Skip to main content
POST
/
api-keys
Create an API key
curl --request POST \
  --url https://api.sendkit.dev/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Production Key",
  "permission": "full",
  "domain_id": null,
  "expires_at": "2027-01-01 00:00:00"
}
'
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "name": "Production Key",
  "permission": "full",
  "domain_id": null,
  "status": "active",
  "expires_at": null,
  "last_used_at": "2026-03-03 10:00:00",
  "created_at": "2026-03-03 10:00:00",
  "token": "sk_aBcDeFgHiJkLmNoPqRsTuVwXyZ012345678901234567"
}

Documentation Index

Fetch the complete documentation index at: https://docs.sendkit.dev/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

API key from your SendKit dashboard. Pass it as a Bearer token in the Authorization header.

Body

application/json
name
string
required

A descriptive name for the API key.

Maximum string length: 255
Example:

"Production Key"

permission
enum<string>
required

The permission level. full grants access to all endpoints, send only allows sending emails.

Available options:
full,
send
Example:

"full"

domain_id
string<uuid> | null

Scope the key to a specific domain. The domain must belong to your team.

Example:

null

expires_at
string<date-time> | null

When the API key should expire. Must be a future date. Null for no expiration.

Example:

"2027-01-01 00:00:00"

Response

API key created successfully. The token field contains the plain-text key.

id
string<uuid>

Unique identifier.

Example:

"550e8400-e29b-41d4-a716-446655440000"

name
string

The name of the API key.

Example:

"Production Key"

permission
enum<string>

The permission level. full grants access to all endpoints, send only allows sending emails.

Available options:
full,
send
Example:

"full"

domain_id
string<uuid> | null

The domain this key is scoped to. If null, the key can send from any verified domain.

Example:

null

status
string

The current status of the API key.

Example:

"active"

expires_at
string<date-time> | null

When the API key expires. Null if it does not expire.

Example:

null

last_used_at
string<date-time> | null

When the API key was last used.

Example:

"2026-03-03 10:00:00"

created_at
string<date-time>

When the API key was created.

Example:

"2026-03-03 10:00:00"

token
string

The plain-text API key. Only returned once at creation time.

Example:

"sk_aBcDeFgHiJkLmNoPqRsTuVwXyZ012345678901234567"