API Keys
Manage your API keys programmatically.
List Keys
GET /v1/keys
List all API keys for your organization.
curl https://api.glyphnet.io/v1/keys \
-H "X-API-Key: gn_live_your_key_here"Response
{
"keys": [
{
"id": "key_abc123def456",
"name": "Production Server",
"prefix": "gn_live_a1b2",
"scopes": ["verify", "harm_detect"],
"created_at": "2024-01-15T10:30:00Z",
"last_used_at": "2024-01-20T15:45:00Z",
"total_requests": 12543,
"is_active": true
},
{
"id": "key_ghi789jkl012",
"name": "Development",
"prefix": "gn_test_c3d4",
"scopes": ["verify"],
"created_at": "2024-01-10T08:00:00Z",
"last_used_at": null,
"total_requests": 0,
"is_active": true
}
]
}Create Key
POST /v1/keys
Create a new API key.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Descriptive name for the key |
scopes | array | No | Permissions. Default: ["verify", "harm_detect"] |
expires_at | string | No | ISO 8601 expiration date |
Available Scopes
| Scope | Description |
|---|---|
verify | Access to /v1/verify |
harm_detect | Access to /v1/harm/detect |
keys:read | List API keys |
keys:write | Create/revoke API keys |
usage:read | Read usage statistics |
Example Request
import requests
response = requests.post(
"https://api.glyphnet.io/v1/keys",
headers={
"X-API-Key": "gn_live_your_key_here",
"Content-Type": "application/json"
},
json={
"name": "Production API Key",
"scopes": ["verify", "harm_detect"]
}
)
result = response.json()
print(f"New API Key: {result['api_key']}")
print("Save this key - it won't be shown again!")Response
{
"id": "key_new123abc456",
"name": "Production API Key",
"api_key": "gn_live_x9y8z7w6v5u4t3s2r1q0p9o8n7m6l5k4",
"prefix": "gn_live_x9y8",
"scopes": ["verify", "harm_detect"],
"created_at": "2024-01-20T16:00:00Z",
"expires_at": null
}Important: The full api_key is only returned once during creation. Store it securely immediately.
Revoke Key
DELETE /v1/keys/:key_id
Revoke an API key. This action is immediate and irreversible.
curl -X DELETE https://api.glyphnet.io/v1/keys/key_abc123def456 \
-H "X-API-Key: gn_live_your_key_here"Response
{
"success": true,
"message": "API key has been revoked.",
"revoked_key_id": "key_abc123def456"
}Key Rotation Example
Best practice: rotate keys periodically.
import requests
import os
API_KEY = os.environ["GLYPHNET_API_KEY"]
BASE_URL = "https://api.glyphnet.io"
def rotate_api_key(old_key_id: str, new_key_name: str) -> str:
"""Create a new key and revoke the old one."""
# Step 1: Create new key
create_response = requests.post(
f"{BASE_URL}/v1/keys",
headers={"X-API-Key": API_KEY},
json={"name": new_key_name}
)
new_key = create_response.json()
print(f"New key created: {new_key['prefix']}...")
# Step 2: Update your application to use the new key
# (This happens outside this function)
# Step 3: Revoke old key (after confirming new key works)
revoke_response = requests.delete(
f"{BASE_URL}/v1/keys/{old_key_id}",
headers={"X-API-Key": API_KEY}
)
if revoke_response.status_code == 200:
print(f"Old key {old_key_id} revoked successfully")
return new_key["api_key"]
# Usage
new_key = rotate_api_key(
old_key_id="key_abc123def456",
new_key_name="Production Key - January 2024"
)
print(f"Update GLYPHNET_API_KEY to: {new_key}")Error Responses
404 Key Not Found
{
"error": "key_not_found",
"message": "The specified API key does not exist."
}403 Cannot Revoke Own Key
{
"error": "cannot_revoke_current_key",
"message": "You cannot revoke the API key you're currently using."
}