# API Keys

Manage API keys for Partner API authentication. Create keys with optional scopes and expiration, list existing keys, and revoke keys when no longer needed.

**Important:** When you create an API key, the full key value (`plainKey`) is returned only once. Store it securely; it cannot be retrieved later.

## List API Keys

Retrieve all API keys for the partner account.

**Request:**

```
GET /partner/api-keys
```

**Response:**

```json
{
  "apiKeys": [
    {
      "id": "uuid",
      "name": "Production Key",
      "keyPrefix": "pk_live_abc123",
      "scopes": ["read", "write"],
      "status": "active",
      "expiresAt": "2026-01-01T00:00:00Z",
      "lastUsedAt": "2025-02-27T10:30:00Z",
      "createdAt": "2025-01-01T00:00:00Z"
    }
  ]
}
```

**Example:**

```bash
curl -X GET "https://api.app.bullseye.so/api/v1/partner/api-keys" \
  -H "X-Partner-API-Key: your-api-key"
```

***

## Create API Key

Create a new API key. The full key value is returned only in this response.

**Request:**

```
POST /partner/api-keys
```

**Body:**

```json
{
  "name": "Production Key",
  "scopes": ["read", "write"],
  "expiresAt": "2026-01-01T00:00:00Z"
}
```

| Field       | Type      | Required | Description                                                     |
| ----------- | --------- | -------- | --------------------------------------------------------------- |
| `name`      | string    | Yes      | Descriptive name for the key                                    |
| `scopes`    | string\[] | No       | Array of scopes: `read`, `write`, `admin`. Omit for full access |
| `expiresAt` | string    | No       | ISO 8601 expiration date. Omit for no expiration                |

**Response:**

```json
{
  "apiKey": {
    "id": "uuid",
    "name": "Production Key",
    "keyPrefix": "pk_live_abc123",
    "scopes": ["read", "write"],
    "status": "active",
    "expiresAt": "2026-01-01T00:00:00Z",
    "createdAt": "2025-02-27T10:30:00Z"
  },
  "plainKey": "pk_live_abc123def456ghi789..."
}
```

**Important:** Store `plainKey` immediately. It will not be shown again.

**Example:**

```bash
curl -X POST "https://api.app.bullseye.so/api/v1/partner/api-keys" \
  -H "X-Partner-API-Key: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{"name": "Production Key", "scopes": ["read", "write"]}'
```

***

## Revoke API Key

Permanently revoke an API key. Revoked keys cannot be used for authentication.

**Request:**

```
DELETE /partner/api-keys/{keyId}
```

**Parameters:**

| Parameter | Type   | Description                   |
| --------- | ------ | ----------------------------- |
| `keyId`   | string | UUID of the API key to revoke |

**Response:** `204 No Content`

**Example:**

```bash
curl -X DELETE "https://api.app.bullseye.so/api/v1/partner/api-keys/550e8400-e29b-41d4-a716-446655440000" \
  -H "X-Partner-API-Key: your-api-key"
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bullseye.so/partner-api/api-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.