    APIKeyCreatedResponse:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Unique API Key identifier.
        name:
          type: string
          description: Human-readable name of the key.
        key:
          type: string
          description: >-
            The fully generated secure raw API Key string. This is returned ONLY
            ONCE.
          example: ak_7f9ba3271cf881309d9be8c9c0fcae47a95b8d29c3f0b2da8e89cf21e5c3df01
        operation:
          type: string
        created_at:
          type: string
          format: date-time
          description: Timestamp of creation.
      required:
        - id
        - name
        - key
        - operation
        - created_at
    APIError:
      type: object
      properties:
        error:
          type: string
          example: invalid credentials
      required:
        - error
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: >-
        Use an access token retrieved from login (Bearer sess_...) or a
        programmatic API key (Bearer ak_...).

````