Skip to main content
POST
/
api
/
v1
/
api-keys
curl -X POST "https://api.mielto.com/api/v1/api-keys" \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "label": "Production API Key",
    "status": "active",
    "expires_at": "2025-12-31T23:59:59Z",
    "permissions": ["read", "write"],
    "collections": ["col_123", "col_456"]
  }'

{
  "id": "key_123456789",
  "key": "mk_prod_abc123xyz789",
  "secret": "sk_test_def456uvw012",
  "label": "Production API Key",
  "status": "active",
  "permissions": ["read", "write"],
  "expires_at": "2025-12-31T23:59:59Z",
  "ip_whitelist": null,
  "collections": ["col_123", "col_456"],
  "workspace_id": "wsp_123456789",
  "created_by": "usr_123456789",
  "created_at": "2024-01-15T10:00:00Z",
  "updated_at": "2024-01-15T10:00:00Z"
}

Create API Key

Create a new API key for programmatic access to your workspace. The API key will be used to authenticate API requests.

Headers

Authorization
string
Bearer token for authentication
X-API-Key
string
API key for authentication (alternative to Authorization header)
X-Workspace-Id
string
Optional. Derived from API Key, but can be specified if you have access to multiple workspaces

Request Body

label
string
required
Human-readable label for the API key (1-255 characters)
status
string
default:"active"
API key status (active, inactive)
expires_at
string
API key expiration date (ISO 8601 format)
permissions
array
List of permissions granted to this API key
ip_whitelist
array
List of allowed IP addresses for this API key
collections
array
List of collection IDs this API key can access

Response

id
string
Unique API key identifier
key
string
API key identifier (public part)
secret
string
API key secret (only returned on creation)
label
string
API key label
status
string
API key status
permissions
array
List of permissions
expires_at
string
Expiration date
workspace_id
string
Workspace ID this key belongs to
created_at
string
Creation timestamp
curl -X POST "https://api.mielto.com/api/v1/api-keys" \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "label": "Production API Key",
    "status": "active",
    "expires_at": "2025-12-31T23:59:59Z",
    "permissions": ["read", "write"],
    "collections": ["col_123", "col_456"]
  }'

{
  "id": "key_123456789",
  "key": "mk_prod_abc123xyz789",
  "secret": "sk_test_def456uvw012",
  "label": "Production API Key",
  "status": "active",
  "permissions": ["read", "write"],
  "expires_at": "2025-12-31T23:59:59Z",
  "ip_whitelist": null,
  "collections": ["col_123", "col_456"],
  "workspace_id": "wsp_123456789",
  "created_by": "usr_123456789",
  "created_at": "2024-01-15T10:00:00Z",
  "updated_at": "2024-01-15T10:00:00Z"
}
The secret field is only returned when creating the API key. Store it securely as it cannot be retrieved again via an API call. You can retrieve it from the dashboard.