Skip to main content
POST
/
v1
/
projects
/
{id}
/
keys
Mint a project API key
curl --request POST \
  --url https://api.craftkit.dev/v1/projects/{id}/keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Render service (prod)"
}
'
{
  "id": "9c8b7a6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
  "projectId": "3f9b6c2e-1a2b-4c3d-9e8f-7a6b5c4d3e2f",
  "name": "Render service (prod)",
  "prefix": "ck_live_aBcDe",
  "key": "ck_live_aBcDeFgHiJkLmNoPqRsTuVwXyZ012345",
  "createdAt": "2026-07-02T00:00:00.000Z"
}

Authorizations

Authorization
string
header
required

Account API key (ck_acct_…) presented as a bearer token. Distinct credential system from bearerApiKey — validated against a separate table, never against project keys or vice versa. Scoped to every project owned by the account; used only by the /v1/projects* endpoints below (each of which declares this scheme explicitly and does not inherit the document-level bearerApiKey default). Minted from the dashboard (Account → API keys) — there is no programmatic endpoint that issues an account key.

Path Parameters

id
string<uuid>
required

The project id.

Body

application/json
name
string

Defaults to "API key" when omitted.

Required string length: 1 - 200

Response

Project key minted.

Response for POST /v1/projects/{id}/keys. key is the plaintext ck_live_… value — shown exactly once, never recoverable afterwards.

id
string<uuid>
required
projectId
string<uuid>
required
name
string
required

Defaults to "API key" when no name was supplied at mint time.

prefix
string
required

Public-facing prefix (e.g. ck_live_aBcDe), safe to display after creation.

key
string
required

Plaintext project API key. Store it now — it cannot be shown again.

createdAt
string<date-time>
required