API keys operations
Mint and manage API keys.
Each operation below is reachable at POST /v1/op/{operation_id} or the resource path POST /v1/{resource}/{action}, with a Bearer token (a gpra_ API key or a session token). Back to the Operations Reference index.
api_keys.create
Mint an organization API key (the secret is returned once).
| Scope | api_keys:write |
| Side-effect | export |
| HTTP | POST /v1/op/api_keys.create · POST /v1/api_keys/create |
| Python / TypeScript | client.api_keys.create(…) |
| CLI | geopera api-keys create … |
Request — ApiKeyCreateInput
| Field | Type | Required | Description |
|---|---|---|---|
name | string | yes | |
permissions | array of string | — | |
rate_limit | integer | — | |
expires_in_days | integer | — |
Response — ApiKeyCreateOutput.
api_keys.list
List an organization’s API keys (metadata only — never the secret).
| Scope | api_keys:read |
| Side-effect | read |
| HTTP | POST /v1/op/api_keys.list · POST /v1/api_keys/list |
| Python / TypeScript | client.api_keys.list(…) |
| CLI | geopera api-keys list … |
Request — ApiKeyListInput (see the OpenAPI schema for fields).
Response — a streaming or binary payload (NDJSON / file / tile). Call the HTTP endpoint directly; the JSON SDK return does not apply.
api_keys.revoke
Revoke an organization API key.
| Scope | api_keys:write |
| Side-effect | destructive |
| HTTP | POST /v1/op/api_keys.revoke · POST /v1/api_keys/revoke |
| Python / TypeScript | client.api_keys.revoke(…) |
| CLI | geopera api-keys revoke … |
Request — ApiKeyRevokeInput
| Field | Type | Required | Description |
|---|---|---|---|
key_id | string | yes |
Response — ApiKeyRevokeOutput.