Skip to main content
GET
List API access keys

Authorizations

Authorization
string
header
required

Short-lived bearer access token issued for a Living Security API access key. Send as Authorization: Bearer .

Headers

x-organization-id
string<uuid>
required

Organization context for multi-tenant operations

Response

200 - application/json
id
string
required

Stable API access key identifier

name
string
required

Human-readable name for the API access key credential, usually the owning integration or automation

keyType
enum<string>
required

Credential type for the API access key. user_bound keys are associated with the creating user's identity; service_account keys are intended for non-human service integrations.

Available options:
user_bound,
service_account
boundEmail
string
required

Email address associated with the API access key credential when the credential is user-bound

status
enum<string>
required

API access key status

Available options:
active,
revoked
createdAt
string<date-time>
required

Timestamp when the API access key credential was created

createdByUserId
string
required

Identifier of the user who created this API access key

scopes
string[]
required

Permission scopes assigned to this API access key

Example:
lastUsedAt
string<date-time> | null

Last time the API access key was used

expiresAt
string<date-time> | null

Expiration timestamp for the API access key credential