Log inTry for free
Back to all APIs

Create API key Early access

This method allows you to create an API key. Only users with certain roles can create api keys; for example, Account Manager and Integrations Manager roles.

Please log in to see full path URL. Learn why.
post
/settings/2/api-keys
Authorizations:
Basic
IBSSO Token Header
OAuth 2
Scopes:
account-management:manage
Request rate limit:
40 requests / day (per account)
Request Body schema:
application/json
collapse all -
accountId
string

Unique identifier for account this API key will belong to. If not provided accountId of the user making the API request will be set. CPaaSX Applications and Entities can be set only on api keys that belong to the account of the user making the request and only if that account is main account.

name
required
string

Name of this API Key.

allowedIPs
Array of strings

List of IP addresses or IP ranges from which this API key will be used. Authentication will fail from any other IP not specified in this list.

It is recommended to set up AllowedIPs by security recommendations
validFrom
string <date-time>

Date from which this API key will be valid. Time is in UTC. Should not be earlier than creation date. If not provided default is date of creation.

validTo
string <date-time>

Date until this API key will be valid. Time is in UTC. Should not be earlier than validFrom or creation time. If not provided default is 1 year from creation.

permissions
Array of strings
Items Enum: "PUBLIC_API" "2FA_CLIENT" "WEB_SDK"

List of permissions this API key has granted. Default permission is 'PUBLIC_API'. API key cannot be created with both 'PUBLIC_API' and 'WEB_SDK' permissions. API key cannot be created with both permissions and a collection of Applications and/or Entities in platform.

platform
Array of objects

A collection of CPaaS X Applications and Entities that will be linked to the API Key. API key cannot be created with both permissions and a collection of Applications and/or Entities.

API Key will only have access to these endpoints.
Array
applicationId
required
string

ID of a CPaaS X Application. Once linked to an Application, the API key can only be used to send messages using linked Applications. Mandatory for every Application and/or Entity pair. Use the default value to reference a default Application. Use an existing Application created using create-application endpoint or specify a new applicationId to create a new Application.

entityId
string

ID of a CPaaS X Entity. Once linked to an Entity, the API key can only be used to send messages using linked Entities. Use an existing Entity created using create-entity endpoint or specify a new entityId to create a new Entity.

action
string
Enum: "FILL" "FORCE"

An optional action performed for an API request authenticated by this specific API key. The FILL option is used when an API endpoint inserts linked Application and Entity IDs into a request, if missing. The FORCE option is used when an API endpoint overrides linked Application and Entity IDs with the ones from this platform. If the action is left blank, the API endpoint will only perform an authorization check without injecting values into the request.

scopeGuids
Array of strings

List of Scopes that will be assigned to API Key.

Responses

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

500

Internal Server Error

Request samples

Content type
application/json
Example
Create API key request
Copy
 Collapse all
{
  • "accountId": "8F0792F86035A9F4290821F1EE6BC06A",
  • "name": "First ApiKey on my account",
  • "allowedIPs":
    [
    • "127.0.0.1",
    • "168.158.10.122"
    ],
  • "validFrom": "2023-09-01T10:00:00",
  • "validTo": "2024-09-01T10:00:00",
  • "permissions":
    [
    • "PUBLIC_API"
    ],
  • "scopeGuids":
    [
    • "2fa:manage",
    • "account-management:manage"
    ]
}

Response samples

Content type
*/*
Example
Create API key response
Copy
{
  "id": "573711510E1C002E29679B12C7CB48AE",
  "apiKeySecret": "<secret api key>",
  "accountId": "8F0792F86035A9F4290821F1EE6BC06A",
  "name": "First ApiKey on my account",
  "allowedIPs": [
    "127.0.0.1",
    "168.158.10.122"
  ],
  "validFrom": "2024-09-01T10:00:00",
  "validTo": "2023-09-01T10:00:00",
  "enabled": true,
  "permissions": [
    "PUBLIC_API"
  ],
  "scopeGuids": [
    "2fa:manage",
    "account-management:manage"
  ]
}

Need assistance

Explore Infobip Tutorials

Encountering issues

Contact our support

What's new? Check out

Release Notes

Unsure about a term? See

Glossary

Research panel

Help shape the future of our products
Learn more
Service status

Copyright @ 2006-2025 Infobip ltd.

Privacy documentsTerms of use