This is a development version of the documentation. Content may change without notice.
Voke Documentation
ReferenceREST API

Api keys

Partner API key management

List org API keys

GET
/api/v1/api-keys

Response Body

application/json

application/json

application/json

application/json

curl -X GET "https://loading/api/v1/api-keys"
{
  "keys": [
    {
      "allowedIps": [
        "203.0.113.5/32"
      ],
      "createdAt": "2019-08-24T14:15:22Z",
      "expiresAt": "2019-08-24T14:15:22Z",
      "id": "string",
      "keyPrefix": "string",
      "lastUsedAt": "2019-08-24T14:15:22Z",
      "name": "string",
      "revokedAt": "2019-08-24T14:15:22Z",
      "scopes": [
        "string"
      ]
    }
  ]
}
{
  "code": "UNAUTHORIZED",
  "details": {},
  "error": "Unauthorized",
  "message": "Unauthorized",
  "statusCode": 400
}
{
  "code": "FORBIDDEN",
  "details": {},
  "error": "Forbidden",
  "message": "Forbidden",
  "statusCode": 400
}
{
  "code": "INTERNAL_SERVER_ERROR",
  "details": {},
  "error": "Internal Server Error",
  "message": "Internal server error",
  "statusCode": 400
}

Create an org API key (returns plaintext once)

POST
/api/v1/api-keys

Request Body

application/json

allowedIps?array<>Deprecated

CIDR allowlist. NOT YET ENFORCED — the API rejects any non-empty value with API_KEY_CIDR_NOT_IMPLEMENTED until the request-time guard ships. See pen-test 2026-05-03 H-Crypto-5.

expiresAt?|
Formatdate-time
name*string
Length1 <= length <= 80
scopes*array<>

Scopes from ApiKeyScope enum

Items1 <= items

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://loading/api/v1/api-keys" \  -H "Content-Type: application/json" \  -d '{    "name": "string",    "scopes": [      "string"    ]  }'
{
  "apiKey": {
    "allowedIps": [
      "203.0.113.5/32"
    ],
    "createdAt": "2019-08-24T14:15:22Z",
    "expiresAt": "2019-08-24T14:15:22Z",
    "id": "string",
    "keyPrefix": "string",
    "lastUsedAt": "2019-08-24T14:15:22Z",
    "name": "string",
    "revokedAt": "2019-08-24T14:15:22Z",
    "scopes": [
      "string"
    ]
  },
  "plaintextKey": "string"
}
{
  "code": "VALIDATION_ERROR",
  "details": {},
  "error": "Bad Request",
  "message": "Validation error or invalid scopes",
  "statusCode": 400
}
{
  "code": "UNAUTHORIZED",
  "details": {},
  "error": "Unauthorized",
  "message": "Unauthorized",
  "statusCode": 400
}
{
  "code": "FORBIDDEN",
  "details": {},
  "error": "Forbidden",
  "message": "Forbidden",
  "statusCode": 400
}
{
  "code": "INTERNAL_SERVER_ERROR",
  "details": {},
  "error": "Internal Server Error",
  "message": "Internal server error",
  "statusCode": 400
}

Revoke an org API key

DELETE
/api/v1/api-keys/{id}

Path Parameters

id*string

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X DELETE "https://loading/api/v1/api-keys/string"
Empty
{
  "code": "INVALID_UUID",
  "details": {},
  "error": "Bad Request",
  "message": "Invalid UUID",
  "statusCode": 400
}
{
  "code": "UNAUTHORIZED",
  "details": {},
  "error": "Unauthorized",
  "message": "Unauthorized",
  "statusCode": 400
}
{
  "code": "FORBIDDEN",
  "details": {},
  "error": "Forbidden",
  "message": "Forbidden",
  "statusCode": 400
}
{
  "code": "API_KEY_NOT_FOUND",
  "details": {},
  "error": "Not Found",
  "message": "Key not found",
  "statusCode": 400
}
{
  "code": "INTERNAL_SERVER_ERROR",
  "details": {},
  "error": "Internal Server Error",
  "message": "Internal server error",
  "statusCode": 400
}

Alerts

Alerts and alarms

Audit

Audit log inspection