ApiKey represents an authentication token that allows programmatic access to your application’s backend. API keys can be associated with individual users or teams.

On this page:

• ApiKey
• Types:
  • UserApiKey
  • TeamApiKey

API keys provide a way for users to authenticate with your backend services without using their primary credentials. They can be created for individual users or for teams, allowing programmatic access to your application.

API keys can be obtained through:

• user.createApiKey()
• user.listApiKeys()
• user.useApiKeys() (React hook)
• team.createApiKey()
• team.listApiKeys()
• team.useApiKeys() (React hook)

Table of Contents

1
type ApiKey<Type extends "user" | "team" = "user" | "team", IsFirstView extends boolean = false> = {
2
  id: string;  //$stack-link-to:#apikeyid
3
  description: string;  //$stack-link-to:#apikeydescription
4
  expiresAt?: Date;  //$stack-link-to:#apikeyexpiresat
5
  manuallyRevokedAt: Date | null;  //$stack-link-to:#apikeymanuallyrevokedat
6
  createdAt: Date;  //$stack-link-to:#apikeycreatedat
7
  value: IsFirstView extends true ? string : { lastFour: string };  //$stack-link-to:#apikeyvalue
8
  
9
  // User or Team properties based on Type
10
  ...(Type extends "user" ? {
11
    type: "user";
12
    userId: string;  //$stack-link-to:#apikeyuserid
13
  } : {
14
    type: "team";
15
    teamId: string;  //$stack-link-to:#apikeyteamid
16
  })
17
  
18
  // Methods
19
  isValid(): boolean;  //$stack-link-to:#apikeyisvalid
20
  whyInvalid(): "manually-revoked" | "expired" | null;  //$stack-link-to:#apikeywhyinvalid
21
  revoke(): Promise<void>;  //$stack-link-to:#apikeyrevoke
22
  update(options): Promise<void>;  //$stack-link-to:#apikeyupdateoptions
23
};

The unique identifier for this API key.

A human-readable description of the API key’s purpose.

The date and time when this API key will expire. If not set, the key does not expire.

The date and time when this API key was manually revoked. If null, the key has not been revoked.

The date and time when this API key was created.

The value of the API key. When the key is first created, this is the full API key string. After that, only the last four characters are available for security reasons.

For user API keys, the ID of the user that owns this API key.

For team API keys, the ID of the team that owns this API key.

Checks if the API key is still valid (not expired and not revoked).

Parameters

Returns

Returns the reason why the API key is invalid, or null if it is valid.

Parameters

Returns

Revokes the API key, preventing it from being used for authentication.

Parameters

Returns

Updates the API key properties.

Parameters

Returns

UserApiKey

A type alias for an API key owned by a user:

1
type UserApiKey = ApiKey<"user", false>;

UserApiKeyFirstView

A type alias for a newly created user API key, which includes the full key value:

1
type UserApiKeyFirstView = ApiKey<"user", true>;

TeamApiKey

A type alias for an API key owned by a team:

1
type TeamApiKey = ApiKey<"team", false>;

TeamApiKeyFirstView

A type alias for a newly created team API key, which includes the full key value:

1
type TeamApiKeyFirstView = ApiKey<"team", true>;

When creating an API key using user.createApiKey() or team.createApiKey(), you need to provide an options object with the following properties:

1
type ApiKeyCreationOptions = {
2
  description: string;
3
  expiresAt: Date | null;
4
  isPublic?: boolean;
5
};

Properties