> ## Documentation Index
> Fetch the complete documentation index at: https://docs.yativo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create API Key

> Generate a new API key and secret for programmatic access

<ParamField header="Authorization" type="string" required>
  Bearer token: `Bearer YOUR_ACCESS_TOKEN`
</ParamField>

<ParamField body="name" type="string" required>
  A human-readable label for this key (e.g. `"Production Backend"`, `"Staging Integration"`).
</ParamField>

<ParamField body="permissions" type="array">
  List of permission scopes. Omit to grant all scopes. Available values: `transactions:read`, `transactions:write`, `accounts:read`, `accounts:write`, `webhooks:manage`, `analytics:read`
</ParamField>

<ParamField body="expires_at" type="string">
  Optional expiry timestamp (ISO 8601). The key will be automatically revoked after this time.
</ParamField>

<Warning>
  The `api_secret` is returned **only once** at creation. Store it securely — it cannot be retrieved again. If lost, revoke the key and create a new one.
</Warning>

<Note>
  **Using your API key:** After generating a key, call `POST /auth/token` with your `api_key` and `api_secret` to generate a Bearer token. Bearer tokens expire in 60 minutes — refresh as needed. API keys themselves never expire unless you set `expires_at` at creation time.
</Note>

<Accordion title="Request/Response Type Definitions">
  ```typescript theme={null}
  interface CreateApiKeyRequest {
    name: string;
    permissions?: string[];
    expires_at?: string;
  }

  interface CreateApiKeyResponse {
    status: "success";
    data: {
      key_id: string;
      api_key: string;     // Public key — safe to reference in logs
      api_secret: string;  // Secret — shown ONCE, store securely
      name: string;
      permissions: string[];
      expires_at: string | null;
      created_at: string;
    };
  }
  ```
</Accordion>

<RequestExample>
  ```bash cURL theme={null}
  curl -X POST 'https://crypto-api.yativo.com/api/v1/apikey/generate' \
    -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
    -H 'Content-Type: application/json' \
    -d '{
      "name": "Production Backend",
      "permissions": ["transactions:read", "transactions:write", "accounts:read"]
    }'
  ```
</RequestExample>

<ResponseExample>
  ```json Success theme={null}
  {
    "success": true,
    "message": "API key generated successfully",
    "warning": "Save the API Secret securely. It will not be shown again!",
    "data": {
      "api_key": "yativo_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      "api_secret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      "key_name": "Production API Key",
      "scopes": ["read", "write", "transactions"],
      "expires_at": null,
      "rate_limit": {
        "requests_per_minute": 60,
        "requests_per_hour": 3000,
        "requests_per_day": 50000
      },
      "token_expiry_minutes": 60
    }
  }
  ```
</ResponseExample>
