RecomlyRecomlyRecomlyDocs
Recomly APIEndpointsAPI Keys

Create API key

Generate a new API key for the organization.

POST /api/app/api-keys

Creates a new API key and returns the full secret once. The secret cannot be retrieved again after this response — store it securely immediately.

Requires the admin role and the API access feature entitlement (enabledFeatures.api).

Request

See API Basics for required headers.

Request body

FieldTypeRequiredDescription
namestringNoHuman-readable label for the key. Defaults to "API Key". Max 100 characters.

Sample request

curl -X POST https://api.recomly.com/api/app/api-keys \
  -H "Authorization: Bearer rk_live_abc123:def456" \
  -H "Content-Type: application/json" \
  -d '{"name": "Zapier integration"}'

Sample response

Status: 201 Created

{
  "key": "rk_live_abc123:s3cr3tDef456plaintext",
  "keyId": "rk_live_abc123",
  "name": "Zapier integration",
  "createdAt": "2026-04-15T12:00:00.000Z"
}

The key field is the full keyId:secret string to use in the Authorization header. It is returned only once and cannot be recovered. Revoke and recreate the key if lost.

Error responses

See API Basics for standard status codes and error response format.

StatusMeaning
403Caller does not have the admin role, or the API access feature is not enabled.

List API keys

List all API keys for the organization.

Delete API key

Revoke an API key.

On this page

RequestRequest bodySample requestSample responseError responses

We use cookies

We use essential cookies to keep the site working, and optional analytics cookies to understand how it's used. Read our Privacy Policy.