Mint a project API key
Mint a new ck_live_… project API key for a project owned by the
authenticated account, for use against the project-scoped API
(/v1/templates, /v1/renders, /v1/signatures, embed). This never
mints an account key (ck_acct_…) — the account key itself is issued
only from the dashboard (Account → API keys). The plaintext key
is returned exactly once; only its SHA-256 hash is stored.
Authorizations
Account API key (ck_acct_…) presented as a bearer token. Distinct
credential system from bearerApiKey — validated against a separate
table, never against project keys or vice versa. Scoped to every
project owned by the account; used only by the /v1/projects*
endpoints below (each of which declares this scheme explicitly and
does not inherit the document-level bearerApiKey default). Minted
from the dashboard (Account → API keys) — there is no
programmatic endpoint that issues an account key.
Path Parameters
The project id.
Body
Defaults to "API key" when omitted.
1 - 200Response
Project key minted.
Response for POST /v1/projects/{id}/keys. key is the plaintext ck_live_… value — shown exactly once, never recoverable afterwards.
Defaults to "API key" when no name was supplied at mint time.
Public-facing prefix (e.g. ck_live_aBcDe), safe to display after creation.
Plaintext project API key. Store it now — it cannot be shown again.