SecureAgentMail

Create API key

Creates a new API key with the specified name and scopes. The full key value is returned **only once** in the response; subsequent requests will only show the `key_prefix`.

POST
/api_keys

Authorization

BearerAuth
AuthorizationBearer <token>

API key passed as a Bearer token. Production keys start with am_live_ and sandbox keys start with am_test_.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://secureagentmail.com/api/v1/api_keys" \  -H "Content-Type: application/json" \  -d '{    "name": "Production Backend",    "scopes": [      "inboxes:read",      "inboxes:write",      "messages:read",      "messages:write"    ]  }'
{
  "id": "key_a1b2c3",
  "name": "Production Backend",
  "key": "am_live_sk_abc123def456ghi789",
  "key_prefix": "am_live_sk_abc1...",
  "scopes": [
    "inboxes:read",
    "inboxes:write",
    "messages:read",
    "messages:write"
  ],
  "created_at": "2026-02-25T08:00:00Z"
}
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid or missing API key.",
    "status": 401
  }
}
{
  "error": {
    "code": "forbidden",
    "message": "Your API key does not have the required scope for this operation.",
    "status": 403
  }
}
{
  "error": {
    "code": "validation_error",
    "message": "The 'slug' field is required and must be a valid identifier.",
    "status": 422
  }
}
{
  "error": {
    "code": "rate_limited",
    "message": "Rate limit exceeded. Please retry after 30 seconds.",
    "status": 429
  }
}

List API keys

Returns all API keys for the authenticated account. The full key secret is never included; only the `key_prefix` is shown.

Revoke key

Permanently revokes the API key. Any subsequent requests using this key will receive a 401 Unauthorized response. This action cannot be undone.