List API keys

Updated on Dec 15, 2025
Published on Sep 2, 2025

Prev Next

Get

/api_keys

Retrieve a list of all API keys

Security

HTTP

Type bearer

Bearer token authentication. Include the token in the Authorization header: Authorization: Bearer <your-token>

Responses

200

List of API keys retrieved successfully

Headers

Content-Type

string

HTTP response content type

Valid values[ "application/json" ]

Max length255

Exampleapplication/json

X-RateLimit-Limit

integer

Request limit per hour

Minimum1

Maximum10000

Example100

X-RateLimit-Remaining

integer

Remaining requests in current window

Minimum0

Maximum10000

Example49

Access-Control-Allow-Origin

string

CORS header

Valid values[ "*" ]

Max length255

Example*

Expand All

object

meta

object (ResponseMeta)

request_id

string

API request ID

Max length50

Pattern^[A-Za-z0-9_-]+$

data

Array of object (ApiKey)

Max items1000

object

@type

string

Valid values[ "api_key" ]

api_key_id

string

Supermetrics API key ID

Max length50

Pattern^[A-Za-z0-9_-]+$

created_time

string (date-time)

ISO 8601 datetime for when API key was created

Max length50

description

string

Internal API key description

Max length1000

key_type

string

Type of API key

Max length50

key_start

string

First 10 characters from the API key value

Max length50

Pattern^[A-Za-z0-9_-]+$

key_value

string

API key value as plain text, when requested. Defaults to null.

Max length255

Pattern^[A-Za-z0-9_-]+$

scope_names

Array of string

List of permission scopes for the API key

Max items100

string

Max length100

allow_ips

Array of string

List of fixed or CIDR formatted IP addresses allowed to use API key

Max items100

string

Max length255

Pattern^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\/([0-9]|[1-2][0-9]|3[0-2]))?$

is_enabled

boolean

Whether API key is enabled and can be used in requests

behalf_of_user_info

object (User)

@type

string

Valid values[ "user" ]

user_id

string

Supermetrics user ID

Max length50

Pattern^[A-Za-z0-9_-]+$

string (email)

Supermetrics user email

Max length255

401

Unauthorized - invalid or missing authentication

Headers

Content-Type

string

HTTP response content type

Valid values[ "application/json" ]

Max length255

Exampleapplication/json

X-RateLimit-Limit

integer

Request limit per hour

Minimum1

Maximum10000

Example100

X-RateLimit-Remaining

integer

Remaining requests in current window

Minimum0

Maximum10000

Example49

Access-Control-Allow-Origin

string

CORS header

Valid values[ "*" ]

Max length255

Example*

Expand All

object

meta

object (ResponseMeta)

request_id

string

API request ID

Max length50

Pattern^[A-Za-z0-9_-]+$

error

object (Error)

code

string

Error code

Max length100

ExampleACCESS_TOKEN_INVALID

message

string

Error message

Max length255

ExampleInvalid Access Token

description

string

Error description

Max length255

ExampleProvided access token is either missing, invalid or expired.

422

Unprocessable Entity - request validation failed

Headers

Content-Type

string

HTTP response content type

Valid values[ "application/json" ]

Max length255

Exampleapplication/json

X-RateLimit-Limit

integer

Request limit per hour

Minimum1

Maximum10000

Example100

X-RateLimit-Remaining

integer

Remaining requests in current window

Minimum0

Maximum10000

Example49

Access-Control-Allow-Origin

string

CORS header

Valid values[ "*" ]

Max length255

Example*

Expand All

object

meta

object (ResponseMeta)

request_id

string

API request ID

Max length50

Pattern^[A-Za-z0-9_-]+$

error

object (Error)

code

string

Error code

Max length100

ExampleACCESS_TOKEN_INVALID

message

string

Error message

Max length255

ExampleInvalid Access Token

description

string

Error description

Max length255

ExampleProvided access token is either missing, invalid or expired.

429

Too Many Requests - rate limit exceeded

Headers

Content-Type

string

HTTP response content type

Valid values[ "application/json" ]

Max length255

Exampleapplication/json

X-RateLimit-Limit

integer

Request limit per hour

Minimum1

Maximum10000

Example100

X-RateLimit-Remaining

integer

Remaining requests in current window

Minimum0

Maximum10000

Example49

Retry-After

integer

Number of seconds to wait before making another request

Minimum1

Maximum3600

Access-Control-Allow-Origin

string

CORS header

Valid values[ "*" ]

Max length255

Example*

Expand All

object

meta

object (ResponseMeta)

request_id

string

API request ID

Max length50

Pattern^[A-Za-z0-9_-]+$

error

object (Error)

code

string

Error code

Max length100

ExampleACCESS_TOKEN_INVALID

message

string

Error message

Max length255

ExampleInvalid Access Token

description

string

Error description

Max length255

ExampleProvided access token is either missing, invalid or expired.

500

Internal Server Error - unexpected server error

Headers

Content-Type

string

HTTP response content type

Valid values[ "application/json" ]

Max length255

Exampleapplication/json

X-RateLimit-Limit

integer

Request limit per hour

Minimum1

Maximum10000

Example100

X-RateLimit-Remaining

integer

Remaining requests in current window

Minimum0

Maximum10000

Example49

Access-Control-Allow-Origin

string

CORS header

Valid values[ "*" ]

Max length255

Example*

Expand All

object

meta

object (ResponseMeta)

request_id

string

API request ID

Max length50

Pattern^[A-Za-z0-9_-]+$

error

object (Error)

code

string

Error code

Max length100

ExampleACCESS_TOKEN_INVALID

message

string

Error message

Max length255

ExampleInvalid Access Token

description

string

Error description

Max length255

ExampleProvided access token is either missing, invalid or expired.

Was this article helpful?