List API Keys
Retrieve all API keys for the current organization. Note that the actual key secrets are never returned after initial creation.
Request
GET /api-keys
Authentication
Requires an Admin Bearer JWT token.
Authorization: Bearer <access_token>
Query Parameters
None.
Response
Returns an array of API key objects.
Success Response
Status Code: 200 OK
Response Body:
[
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "CI/CD Pipeline Key",
"description": "API key for automated deployments",
"keyPrefix": "egk_live_abc123",
"scopes": ["sessions:read", "sessions:write"],
"isRevoked": false,
"revokedAt": null,
"expiresAt": "2026-12-31T23:59:59Z",
"lastUsedAt": "2026-02-15T10:30:00Z",
"lastUsedIp": "203.0.113.42",
"createdByEmail": "[email protected]",
"createdAt": "2026-01-01T00:00:00Z"
}
]
Response Fields
| Field | Type | Description |
|---|---|---|
id | UUID | Unique identifier for the API key |
name | string | Human-readable name for the key |
description | string | Optional description |
keyPrefix | string | First few characters of the key for identification |
scopes | string[] | Array of permission scopes granted to this key |
isRevoked | boolean | Whether the key has been revoked |
revokedAt | string | ISO timestamp of revocation (null if not revoked) |
expiresAt | string | ISO timestamp when key expires (null if no expiration) |
lastUsedAt | string | ISO timestamp of last usage (null if never used) |
lastUsedIp | string | IP address of last usage (null if never used) |
createdByEmail | string | Email of the user who created the key |
createdAt | string | ISO timestamp of creation |
Errors
| Status Code | Error Code | Description |
|---|---|---|
401 | UNAUTHORIZED | Missing or invalid JWT token |
403 | FORBIDDEN | User does not have admin privileges |
Example
Request
curl -X GET https://api.entryguard.io/api/v1/api-keys \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Response
[
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "CI/CD Pipeline Key",
"description": "API key for automated deployments",
"keyPrefix": "egk_live_abc123",
"scopes": ["sessions:read", "sessions:write"],
"isRevoked": false,
"revokedAt": null,
"expiresAt": "2026-12-31T23:59:59Z",
"lastUsedAt": "2026-02-15T10:30:00Z",
"lastUsedIp": "203.0.113.42",
"createdByEmail": "[email protected]",
"createdAt": "2026-01-01T00:00:00Z"
},
{
"id": "660e8400-e29b-41d4-a716-446655440001",
"name": "Monitoring Service",
"description": "Read-only key for monitoring dashboard",
"keyPrefix": "egk_live_def456",
"scopes": ["sessions:read", "resources:read", "audit:read"],
"isRevoked": false,
"revokedAt": null,
"expiresAt": null,
"lastUsedAt": null,
"lastUsedIp": null,
"createdByEmail": "[email protected]",
"createdAt": "2026-02-01T12:00:00Z"
}
]