Create API Key
POST /api/v1/apikeys
Generates a new API key for the authenticated tenant. The key must be sent in the X-Api-Key
header on requests to the ingest endpoint.
Auth: Bearer token
Body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Descriptive key name — max 100 characters |
Key value shown only once:
The plain text key value is returned only in this response — store it securely, it cannot be
retrieved again.
var request = new HttpRequestMessage(HttpMethod.Post, "https://api.hooksentry.com/api/v1/apikeys")
{
Content = JsonContent.Create(new { name = "Production Key" })
};
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
using var client = new HttpClient();
var response = await client.SendAsync(request);
Return codes
201 Created— key created successfully, contains the plain text value400 Bad Request— invalid name401 Unauthorized— missing or invalid token404 Not Found— tenant not found
{
"id": "1a2b3c4d-5e6f-4a7b-8c9d-0e1f2a3b4c5d",
"name": "Production Key",
"key": "hks_5f8a3b2c1d9e4f6a7b8c9d0e1f2a3b4c",
"createdAt": "2026-07-03T14:32:00.000Z"
}
Get API Keys
GET /api/v1/apikeys
Returns a page of API keys belonging to the authenticated tenant. See Pagination & Filtering for the shared query parameters.
Auth: Bearer token
Filters (optional)
| Parameter | Type | Description |
|---|---|---|
IsActive | boolean | true for active, false for revoked |
var request = new HttpRequestMessage(HttpMethod.Get,
"https://api.hooksentry.com/api/v1/apikeys?Qt=10&Pg=1&CpOrd=id&TpOrd=Desc");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
using var client = new HttpClient();
var response = await client.SendAsync(request);
Return codes
200 OK— paginated list of API keys401 Unauthorized— missing or invalid token
{
"total": 1,
"items": [
{
"id": "1a2b3c4d-5e6f-4a7b-8c9d-0e1f2a3b4c5d",
"name": "Production Key",
"isActive": true,
"createdAt": "2026-07-03T14:32:00.000Z",
"revokedAt": null
}
]
}
Revoke API Key
DELETE /api/v1/apikeys/{id}
Immediately revokes the key. It is invalidated in the Redis cache and can no longer authenticate ingest requests.
Auth: Bearer token
Path parameters
| Parameter | Type | Description |
|---|---|---|
id | UUID | UUID of the API key to revoke |
var request = new HttpRequestMessage(HttpMethod.Delete, $"https://api.hooksentry.com/api/v1/apikeys/{apiKeyId}");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
using var client = new HttpClient();
var response = await client.SendAsync(request);
Return codes
200 OK— key revoked successfully401 Unauthorized— missing or invalid token403 Forbidden— key belongs to another tenant404 Not Found— key not found or already revoked
{
"id": "1a2b3c4d-5e6f-4a7b-8c9d-0e1f2a3b4c5d",
"name": "Production Key",
"isActive": false,
"createdAt": "2026-07-03T14:32:00.000Z",
"revokedAt": "2026-07-03T16:00:00.000Z"
}