Atiru Documentation

Appearance

API Keys

API keys let you authenticate without a password. Use them for scripts, CI/CD, and server-to-server integrations.

Important: API key management (create, list, revoke) requires JWT authentication. API keys cannot manage other API keys.

Dashboard: Create and manage API keys

  1. Log in to atiru.io.
  2. Go to API Keys in the sidebar.
  3. Click Create API key.
  4. Optionally enter a name (e.g. "Production server").
  5. Click Create. The key is shown once—copy it immediately and store it securely.
  6. To revoke a key, click the delete icon next to it.

API: Create an API key

Requires: JWT (login token). API key auth returns 403.

Request

json
{
  "name": "My API key"
}

name is optional.

bash
curl -X POST "https://api.atiru.io/auth/api-keys" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"Production server"}'
javascript
const res = await fetch('https://api.atiru.io/auth/api-keys', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${jwtToken}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ name: 'Production server' }),
})
const { id, key, key_prefix, name, created_at } = await res.json()
// Store `key` securely—it is shown only once
python
import requests

res = requests.post(
    "https://api.atiru.io/auth/api-keys",
    headers={"Authorization": f"Bearer {jwt_token}"},
    json={"name": "Production server"},
)
data = res.json()
api_key = data["key"]  # Store securely—shown only once

Response (201)

json
{
  "id": "uuid",
  "key": "atiru_xxxxxxxxxxxx",
  "key_prefix": "atiru_xxxx",
  "name": "Production server",
  "created_at": "2024-01-15T12:00:00.000Z"
}

The key field is returned only on creation. Store it securely.

API: List API keys

Requires: JWT. API key auth returns 403.

curl

bash
curl -X GET "https://api.atiru.io/auth/api-keys" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response (200)

json
{
  "api_keys": [
    {
      "id": "uuid",
      "key_prefix": "atiru_xxxx",
      "name": "Production server",
      "created_at": "2024-01-15T12:00:00.000Z",
      "last_used_at": "2024-01-16T10:30:00.000Z"
    }
  ]
}

API: Revoke an API key

Requires: JWT. API key auth returns 403.

curl

bash
curl -X DELETE "https://api.atiru.io/auth/api-keys/KEY_ID" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response (204) — No body. Key is revoked.

Response (404) — Key not found or already revoked.