--- descriptions: api_key: self: 'The corresponding [API key](/reference/authkit/api-keys) object.' object: Distinguishes the API key object. id: The unique ID of the API key. owner: self: The owner of the API key (organization). type: 'The type of owner (e.g., "organization").' id: The ID of the owner. name: The human-readable name assigned to the API key. obfuscated_value: >- The obfuscated API key value showing only prefix and last few characters for security. permissions: >- Array of permission strings assigned to this API key for authorization purposes. created_at: The timestamp when the API key was created. updated_at: The timestamp when the API key was last updated. last_used_at: 'The timestamp when the API key was last used, null if never used.' api_keys: validate: >- Validates an API key and returns associated metadata for authentication and authorization. reference: curl: - url: /reference/authkit/api-keys key: api_key id: api_key title: api_key properties: - key: object type: '"api_key"' description: (api_key.object) - key: id type: string description: (api_key.id) - key: owner type: object description: (api_key.owner.self) properties: - key: type type: string description: (api_key.owner.type) - key: id type: string description: (api_key.owner.id) - key: name type: string description: (api_key.name) - key: obfuscated_value type: string description: (api_key.obfuscated_value) - key: permissions type: array description: (api_key.permissions) - key: created_at type: string description: (api_key.created_at) - key: updated_at type: string description: (api_key.updated_at) - key: last_used_at optional: true type: string description: (api_key.last_used_at) js: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: interface ApiKey properties: - key: object type: '"api_key"' description: (api_key.object) - key: id type: string description: (api_key.id) - key: owner type: object description: (api_key.owner.self) properties: - key: type type: string description: (api_key.owner.type) - key: id type: string description: (api_key.owner.id) - key: name type: string description: (api_key.name) - key: obfuscatedValue type: string description: (api_key.obfuscated_value) - key: permissions type: 'string[]' description: (api_key.permissions) - key: createdAt type: string description: (api_key.created_at) - key: updatedAt type: string description: (api_key.updated_at) - key: lastUsedAt optional: true type: string description: (api_key.last_used_at) go: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: usermanagement.ApiKey properties: - key: ID type: string description: (api_key.id) - key: Owner type: object description: (api_key.owner) - key: Name type: string description: (api_key.name) - key: ObfuscatedValue type: string description: (api_key.obfuscated_value) - key: Permissions type: '[]string' description: (api_key.permissions) - key: CreatedAt type: string description: (api_key.created_at) - key: UpdatedAt type: string description: (api_key.updated_at) - key: LastUsedAt optional: true type: string description: (api_key.last_used_at) php: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: WorkOS\Resource\ApiKey properties: - key: object type: '"api_key"' description: (api_key.object) - key: id type: string description: (api_key.id) - key: owner type: object description: (api_key.owner) - key: name type: string description: (api_key.name) - key: obfuscatedValue type: string description: (api_key.obfuscated_value) - key: permissions type: array description: (api_key.permissions) - key: createdAt type: string description: (api_key.created_at) - key: updatedAt type: string description: (api_key.updated_at) - key: lastUsedAt optional: true type: string description: (api_key.last_used_at) python: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: ApiKey properties: - key: id type: str description: (api_key.id) - key: owner type: dict description: (api_key.owner) - key: name type: str description: (api_key.name) - key: obfuscated_value type: str description: (api_key.obfuscated_value) - key: permissions type: 'list[str]' description: (api_key.permissions) - key: created_at type: str description: (api_key.created_at) - key: updated_at type: str description: (api_key.updated_at) - key: last_used_at optional: true type: str description: (api_key.last_used_at) ruby: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: class ApiKey properties: - key: id type: String description: (api_key.id) - key: owner type: Hash description: (api_key.owner) - key: name type: String description: (api_key.name) - key: obfuscated_value type: String description: (api_key.obfuscated_value) - key: permissions type: Array description: (api_key.permissions) - key: created_at type: String description: (api_key.created_at) - key: updated_at type: String description: (api_key.updated_at) - key: last_used_at optional: true type: String description: (api_key.last_used_at) java: - url: /reference/authkit/api-keys key: ApiKey id: api_key title: class ApiKey properties: - key: id type: String description: (api_key.id) - key: owner type: Object description: (api_key.owner) - key: name type: String description: (api_key.name) - key: obfuscatedValue type: String description: (api_key.obfuscated_value) - key: permissions type: 'String[]' description: (api_key.permissions) - key: createdAt type: String description: (api_key.created_at) - key: updatedAt type: String description: (api_key.updated_at) - key: lastUsedAt optional: true type: String description: (api_key.last_used_at) originalPath: .tmp-workos-clone/packages/docs/content/reference/authkit/api-keys/index.mdx --- # API Keys API keys provide a secure way for your application's users to authenticate with your API. Organization admins create API keys through the [API Keys Widget](/widgets/api-keys), and your application can validate these keys to authenticate API requests. Read more about [API keys in AuthKit](/authkit/api-keys).