Skip to main content
GET
/
api
/
keys
List API keys
curl --request GET \
  --url https://v1.api.altostrat.io/api/keys \
  --header 'Authorization: Bearer <token>'
[
  {
    "id": "api_key_2m3h5n7k9j8g7f6e5d4c3b2a",
    "object": "api_key",
    "name": "Production automation",
    "key_prefix": "alto_sk_ab123",
    "client_id": "C3HqXo4o6Yb5Kp0oV9x8",
    "created_at": "2026-04-20T00:00:00Z",
    "status": "active",
    "permissions": [
      "sites:read",
      "scripts:write"
    ],
    "last_used_at": null
  }
]

Authorizations

Authorization
string
header
required

Authenticate with an SDX user access token that has permission to manage API keys.

Response

API keys for the organization.

id
string
required
Pattern: ^api_key_[0-9A-Za-z]{27}$
Example:

"api_key_2m3h5n7k9j8g7f6e5d4c3b2a"

object
enum<string>
required
Available options:
api_key
Example:

"api_key"

name
string
required
Example:

"Production automation"

key_prefix
string
required

The visible prefix of the secret. Use this to identify a key without exposing its secret.

Example:

"alto_sk_ab123"

client_id
string
required

The backing machine-to-machine client identifier.

Example:

"C3HqXo4o6Yb5Kp0oV9x8"

created_at
string<date-time>
required
Example:

"2026-04-20T00:00:00Z"

status
string
required
Example:

"active"

permissions
string[]
Example:
["sites:read", "scripts:write"]
last_used_at
string<date-time> | null
Example:

null