apis

Create API namespace

Create an API namespace for organizing keys by environment, service, or product.

Use this to separate production from development keys, isolate different services, or manage multiple products. Each API gets a unique identifier and dedicated infrastructure for secure key operations.

Important: API names must be unique within your workspace and cannot be changed after creation.

Required Permissions

Your root key must have one of the following permissions:

api.*.create_api (to create APIs in any workspace)

POST

apis.createApi

Go (SDK)

package main

import(
	"context"
	"os"
	unkey "github.com/unkeyed/sdks/api/go/v2"
	"github.com/unkeyed/sdks/api/go/v2/models/components"
	"log"
)

func main() {
    ctx := context.Background()

    s := unkey.New(
        unkey.WithSecurity(os.Getenv("UNKEY_ROOT_KEY")),
    )

    res, err := s.Apis.CreateAPI(ctx, components.V2ApisCreateAPIRequestBody{
        Name: "payment-service-production",
    })
    if err != nil {
        log.Fatal(err)
    }
    if res.V2ApisCreateAPIResponseBody != nil {
        // handle response
    }
}

{
  "meta": {
    "requestId": "req_123"
  },
  "data": {
    "apiId": "api_2cGKbMxRjIzhCxo1IdjH3a"
  }
}

Authorizations

Authorization

string

header

required

Unkey uses API keys (root keys) for authentication. These keys authorize access to management operations in the API. To authenticate, include your root key in the Authorization header of each request:

Authorization: Bearer unkey_123

Root keys have specific permissions attached to them, controlling what operations they can perform. Key permissions follow a hierarchical structure with patterns like resource.resource_id.action (e.g., apis.*.create_key, apis.*.read_api). Security best practices:

Keep root keys secure and never expose them in client-side code
Use different root keys for different environments
Rotate keys periodically, especially after team member departures
Create keys with minimal necessary permissions following least privilege principle
Monitor key usage with audit logs.

Body

application/json

Response

200

application/json

API namespace created successfully. The response contains the unique API ID for referencing this namespace in key operations.

The response is of type object.

Delete API namespacePermanently delete an API namespace and immediately invalidate all associated keys. Use this for cleaning up development environments, retiring deprecated services, or removing unused resources. All keys in the namespace are immediately marked as deleted and will fail verification with `code=NOT_FOUND`. **Important**: This operation is immediate and permanent. Verify you have the correct API ID before deletion. If delete protection is enabled, disable it first through the dashboard or API configuration. **Required Permissions** Your root key must have one of the following permissions: - `api.*.delete_api` (to delete any API) - `api.<api_id>.delete_api` (to delete a specific API)

Go (SDK)

package main

import(
	"context"
	"os"
	unkey "github.com/unkeyed/sdks/api/go/v2"
	"github.com/unkeyed/sdks/api/go/v2/models/components"
	"log"
)

func main() {
    ctx := context.Background()

    s := unkey.New(
        unkey.WithSecurity(os.Getenv("UNKEY_ROOT_KEY")),
    )

    res, err := s.Apis.CreateAPI(ctx, components.V2ApisCreateAPIRequestBody{
        Name: "payment-service-production",
    })
    if err != nil {
        log.Fatal(err)
    }
    if res.V2ApisCreateAPIResponseBody != nil {
        // handle response
    }
}

{
  "meta": {
    "requestId": "req_123"
  },
  "data": {
    "apiId": "api_2cGKbMxRjIzhCxo1IdjH3a"
  }
}

Introduction

Endpoints

Create API namespace

Authorizations

Body

Response