SidClaw

API Keys API

API endpoints for managing API keys.

API Keys API

Manage API keys for programmatic access to SidClaw. Keys are scoped to a tenant and can have specific permissions.

List API Keys

GET /api/v1/api-keys

Authentication: Session (admin role required)

Response:

{
  "data": [
    {
      "id": "key_abc123",
      "name": "Production SDK",
      "prefix": "ai_1234",
      "scopes": ["evaluate", "read"],
      "last_used_at": "2026-03-23T12:00:00.000Z",
      "created_at": "2026-03-20T10:00:00.000Z",
      "expires_at": null
    }
  ]
}

Create API Key

POST /api/v1/api-keys

Authentication: Session (admin role required)

Request body:

{
  "name": "Production SDK",
  "scopes": ["evaluate", "read"],
  "expires_at": "2027-03-23T00:00:00.000Z"
}
FieldTypeRequiredDescription
namestringYesHuman-readable name
scopesstring[]NoPermission scopes: evaluate, read, write, admin
expires_atstringNoISO 8601 expiration date (null for no expiry)

Response:

{
  "data": {
    "id": "key_abc123",
    "name": "Production SDK",
    "key": "ai_full_key_shown_only_once",
    "prefix": "ai_1234",
    "scopes": ["evaluate", "read"],
    "created_at": "2026-03-23T10:00:00.000Z"
  }
}

The full API key is returned only once at creation time. Store it securely.

Delete API Key

DELETE /api/v1/api-keys/:id

Authentication: Session (admin role required)

Response: 204 No Content

Rotate API Key

Generate a new key value while keeping the same key ID, name, and scopes.

POST /api/v1/api-keys/:id/rotate

Authentication: Session (admin role required)

Response:

{
  "data": {
    "id": "key_abc123",
    "key": "ai_new_key_shown_only_once",
    "prefix": "ai_5678"
  }
}

The old key is immediately invalidated.

Using API Keys

Include the key in the Authorization header:

curl -H "Authorization: Bearer ai_your_key_here" \
  https://api.sidclaw.com/api/v1/agents

Or in the SDK:

import { AgentIdentityClient } from '@sidclaw/sdk';

const client = new AgentIdentityClient({
  apiKey: 'ai_your_key_here',
  agentId: 'ag_abc123',
});
from sidclaw import SidClaw

client = SidClaw(
    api_key="ai_your_key_here",
    agent_id="ag_abc123",
)

Scopes

ScopePermissions
evaluateCall POST /api/v1/evaluate
readRead agents, policies, approvals, traces
writeCreate/update agents, policies
adminFull access including key management and billing

Plan limits apply to the number of API keys per tenant. See Pricing & Billing for limits per plan.

Authentication

API key authentication, scopes, session auth, CSRF protection, rate limiting, and development bypass.

Billing API

API endpoints for managing billing and subscriptions.

On this page

API Keys APIList API KeysCreate API KeyDelete API KeyRotate API KeyUsing API KeysScopes