> ## Documentation Index
> Fetch the complete documentation index at: https://www.ravion.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Create ApiKey



## OpenAPI

````yaml https://api.ravion.com/openapi.yaml post /api-keys
openapi: 3.0.0
info:
  title: Ravion
  version: 0.0.0
servers:
  - url: https://api.ravion.com
security:
  - BearerAuth: []
tags:
  - name: Projects
  - name: Environments
  - name: Pipelines
  - name: PipelineRuns
  - name: TerraformResources
  - name: TerraformExecutionSummaries
  - name: PipelineStepExecutions
  - name: AwsCloudWatch
  - name: PipelineVersions
  - name: Organizations
  - name: Stacks
  - name: StackWorkspaces
  - name: Auth
  - name: OAuth
  - name: User
  - name: Health
  - name: Memberships
  - name: ServiceAccounts
  - name: AwsDefaultNetworks
  - name: AwsAccounts
  - name: ApiKeys
  - name: ExecutionEnvironments
  - name: ModuleDefinitions
  - name: ModuleVersions
  - name: ModuleInstances
  - name: DefaultValueDefinitions
  - name: DefaultValues
  - name: CodeSources
  - name: Github
  - name: Gitlab
  - name: Git
  - name: Values
  - name: Deployments
  - name: DeploymentResources
  - name: InfrastructureEvents
  - name: WebSocket
  - name: Describe
paths:
  /api-keys:
    post:
      tags:
        - ApiKeys
      summary: Create ApiKey
      operationId: CreateApiKey
      requestBody:
        content:
          application/json:
            schema:
              additionalProperties: false
              description: >-
                Request body for creating resources, excluding read-only
                properties
              properties:
                data:
                  additionalProperties: false
                  description: >-
                    Filters a model to only include properties visible during
                    Create lifecycle.
                  properties:
                    description:
                      description: Optional context for where or why this API key is used.
                      type: string
                    expiresAt:
                      allOf:
                        - $ref: '#/components/schemas/UtcDateTime'
                      description: >-
                        Optional expiration timestamp. Null or omitted means the
                        key does not expire.
                      nullable: true
                      type: string
                    name:
                      description: User-facing label for the API key.
                      minLength: 1
                      type: string
                    ownerId:
                      description: >-
                        ID of the membership or service account this API key
                        authenticates as.
                      type: string
                    ownerType:
                      allOf:
                        - $ref: '#/components/schemas/ApiKey.OwnerType'
                      description: Type of principal this API key authenticates as.
                  required:
                    - name
                    - ownerType
                    - ownerId
                  type: object
              required:
                - data
              type: object
        required: true
      responses:
        '201':
          content:
            application/json:
              schema:
                additionalProperties: false
                properties:
                  data:
                    $ref: '#/components/schemas/ApiKeyCreateResult'
                required:
                  - data
                type: object
          description: >-
            The request has succeeded and a new resource has been created as a
            result.
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: The request is invalid or malformed.
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: You are not authenticated
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: You do not have permission to access this resource.
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: Client error
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: Server error
components:
  schemas:
    UtcDateTime:
      description: UTC RFC3339 timestamp with a required Z suffix
      format: date-time
      pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d{1,9})?Z$
      type: string
      x-go-type: apitypes.UTCDateTime
      x-go-type-import:
        name: apitypes
        path: ravion/api-go/pkg/apitypes
    ApiKey.OwnerType:
      enum:
        - MEMBERSHIP
        - SERVICE_ACCOUNT
      type: string
    ApiKeyCreateResult:
      additionalProperties: false
      properties:
        createdAt:
          allOf:
            - $ref: '#/components/schemas/UtcDateTime'
          readOnly: true
        createdById:
          description: Audit-only user id for the member who created the key.
          readOnly: true
          type: string
        description:
          description: Optional context for where or why this API key is used.
          type: string
        expiresAt:
          allOf:
            - $ref: '#/components/schemas/UtcDateTime'
          description: >-
            Optional expiration timestamp. Null or omitted means the key does
            not expire.
          nullable: true
          type: string
        id:
          readOnly: true
          type: string
        keySuffix:
          description: >-
            Last visible characters of the API key token for safe
            identification.
          readOnly: true
          type: string
        lastUsedAt:
          allOf:
            - $ref: '#/components/schemas/UtcDateTime'
          description: Last successful authentication timestamp for this API key.
          nullable: true
          readOnly: true
          type: string
        name:
          description: User-facing label for the API key.
          minLength: 1
          type: string
        organizationId:
          readOnly: true
          type: string
        ownerId:
          description: >-
            ID of the membership or service account this API key authenticates
            as.
          type: string
        ownerType:
          allOf:
            - $ref: '#/components/schemas/ApiKey.OwnerType'
          description: Type of principal this API key authenticates as.
        token:
          description: Raw API key token. Returned only once during creation.
          readOnly: true
          type: string
        updatedAt:
          allOf:
            - $ref: '#/components/schemas/UtcDateTime'
          readOnly: true
      required:
        - id
        - createdAt
        - updatedAt
        - organizationId
        - name
        - ownerType
        - ownerId
        - keySuffix
        - createdById
        - token
      type: object
    Errors.UserFacingErrorData:
      additionalProperties: false
      description: |-
        User-facing error presentation data.
        This is what the API returns to the frontend after formatting ErrorData
        using CEL templates from the error registry.

        Used for both:
        - Error fields on domain models (e.g., PipelineRun.error)
        - API error response bodies (HTTP 4xx/5xx responses)
      properties:
        action:
          allOf:
            - $ref: '#/components/schemas/Errors.Action'
          description: Optional action to help resolve the error
        code:
          description: Full error code, e.g., "Ravion:Pipeline:NOT_FOUND"
          type: string
        description:
          description: Additional description with more details
          type: string
        details:
          description: Structured details rendered as user-facing sections.
          items:
            $ref: '#/components/schemas/Errors.UserFacingErrorDetailSection'
          type: array
        isInternal:
          description: >-
            Indicates whether this error is internal (only set when
            ShowInternal=true).

            This allows SUPERADMINs to identify internal errors while viewing
            full details.
          type: boolean
        message:
          description: Main error message (required)
          type: string
        metadata:
          additionalProperties: {}
          description: >-
            Error params/metadata. Stripped for internal errors unless
            superadmin.
          type: object
        requestId:
          description: Request ID for correlating errors with server logs.
          type: string
      required:
        - code
        - message
      type: object
    Errors.Action:
      additionalProperties: false
      description: Action to help user resolve the error
      properties:
        label:
          description: Button/link label text
          type: string
        url:
          description: URL to navigate to for resolution
          type: string
      required:
        - label
        - url
      type: object
    Errors.UserFacingErrorDetailSection:
      additionalProperties: false
      description: Structured user-facing error detail section.
      properties:
        items:
          description: List of detail values for this section.
          items:
            type: string
          type: array
        object:
          additionalProperties: {}
          description: Structured detail payload for object rendering.
          type: object
        render:
          description: Rendering hint for clients. Valid values are list or object.
          type: string
        title:
          description: Detail section title shown in the UI.
          type: string
      required:
        - title
        - render
      type: object
  securitySchemes:
    BearerAuth:
      scheme: Bearer
      type: http

````