Aether

A P I Keys

Create, list, and revoke API keys for authenticating with the Aether REST API. Supports scoped keys and per-profile access restrictions.

GET
/api-keys

Returns all API keys for the organization. Plain-text key values are never returned. Requires full API key scope when using API key authentication (JWT always allowed).

Authorization

ApiKeyAuth
AuthorizationBearer <token>

API key from your Aether dashboard

In: header

Response Body

application/json

application/json

curl -X GET "https://example.com/api-keys"
{  "success": true,  "data": [    {      "id": "string",      "organizationId": "string",      "name": "string",      "scope": "full",      "allowedProfileIds": [        "string"      ],      "keyPrefix": "string",      "lastUsedAt": "2019-08-24T14:15:22Z",      "createdAt": "2019-08-24T14:15:22Z"    }  ]}
{  "success": false,  "error": {    "code": "PROFILE_NOT_FOUND",    "message": "string",    "details": {}  }}
POST
/api-keys

Creates a new API key. Returns the key object with a one-time plainTextKey field. Store this value securely — it is never returned again. Requires full API key scope when using API key authentication (JWT always allowed).

Authorization

ApiKeyAuth
AuthorizationBearer <token>

API key from your Aether dashboard

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

curl -X POST "https://example.com/api-keys" \  -H "Content-Type: application/json" \  -d '{    "name": "Production integration",    "scope": "full"  }'
{  "success": true,  "data": {    "id": "string",    "organizationId": "string",    "name": "string",    "scope": "full",    "allowedProfileIds": [      "string"    ],    "keyPrefix": "string",    "lastUsedAt": "2019-08-24T14:15:22Z",    "createdAt": "2019-08-24T14:15:22Z",    "plainTextKey": "string"  }}
{  "success": false,  "error": {    "code": "PROFILE_NOT_FOUND",    "message": "string",    "details": {}  }}
{  "success": false,  "error": {    "code": "PROFILE_NOT_FOUND",    "message": "string",    "details": {}  }}
DELETE
/api-keys/{keyId}

Permanently revokes the key. Any requests using this key will fail immediately. Requires full API key scope when using API key authentication (JWT always allowed).

Authorization

ApiKeyAuth
AuthorizationBearer <token>

API key from your Aether dashboard

In: header

Path Parameters

keyId*string

Response Body

application/json

application/json

curl -X DELETE "https://example.com/api-keys/string"
Empty
{  "success": false,  "error": {    "code": "PROFILE_NOT_FOUND",    "message": "string",    "details": {}  }}
{  "success": false,  "error": {    "code": "PROFILE_NOT_FOUND",    "message": "string",    "details": {}  }}

On this page