Skip to content
Eazip Eazip

API Keys

API keys authenticate requests to the Eazip API. Each key is shown only once at creation — store it securely.

List API Keys

Section titled “List API Keys”
GET /api-keys

Example Request

Section titled “Example Request”
Terminal window
curl https://api.eazip.io/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

Section titled “Response”
{
  "success": true,
  "api_keys": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "name": "Production",
      "created_at": "2025-01-15T10:00:00.000Z",
      "expires_at": null,
      "last_used_at": "2025-01-21T09:30:00.000Z"
    },
    {
      "id": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
      "name": "CI/CD",
      "created_at": "2025-01-10T10:00:00.000Z",
      "expires_at": "2026-01-10T10:00:00.000Z",
      "last_used_at": null
    }
  ]
}

Create API Key

Section titled “Create API Key”
POST /api-keys

Request Body

Section titled “Request Body”
ParameterTypeRequiredDescription
namestringNoA descriptive label for the key. Max 255 characters.
expires_atstringNoISO 8601 datetime after which the key is no longer valid. Must be in the future.

Example Request

Section titled “Example Request”
Terminal window
curl -X POST https://api.eazip.io/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "CI/CD Pipeline",
    "expires_at": "2026-12-31T23:59:59Z"
  }'

Response

Section titled “Response”

HTTP 201 Created

{
  "success": true,
  "api_key": {
    "id": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
    "name": "CI/CD Pipeline",
    "key": "eazip_live_abc123xyz789...",
    "created_at": "2025-01-21T10:00:00.000Z",
    "expires_at": "2026-12-31T23:59:59.000Z",
    "last_used_at": null
  }
}

Revoke API Key

Section titled “Revoke API Key”

Revoke (soft-delete) an API key. This action cannot be undone.

DELETE /api-keys/:id

Example Request

Section titled “Example Request”
Terminal window
curl -X DELETE https://api.eazip.io/api-keys/6ba7b810-9dad-11d1-80b4-00c04fd430c8 \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

Section titled “Response”
{
  "success": true,
  "message": "API key revoked"
}

Error Codes

Section titled “Error Codes”
CodeHTTPDescription
NOT_FOUND404API key not found or belongs to another user

Best Practices

Section titled “Best Practices”
  1. Use descriptive names — label keys by their purpose (e.g. "Production Server", "Local Dev")
  2. Set expiry dates — use expires_at for temporary access or automated rotation
  3. Separate environments — use different keys for development, staging, and production
  4. Monitor last_used_at — revoke keys that have not been used recently
  5. Revoke immediately — if a key is compromised, revoke it right away