Create API key API Reference
POST /tenants/{tenant}/apikeys
POST
/tenants/{tenant}/apikeys
Create a new API key for programmatic access. The raw key (prefixed with kupe_) is returned
exactly once in the response — store it securely, as it cannot be retrieved again.
API keys authenticate via the standard Authorization: Bearer header.
Keys can be scoped to admin or readonly roles and optionally set to expire.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” tenant
required
string
Tenant name
Request Body
Section titled “Request Body ”API key configuration
object
displayName
Human-readable name for identifying this key
string
Example
CI/CD Pipeline expiresAt
Optional expiration in RFC3339 format
string
Example
2027-01-01T00:00:00Z role
Role: admin (read-write) or readonly (read-only)
string
Example
adminResponses
Section titled “ Responses ”API key created (includes raw key)
object
createdAt
string
Example
2026-03-15T08:00:00Z createdBy
string
Example
alice@acme.com displayName
string
Example
CI/CD Pipeline id
string
Example
ak-a1b2c3d4 key
string
Example
kupe_a1b2c3d4_dGhpcyBpcyBhIHNhbXBsZSBrZXk role
string
Example
adminValidation error
object
code
string
error
string
field
string
message
string
severity
string
Missing or invalid authentication
object
code
string
error
string
field
string
message
string
severity
string
Admin access required
object
code
string
error
string
field
string
message
string
severity
string
Rate limit exceeded
object
code
string
error
string
field
string
message
string
severity
string