Create an API key

curl --request POST \
  --url https://api.questra.ai/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-Org-Id: <x-org-id>' \
  --data '
{
  "name": "Production Integration",
  "expires_at": "2026-01-15T12:00:00Z"
}
'

{
  "id": "ak_2xyzABC123",
  "name": "Production Integration",
  "created_at": "2025-01-15T12:00:00Z",
  "expires_at": "2026-01-15T12:00:00Z",
  "revoked": false,
  "expired": false,
  "last_used_at": "2025-06-01T09:30:00Z",
  "secret": "sk_live_abc123..."
}

POST

api-keys

Create an API key

curl --request POST \
  --url https://api.questra.ai/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-Org-Id: <x-org-id>' \
  --data '
{
  "name": "Production Integration",
  "expires_at": "2026-01-15T12:00:00Z"
}
'

{
  "id": "ak_2xyzABC123",
  "name": "Production Integration",
  "created_at": "2025-01-15T12:00:00Z",
  "expires_at": "2026-01-15T12:00:00Z",
  "revoked": false,
  "expired": false,
  "last_used_at": "2025-06-01T09:30:00Z",
  "secret": "sk_live_abc123..."
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

X-Org-Id

string

required

The ID of the organization to make requests against. Found on your Settings page.

Body

application/json

Body for creating a new API key.

name

string

required

A descriptive label for the key — e.g. the application or environment it will be used in.

Minimum string length: 1

Example:

"Production Integration"

expires_at

string<date-time>

ISO 8601 datetime at which the key should expire. Must be in the future. Omit to create a non-expiring key.

Example:

"2026-01-15T12:00:00Z"

Response

The newly created API key, including its secret.

An API key belonging to the authenticated user.

string

required

Unique identifier for the API key.

Example:

"ak_2xyzABC123"

name

string

required

The human-readable label you assigned to the key.

Example:

"Production Integration"

created_at

string<date-time>

required

ISO 8601 timestamp of when the key was created.

Example:

"2025-01-15T12:00:00Z"

expires_at

string<date-time> | null

required

ISO 8601 timestamp of when the key expires, or null if it never expires.

Example:

"2026-01-15T12:00:00Z"

revoked

boolean

required

Whether the key has been manually revoked. Revoked keys cannot authenticate requests.

Example:

false

expired

boolean

required

Whether the key has passed its expires_at date.

Example:

false

last_used_at

string<date-time> | null

required

ISO 8601 timestamp of the most recent request authenticated with this key, or null if it has never been used.

Example:

"2025-06-01T09:30:00Z"

secret

string

The raw secret value. Only returned when the key is first created — it cannot be retrieved again. Store it somewhere safe immediately.

Example:

"sk_live_abc123..."

List API keys

Revoke an API key

Overview

Integrations

Webhooks

Surveys

Pages

Blocks

Navigation Rules

Variables

Files

Agent

Webhooks

Exports

API Keys

Payment

Create an API key

Authorizations

Headers

Body

Response