API Keys

API keys authenticate your requests to the SnapshotAI API. Keep your keys secure and never share them publicly. You can create, manage, and revoke API keys programmatically or through the dashboard.

Security Best Practices

• Never commit API keys to version control
• Use environment variables to store keys
• Rotate keys regularly for enhanced security
• Use separate keys for different environments (dev, staging, production)
• Set expiration dates for temporary keys

POST

/v1/keys

Create a new API key for authentication. The full key is only returned once upon creation - store it securely!

Base URL: https://www.snapshotai.dev

Save Your Key Immediately

The complete API key is only shown once in the response. If you lose it, you'll need to create a new key or use the rotate endpoint.

Authentication

This endpoint requires session-based authentication (browser login). Use the dashboard to create keys via UI, or use your session token.

Authorization: Bearer SESSION_TOKEN

Request Body

namestringRequired

A descriptive name for the API key (1-100 characters)

Example: Production Server

expires_atstringOptional

Optional expiration date in ISO 8601 format. Key will be automatically disabled after this date.

Example: 2026-12-31T23:59:59Z

Examples

cURL•bash

curl -X POST https://www.snapshotai.dev/api/v1/keys \
  -H "Authorization: Bearer SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production Server",
    "expires_at": "2026-12-31T23:59:59Z"
  }'

JavaScript•javascript

const response = await fetch('https://www.snapshotai.dev/api/v1/keys', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer SESSION_TOKEN',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    name: 'Production Server',
    expires_at: '2026-12-31T23:59:59Z'
  })
});

const data = await response.json();

// ⚠️ IMPORTANT: Save this key securely - it's only shown once!
console.log('API Key:', data.key);
console.log('Key ID:', data.id);

Success Response

201 Createdapplication/json

{
  "id": "key_abc123xyz",
  "name": "Production Server",
  "key": "sk_live_9Kx7mP2nQ8vL4jR5wT3yH6bN1cD0fG8z",
  "key_prefix": "sk_live_9Kx7",
  "created_at": "2025-11-04T23:45:30.123Z",
  "expires_at": "2026-12-31T23:59:59Z"
}

Key Format

API keys follow the pattern sk_live_ followed by 40 random characters. The key_prefix helps you identify keys without exposing the full value.

GET

/v1/keys

List all your API keys with pagination. The full key value is never returned in list responses for security.

Base URL: https://www.snapshotai.dev

Query Parameters

pagenumberOptional

Page number for pagination

Default: 1

Example: 2

limitnumberOptional

Number of results per page (max 100)

Default: 20

Example: 50

Example

cURL•bash

curl -X GET "https://www.snapshotai.dev/api/v1/keys?page=1&limit=20" \
  -H "Authorization: Bearer SESSION_TOKEN"

Success Response

200 OKapplication/json

{
  "data": [
    {
      "id": "key_abc123xyz",
      "name": "Production Server",
      "key_prefix": "sk_live_9Kx7",
      "is_active": true,
      "created_at": "2025-11-04T23:45:30.123Z",
      "last_used_at": "2025-11-05T10:30:15.456Z",
      "expires_at": "2026-12-31T23:59:59Z"
    },
    {
      "id": "key_def456uvw",
      "name": "Development Testing",
      "key_prefix": "sk_test_2Pn8",
      "is_active": true,
      "created_at": "2025-10-15T14:20:00.789Z",
      "last_used_at": null,
      "expires_at": null
    }
  ],
  "meta": {
    "page": 1,
    "limit": 20,
    "total": 2,
    "pages": 1
  }
}

Key Visibility

Only the key_prefix is shown in list responses. The last_used_at field helps you identify inactive keys.

PUT

/v1/keys/:id

Update an API key's name or enable/disable it. Disabled keys will immediately stop working for authentication.

Base URL: https://www.snapshotai.dev

Path Parameters

idstringRequired

The unique identifier of the API key (starts with key_)

Request Body

namestringOptional

Update the API key name

Example: Updated Production Key

is_activebooleanOptional

Enable or disable the API key

Example: false

Example

cURL - Disable Key•bash

curl -X PUT https://www.snapshotai.dev/api/v1/keys/key_abc123xyz \
  -H "Authorization: Bearer SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "is_active": false
  }'

POST

/v1/keys/:id/rotate

Generate a new key value while preserving the key ID and metadata. The old key is immediately invalidated.

Base URL: https://www.snapshotai.dev

Immediate Invalidation

The old key stops working immediately after rotation. Update all systems using the old key before rotating.

Example

cURL•bash

curl -X POST https://www.snapshotai.dev/api/v1/keys/key_abc123xyz/rotate \
  -H "Authorization: Bearer SESSION_TOKEN"

Success Response

Returns the same structure as creating a new key, with the new key value.

DELETE

/v1/keys/:id

Permanently delete an API key. This action cannot be undone and the key will immediately stop working.

Base URL: https://www.snapshotai.dev

Example

cURL•bash

curl -X DELETE https://www.snapshotai.dev/api/v1/keys/key_abc123xyz \
  -H "Authorization: Bearer SESSION_TOKEN"

Success Response

204 No Content

Empty response body. API key successfully deleted.

Manage via Dashboard

You can also create and manage API keys through the web interface for a more visual experience.

Go to API Keys Dashboard →

curl -X POST https://www.snapshotai.dev/api/v1/keys \ -H "Authorization: Bearer SESSION_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "name": "Production Server", "expires_at": "2026-12-31T23:59:59Z" }'

const response = await fetch('https://www.snapshotai.dev/api/v1/keys', { method: 'POST', headers: { 'Authorization': 'Bearer SESSION_TOKEN', 'Content-Type': 'application/json' }, body: JSON.stringify({ name: 'Production Server', expires_at: '2026-12-31T23:59:59Z' }) }); const data = await response.json(); // ⚠️ IMPORTANT: Save this key securely - it's only shown once! console.log('API Key:', data.key); console.log('Key ID:', data.id);

{ "id": "key_abc123xyz", "name": "Production Server", "key": "sk_live_9Kx7mP2nQ8vL4jR5wT3yH6bN1cD0fG8z", "key_prefix": "sk_live_9Kx7", "created_at": "2025-11-04T23:45:30.123Z", "expires_at": "2026-12-31T23:59:59Z" }

{ "data": [ { "id": "key_abc123xyz", "name": "Production Server", "key_prefix": "sk_live_9Kx7", "is_active": true, "created_at": "2025-11-04T23:45:30.123Z", "last_used_at": "2025-11-05T10:30:15.456Z", "expires_at": "2026-12-31T23:59:59Z" }, { "id": "key_def456uvw", "name": "Development Testing", "key_prefix": "sk_test_2Pn8", "is_active": true, "created_at": "2025-10-15T14:20:00.789Z", "last_used_at": null, "expires_at": null } ], "meta": { "page": 1, "limit": 20, "total": 2, "pages": 1 } }