Skip to main content
POST
/
v2
/
api-keys
curl --request POST \ --url https://api.arize.com/v2/api-keys \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "name": "CI pipeline key" } '
{
  "id": "QXBp1001",
  "name": "CI pipeline key",
  "key_type": "user",
  "status": "active",
  "key": "ak-abc123def456ghi789jkl012mno345pqr678stu901vwx234yz",
  "redacted_key": "ak-abc...xyz",
  "created_by_user_id": "Usr1001",
  "created_at": "2024-01-15T10:30:00Z",
  "expires_at": "2025-01-15T10:30:00Z"
}

Authorizations

Authorization
string
header
required

Most Arize AI endpoints require authentication. For those endpoints that require authentication, include your API key in the request header using the format

Body

application/json

Body containing API key creation parameters

name
string
required

User-defined name for the API key.

Maximum string length: 256
Example:

"CI pipeline key"

description
string

Optional user-defined description for the API key.

Maximum string length: 1000
Example:

"Key used by the CI pipeline to upload evaluation results."

key_type
enum<string>
default:user

Type of the API key to create. Defaults to user.

  • user - Key that authenticates as the creating user with their full permissions. space_id and roles must not be set (returns 400).
  • service - Key scoped to a specific space backed by a dedicated bot user. Requires space_id. All roles default to minimum privilege when omitted.
Available options:
user,
service
Example:

"user"

expires_at
string<date-time>

Optional expiration timestamp. If omitted the key never expires.

Example:

"2026-01-01T00:00:00Z"

space_id
string

ID of the space this service key is scoped to. Required when key_type is service; invalid for user keys (returns 400).

Example:

"U3BhY2UxMjM"

roles
object

Role assignments for the service key's bot user. Only valid when key_type is service; invalid for user keys (returns 400).

Response

API key successfully created or refreshed. The raw key is only returned once.

id
string
required

Unique identifier for the API key.

name
string
required

User-defined name for the API key.

key_type
enum<string>
required

Type of the API key.

  • user - Key associated with a specific user.
  • service - Key associated with a bot user for service authentication.
Available options:
user,
service
status
enum<string>
required

Current status of the API key.

  • active - The key is valid for use.
  • deleted - The key has been deleted by a user.
Available options:
active,
deleted
redacted_key
string
required

Redacted version of the key suitable for display (e.g., "ak-abc...xyz").

created_at
string<date-time>
required

Timestamp when the key was created.

created_by_user_id
string
required

ID of the user who created the key.

key
string
required

The full API key value. Only returned once at creation or refresh time. Store it securely — it cannot be retrieved again.

description
string

Optional user-defined description for the API key.

expires_at
string<date-time>

Optional timestamp when the key will expire.