API Key Management
3.1. Assign API Key
URL:
/assign-api-keyMethod:
POSTDescription: Assigns a new API key to a user. Admin only.
Authentication: HTTP Basic (Admin credentials)
Request Body:
Content-Type:
application/jsonSchema:
AssignAPIKeyRequest{ "username": "string (3-50 characters, alphanumeric)" }
Responses:
200 OK
{ "message": "API key generated successfully.", "api_key": "op-<user_hash>-<key_hash>" }400 Bad Request
Reason: User already has a valid API key or validation error.
{ "detail": "User already has a valid API key." }404 Not Found
Reason: User does not exist.
{ "detail": "User not found." }500 Internal Server Error
{ "detail": "Failed to store API key." }401 Unauthorized
{ "detail": "Unauthorized" }
3.2. Generate API Key
URL:
/generate-api-keyMethod:
POSTDescription: Generates a new API key for the authenticated user. If the user already has a valid API key, it returns the existing key.
Authentication: HTTP Bearer (User API Key)
Parameters: None
Responses:
200 OK
Or, if an API key already exists:
500 Internal Server Error
401 Unauthorized
3.3. Validate API Key
URL:
/validate-api-keyMethod:
GETDescription: Validates whether a given API key is valid and active.
Authentication: None
Query Parameters:
api_key(string, required): The API key to validate.
Responses:
200 OK
401 Unauthorized
3.4. Revoke API Key
URL:
/revoke-api-keyMethod:
POSTDescription: Revokes an API key. Admins can revoke any API key by providing it in the request body. Regular users can revoke their own API key.
Authentication: HTTP Bearer (Admin API Key or User API Key)
Request Body:
For Admins:
Content-Type:
application/jsonSchema:
For Users:
Body:
None(Revokes their own API key)
Responses:
200 OK
Admin:
User:
400 Bad Request
Reason: Missing API key in the request body (for admins).
404 Not Found
Reason: API key not found or already revoked.
401 Unauthorized
Last updated