Skip to main content
POST
/
v1
/
developer
/
keys
CreateApiKey
curl --request POST \
  --url https://sdk.anghami.com/v1/developer/keys \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "scopes": [
    "<string>"
  ]
}
'
{
  "apiKey": {
    "id": "<string>",
    "name": "<string>",
    "keyPrefix": "<string>",
    "scopes": [
      "<string>"
    ],
    "createdAt": "<string>",
    "lastUsedAt": "<string>",
    "expiresAt": "<string>"
  },
  "secret": "<string>"
}

Headers

Authorization
string
required

OAuth 2.0 Bearer token. Required for all key management operations. Format: Bearer <access_token>.

Example:

"Bearer eyJhbGciOiJSUzI1NiIs..."

Body

application/json

CreateApiKeyRequest is the request message for creating a new API key.

name
string
required

Developer-assigned label for the key (e.g. "Production", "Staging").

Required string length: 1 - 100
scopes
string[]
Minimum array length: 1

Permission scopes to grant to this key (e.g. "read", "stream"). At least one scope is required.

Response

Successful response

CreateApiKeyResponse is the response message containing the newly created API key. This is the only time the full secret is returned.

apiKey
object

ApiKey represents a developer API key used for server-to-server authentication. API keys are passed in the x-api-key HTTP header and are billed per key. The full secret is only returned on creation and rotation.

secret
string

The full API key secret. This is the value to pass in the x-api-key header. Store it securely — it is only returned on creation and rotation.