> ## Documentation Index > Fetch the complete documentation index at: https://arize-ax.mintlify.dev/docs/llms.txt > Use this file to discover all available pages before exploring further. # API Keys > Create, list, rotate, and delete API keys using the Arize Go SDK. The `apikeys` client methods are currently in **ALPHA**. The API may change without notice. A one-time warning is emitted on first use. API keys authenticate calls to the Arize platform. Service keys are tied to a bot user with role assignments at the account, organization, and space level; user keys are tied to a specific human user. `Create` issues user keys; `CreateServiceKey` issues service keys. ## List API Keys `List` returns a paginated list of API keys. Defaults to a page size of 50. **Signature:** ```go theme={null} func (c *Client) List(ctx context.Context, req ListRequest) (*APIKeyList, error) ``` **Usage Example:** ```go theme={null} package main import ( "context" "errors" "fmt" "log" "github.com/Arize-ai/client-go-v2/arize" "github.com/Arize-ai/client-go-v2/arize/apikeys" ) func main() { client, err := arize.NewClient(arize.Config{APIKey: "your-api-key"}) if err != nil { log.Fatal(err) } resp, err := client.APIKeys.List(context.Background(), apikeys.ListRequest{ KeyType: apikeys.APIKeyTypeService, Status: apikeys.APIKeyStatusActive, Space: "your-space-name-or-id", Limit: 25, }) if err != nil { var unauthorized *arize.UnauthorizedError if errors.As(err, &unauthorized) { log.Fatalf("unauthorized: %v", unauthorized) } log.Fatal(err) } for _, key := range resp.ApiKeys { fmt.Printf("%s: %s (type=%s status=%s)\n", key.Id, key.Name, key.KeyType, key.Status) } } ``` ## Create a User API Key `Create` issues a `POST` to create a new user API key and returns the created key, including the secret token. The secret is only returned at creation time. **Signature:** ```go theme={null} func (c *Client) Create( ctx context.Context, req CreateRequest, ) (*APIKeyCreated, error) ``` **Usage Example:** ```go theme={null} package main import ( "context" "errors" "fmt" "log" "time" "github.com/Arize-ai/client-go-v2/arize" "github.com/Arize-ai/client-go-v2/arize/apikeys" ) func main() { client, err := arize.NewClient(arize.Config{APIKey: "your-api-key"}) if err != nil { log.Fatal(err) } created, err := client.APIKeys.Create( context.Background(), apikeys.CreateRequest{ Name: "personal-key", Description: "key for local development", ExpiresAt: time.Now().Add(30 * 24 * time.Hour), }, ) if err != nil { var badRequest *arize.BadRequestError if errors.As(err, &badRequest) { log.Fatalf("invalid request: %v", badRequest) } log.Fatal(err) } fmt.Printf("created key %s - secret: %s\n", created.Id, created.Key) } ``` ## Create a Service API Key `CreateServiceKey` creates a new service API key bound to a space. `Space` accepts a space name or ID. The role fields are optional — when empty, the server applies its default role at each scope. **Signature:** ```go theme={null} func (c *Client) CreateServiceKey( ctx context.Context, req CreateServiceKeyRequest, ) (*APIKeyCreated, error) ``` **Usage Example:** ```go theme={null} package main import ( "context" "errors" "fmt" "log" "github.com/Arize-ai/client-go-v2/arize" "github.com/Arize-ai/client-go-v2/arize/apikeys" ) func main() { client, err := arize.NewClient(arize.Config{APIKey: "your-api-key"}) if err != nil { log.Fatal(err) } created, err := client.APIKeys.CreateServiceKey( context.Background(), apikeys.CreateServiceKeyRequest{ Name: "ci-bot", Space: "your-space-name-or-id", OrgRole: apikeys.APIKeyOrganizationRoleMember, SpaceRole: apikeys.APIKeySpaceRoleMember, }, ) if err != nil { var badRequest *arize.BadRequestError if errors.As(err, &badRequest) { log.Fatalf("invalid request: %v", badRequest) } log.Fatal(err) } fmt.Printf("created service key %s - secret: %s\n", created.Id, created.Key) } ``` ## Refresh an API Key `Refresh` rotates the secret on an existing API key and returns the new key value. `ExpiresAt` is optional; when zero, the refreshed key has no expiration. **Signature:** ```go theme={null} func (c *Client) Refresh( ctx context.Context, req RefreshRequest, ) (*APIKeyCreated, error) ``` **Usage Example:** ```go theme={null} package main import ( "context" "errors" "fmt" "log" "github.com/Arize-ai/client-go-v2/arize" "github.com/Arize-ai/client-go-v2/arize/apikeys" ) func main() { client, err := arize.NewClient(arize.Config{APIKey: "your-api-key"}) if err != nil { log.Fatal(err) } rotated, err := client.APIKeys.Refresh( context.Background(), apikeys.RefreshRequest{APIKeyID: "your-api-key-id"}, ) if err != nil { var notFound *arize.NotFoundError if errors.As(err, ¬Found) { log.Fatalf("api key not found: %v", notFound) } log.Fatal(err) } fmt.Printf("rotated key %s - new secret: %s\n", rotated.Id, rotated.Key) } ``` ## Delete an API Key `Delete` removes an API key by ID. It returns only an error. **Signature:** ```go theme={null} func (c *Client) Delete(ctx context.Context, req DeleteRequest) error ``` **Usage Example:** ```go theme={null} package main import ( "context" "errors" "log" "github.com/Arize-ai/client-go-v2/arize" "github.com/Arize-ai/client-go-v2/arize/apikeys" ) func main() { client, err := arize.NewClient(arize.Config{APIKey: "your-api-key"}) if err != nil { log.Fatal(err) } err = client.APIKeys.Delete( context.Background(), apikeys.DeleteRequest{APIKeyID: "your-api-key-id"}, ) if err != nil { var notFound *arize.NotFoundError if errors.As(err, ¬Found) { log.Printf("no api key to remove: %v", notFound) return } log.Fatal(err) } } ```