Create API key

curl --request POST \
  --url https://api.snappy.com/public-api/v3/authentication/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "My API",
  "expirationInDays": 90,
  "enforceMtls": false,
  "permissions": [],
  "accountIds": [
    "<string>"
  ]
}
'

{
  "data": {
    "id": "abc123456",
    "expirationDate": "2022-12-06T09:50:38.536Z",
    "enforceMtls": false,
    "name": "My API key",
    "apiKey": "abc123456abc123454542343",
    "createdAt": "2022-12-06T09:50:38.536Z",
    "companyId": "abc12345678",
    "permissions": [],
    "accountsAccess": {
      "ids": [
        "<string>"
      ]
    }
  }
}

API Keys

Create API key

Use this endpoint to create a new API key from an authenticated dashboard session. Use this when an owner or tools admin needs to mint a key - for a new integration, for key rotation, or to scope access to specific Accounts.

Required fields

name - display name of the API key (must be unique within the Company)

Optional fields

expirationInDays - number of days until the key expires. Accepted values: 30, 60, 90, 180, 365. Default: 90.
enforceMtls - when true, requests with this key must use mTLS. Default: false.
permissions - array of permission scopes the new key should have. See the permission reference.
accountsAccess - { scope: "all-accounts" | "specific-accounts", ids: [] } to scope the key to specific Accounts.

Optional headers

Snappy-Account-Id - optional account scoping
Snappy-Company-Id - required for multi-company users to select the target Company

Behavior Notes

The API key secret is visible only in this response. Store it securely - it cannot be retrieved later.
Max 100 active API keys per Company. Delete an existing key before creating the 101st.

Permissions

Authenticated via Authorization: Bearer <dashboard user JWT>. Only Company owners and tools admins have access.

POST

authentication

api-keys

Create API key

curl --request POST \
  --url https://api.snappy.com/public-api/v3/authentication/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "My API",
  "expirationInDays": 90,
  "enforceMtls": false,
  "permissions": [],
  "accountIds": [
    "<string>"
  ]
}
'

{
  "data": {
    "id": "abc123456",
    "expirationDate": "2022-12-06T09:50:38.536Z",
    "enforceMtls": false,
    "name": "My API key",
    "apiKey": "abc123456abc123454542343",
    "createdAt": "2022-12-06T09:50:38.536Z",
    "companyId": "abc12345678",
    "permissions": [],
    "accountsAccess": {
      "ids": [
        "<string>"
      ]
    }
  }
}

Authorizations

Authorization

string

header

required

User Bearer Authentication

Use a dashboard user JWT in the Authorization header when managing API keys from the Snappy dashboard:

Authorization: Bearer YOUR_JWT

For multi-company users, also pass Snappy-Company-Id to select the target company.

Headers

snappy-account-id

string

Optional account identifier for swag validation/filtering.

Example:

"acc123456"

snappy-company-id

string

Optional company identifier for swag validation/filtering.

Example:

"cmp123456"

Body

application/json

Create API key request body.

name

string

required

The name of the API key. Must be unique within the company.

Minimum string length: 1

Example:

"My API"

expirationInDays

number | null

default:90

API key expiration period in days. Default: 90 days.

Required range: 0.00069 <= x <= 365

enforceMtls

boolean

default:false

If true, the API key will be enforced to use mTLS.

Example:

false

permissions

enum<string>[]

The permissions of the API key.

Available options:

gifts:create,

gifts:create:demo,

gifts:update,

gifts:read:unmasked,

gifts:read:masked,

orders:create,

orders:cancel,

orders:read:unmasked,

orders:read:masked,

campaigns:create,

campaigns:update,

campaigns:read,

collections:read,

products:read,

products:read:prices,

recipients:create,

recipients:update,

recipients:read:unmasked,

recipients:read:masked,

recipients:delete,

accounts:create,

accounts:read,

billingMethods:read

accountIds

string[]

Response

Created API key including the secret.

JSON:API single-resource envelope for a created API key.

data

object

required

API key object including the secret returned on create.

Show child attributes

Last modified on June 17, 2026

Get API keys

Delete API key