API Reference Last updated March 14, 2026

API Keys

API keys are the credentials that authenticate your requests to the AgentBridge gateway. You can create multiple keys per account (e.g. one per environment), rotate them without downtime, and revoke compromised keys instantly.

Create an API Key #

Keys are created from the Dashboard or via the management API. Each key is shown once at creation time — store it securely.

http 
POST /api/api-keys
Authorization: Bearer <existing-key>
Content-Type: application/json

{
  "name": "production-agent"
}

Response:

json 
{
  "id":        "key_01HZ...",
  "name":      "production-agent",
  "prefix":    "ab_live_",
  "key":       "ab_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "createdAt": "2026-03-14T00:00:00Z",
  "lastUsedAt": null
}

List API Keys #

http 
GET /api/api-keys
Authorization: Bearer <key>

Revoke an API Key #

http 
DELETE /api/api-keys/:id
Authorization: Bearer <key>

Returns 204 No Content on success. The key is immediately invalidated.

Security Best Practices #

  • Never commit keys to source control — use environment variables or a secrets manager.
  • Create separate keys per environment (dev, staging, production).
  • Rotate keys periodically and whenever a key may have been exposed.
  • Grant keys only the permissions they need.