Skip to content

API Keys

POST /v1/api-keys

Create a new API key.

curl -X POST https://api.noctuary.io/v1/api-keys \
  -H "Authorization: Bearer noc_ro_your_key" \
  -H "Content-Type: application/json" \
  -d '{"key_type": "ingest"}'

Response: 201 Created

{
  "id": "72a61fcd-e752-4d0d-91d4-bbf1dd5687c4",
  "key": "noc_ingest_Ahus1HKe7zvPk4ny4R5NtH3vteECcyZJCsf7wystWdTy",
  "prefix": "noc_ingest_A",
  "key_type": "ingest",
  "created_at": "2026-05-31T11:58:25Z"
}

Danger

The key value is returned only at creation time. It is not stored in plaintext and cannot be retrieved again. Copy it immediately.

Request body

Field Values Description
key_type ingest or readonly Type of key to create

GET /v1/api-keys

List all active (non-revoked) API keys.

curl https://api.noctuary.io/v1/api-keys \
  -H "Authorization: Bearer noc_ro_your_key"

Response: 200 OK

[
  {
    "id": "72a61fcd-...",
    "tenant_id": "5f0bfa6c-...",
    "prefix": "noc_ingest_A",
    "key_type": "ingest",
    "created_at": "2026-05-31T11:58:25Z",
    "last_used_at": "2026-05-31T12:02:23Z",
    "revoked_at": null
  }
]

The full key value is not returned. Only the prefix (first 12 characters) is shown so you can identify keys.

DELETE /v1/api-keys/{id}

Revoke an API key. Takes effect immediately.

curl -X DELETE https://api.noctuary.io/v1/api-keys/{id} \
  -H "Authorization: Bearer noc_ro_your_key"

Response: 204 No Content

Warning

Any agent or service using the revoked key will immediately start receiving 401 Unauthorized responses. Create and distribute a replacement key before revoking.