API Reference / Endpoints / Platform
Create an API key
/v1/apikeysCreate an API key from a signed-in dashboard session.
POST
/v1/apikeysAuth: Dashboard JWT onlyBilling: FreeBehavior: Sync
POSTSyncjson
When to use it
Use this when you want to provision keys programmatically from a trusted control plane backed by the user’s dashboard session.
Behavior on success
Returns a completed payload on the normal success path.
Integration shape
Authorization model
Dashboard session required
Request format
json
Polling pattern
No polling required on the normal success path.
Request
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Human-readable key name. |
scopes | string[] | Optional | Optional scope allowlist. Omit for full-access behavior. |
expires_in_days | number | Optional | Optional lifetime in days. |
Example request
POST /v1/apikeys
const response = await fetch('https://prod-backup-backend.wubble.ai/v1/apikeys', {
method: 'POST',
headers: {
Authorization: `Bearer ${process.env.WUBBLE_API_KEY}`,
'Idempotency-Key': crypto.randomUUID(),
'Content-Type': 'application/json',
},
body: JSON.stringify({
"name": "CI usage reader",
"scopes": [
"analytics:read",
"webhooks:manage"
],
"expires_in_days": 90
}),
});
const payload = await response.json();
console.log(payload);Example response
Response shapejson
{
"success": true,
"data": {
"key_id": "key_123",
"name": "CI usage reader",
"key": "wbk_ce03e701e5d92e1046ba05e1fbb5aff5...",
"prefix": "wbk_ce03e701",
"scopes": [
"analytics:read",
"webhooks:manage"
],
"expires_at": "2026-08-10T12:00:00.000Z",
"created_at": "2026-05-12T12:00:00.000Z"
}
}Implementation notes
This route rejects API-key-authenticated callers with 403. Use a dashboard session or internal user token.
The raw key is shown once at creation time. Store it immediately.
Production guidance
Pair this route with idempotency on POST requests and either request polling or webhooks whenever the response is asynchronous.
Was this page helpful?