Create an API key
Mint a new API key. The full plaintext key is returned once, only here.
Mint a new API key. The full plaintext key is returned once, only here. Scopes default to ["send"] and may only include the mintable scopes send, read:emails, read:analytics, and read:suppressions — no manage:* scope can be minted onto a key. The environment is taken from the session, never the body. Requires the manage:keys scope, which is a dashboard-session scope (owner or admin only) and cannot be granted to API keys today: every mf_ API key receives 403. Call this endpoint with a dashboard session token.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
namestringrequired>= 1scopesarray<"send" | "read:emails" | "read:analytics" | "read:suppressions">Defaults to `["send"]` when omitted. Only mintable scopes are allowed.
>= 1 elementsdomain_idstringOptional domain (`dom_…`) the key is restricted to; must be owned by the organization.
Response
The API key was created; the plaintext is shown once.
object"api_key"required"api_key"idstringrequirednamestringrequiredkeystringrequiredThe full plaintext secret; returned only at creation and rotation, never again.
prefixstringrequiredlast4stringrequiredscopesarray<"send" | "read:emails" | "read:analytics" | "read:suppressions">requiredenvironment"live" | "test"required"live" | "test"created_atstring<date-time>required