> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rootprint.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a new API key for a user

> Create a new API key for a user



## OpenAPI

````yaml /api/openapi.json post /api/auth/api-key/create
openapi: 3.1.0
info:
  description: HTTP API for the Rootprint log management platform.
  title: Rootprint API
  version: 0.3.4
servers:
  - description: Rootprint API
    url: https://example.com
security:
  - cookieAuth: []
paths:
  /api/auth/api-key/create:
    post:
      tags:
        - Personal API keys
      summary: Create a new API key for a user
      description: Create a new API key for a user
      parameters: []
      requestBody:
        content:
          application/json:
            schema:
              properties:
                configId:
                  description: >-
                    The configuration ID to use for the API key. If not
                    provided, the default configuration will be used.
                  type:
                    - string
                    - 'null'
                expiresIn:
                  default: null
                  type: string
                metadata:
                  type:
                    - string
                    - 'null'
                name:
                  description: Name of the Api Key
                  type:
                    - string
                    - 'null'
                organizationId:
                  description: >-
                    Organization Id of the organization that the Api Key belongs
                    to. Eg: 'org-id'
                  type:
                    - string
                    - 'null'
                permissions:
                  description: Permissions of the Api Key.
                  type:
                    - string
                    - 'null'
                prefix:
                  description: Prefix of the Api Key
                  type:
                    - string
                    - 'null'
                rateLimitEnabled:
                  description: >-
                    Whether the key has rate limiting enabled. server-only. Eg:
                    true
                  type:
                    - boolean
                    - 'null'
                rateLimitMax:
                  description: >-
                    Maximum amount of requests allowed within a window. Once the
                    `maxRequests` is reached, the request will be rejected until
                    the `timeWindow` has passed, at which point the `timeWindow`
                    will be reset. server-only. Eg: 100
                  type:
                    - number
                    - 'null'
                rateLimitTimeWindow:
                  description: >-
                    The duration in milliseconds where each request is counted.
                    Once the `maxRequests` is reached, the request will be
                    rejected until the `timeWindow` has passed, at which point
                    the `timeWindow` will be reset. server-only. Eg: 1000
                  type:
                    - number
                    - 'null'
                refillAmount:
                  description: >-
                    Amount to refill the remaining count of the Api Key.
                    server-only. Eg: 100
                  type:
                    - number
                    - 'null'
                refillInterval:
                  description: >-
                    Interval to refill the Api Key in milliseconds. server-only.
                    Eg: 1000
                  type:
                    - number
                    - 'null'
                remaining:
                  default: null
                  type: string
                userId:
                  description: >-
                    User Id of the user that the Api Key belongs to.
                    server-only. Eg: "user-id"
                  type:
                    - string
                    - 'null'
              required:
                - expiresIn
                - remaining
              type: object
        required: true
      responses:
        '200':
          content:
            application/json:
              schema:
                properties:
                  createdAt:
                    description: Creation timestamp
                    format: date-time
                    type: string
                  enabled:
                    description: Whether the key is enabled
                    type: boolean
                  expiresAt:
                    description: Expiration timestamp
                    format: date-time
                    nullable: true
                    type: string
                  id:
                    description: Unique identifier of the API key
                    type: string
                  key:
                    description: The full API key (only returned on creation)
                    type: string
                  lastRefillAt:
                    description: Last refill timestamp
                    format: date-time
                    nullable: true
                    type: string
                  lastRequest:
                    description: Last request timestamp
                    format: date-time
                    nullable: true
                    type: string
                  metadata:
                    additionalProperties: true
                    description: Metadata associated with the key
                    nullable: true
                    type: object
                  name:
                    description: Name of the API key
                    nullable: true
                    type: string
                  permissions:
                    additionalProperties:
                      items:
                        type: string
                      type: array
                    description: Permissions associated with the key
                    nullable: true
                    type: object
                  prefix:
                    description: Prefix of the API key
                    nullable: true
                    type: string
                  rateLimitEnabled:
                    description: Whether rate limiting is enabled
                    type: boolean
                  rateLimitMax:
                    description: Maximum requests in time window
                    nullable: true
                    type: number
                  rateLimitTimeWindow:
                    description: Rate limit time window in milliseconds
                    nullable: true
                    type: number
                  referenceId:
                    description: ID of the reference owning the key
                    type: string
                  refillAmount:
                    description: Amount to refill
                    nullable: true
                    type: number
                  refillInterval:
                    description: Refill interval in milliseconds
                    nullable: true
                    type: number
                  remaining:
                    description: Remaining requests
                    nullable: true
                    type: number
                  requestCount:
                    description: Current request count in window
                    type: number
                  start:
                    description: Starting characters of the key (if configured)
                    nullable: true
                    type: string
                  updatedAt:
                    description: Last update timestamp
                    format: date-time
                    type: string
                required:
                  - id
                  - createdAt
                  - updatedAt
                  - key
                  - enabled
                  - referenceId
                  - rateLimitEnabled
                  - requestCount
                type: object
          description: API key created successfully
        '400':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                required:
                  - message
                type: object
          description: >-
            Bad Request. Usually due to missing parameters, or invalid
            parameters.
        '401':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                required:
                  - message
                type: object
          description: Unauthorized. Due to missing or invalid authentication.
        '403':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                type: object
          description: >-
            Forbidden. You do not have permission to access this resource or to
            perform this action.
        '404':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                type: object
          description: Not Found. The requested resource was not found.
        '429':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                type: object
          description: >-
            Too Many Requests. You have exceeded the rate limit. Try again
            later.
        '500':
          content:
            application/json:
              schema:
                properties:
                  message:
                    type: string
                type: object
          description: >-
            Internal Server Error. This is a problem with the server that you
            cannot fix.
      security:
        - bearerAuth: []
components:
  securitySchemes:
    cookieAuth:
      in: cookie
      name: better-auth.session_token
      type: apiKey
    bearerAuth:
      description: Bearer token authentication
      scheme: bearer
      type: http

````