List API Keys
Overview
The List API Keys endpoint allows you to retrieve all API keys associated with your account. This is useful for managing and monitoring your API keys.
Prerequisites
Before listing API keys, you must have:
- JWT Authentication Token from login
- Service ID from the Generate Service Unique ID endpoint
Endpoint
URL: {{base_url}}/api/clients/api-keys
Method: GET
Headers:
Authorization: Bearer <your_jwt_token>
Content-Type: application/json
Query Parameters
This endpoint currently does not support query parameters. All API keys associated with your account will be returned in a single response.
Example Request
curl -X GET "https://k2-ussd-api.devlorde.xyz/api/clients/api-keys?page=1&limit=10" \
-H "Authorization: Bearer <your_jwt_token>" \
-H "Content-Type: application/json"
Response
{
"status": 200,
"message": "API keys list",
"data": [
{
"id": "eb488a43-e2ef-46c5-9eea-a7d8a8c9658a",
"client_id": "17765423",
"apikey": "2e74ce66",
"apisecret": "6f4eaa0705b12dcd6a0a77",
"scopes": null,
"is_active": 1,
"created_at": "2025-06-09T07:59:37.000Z",
"updated_at": "2025-06-09T07:59:37.000Z",
"expires_at": null,
"last_used_at": null
},
{
"id": "f7fa38ec-0e19-405c-820f-bf65912ab4ec",
"client_id": "17765423",
"apikey": "0bffeb445d",
"apisecret": "3e1cb782792c6ddbbcd723d2d4b42d15b",
"scopes": null,
"is_active": 1,
"created_at": "2025-06-12T03:15:18.000Z",
"updated_at": "2025-06-12T03:15:18.000Z",
"expires_at": null,
"last_used_at": null
}
]
}
Response Fields
| Field | Type | Description |
|---|---|---|
id | string | Unique identifier for the API key |
client_id | string | Client identifier associated with the API key |
apikey | string | The API key value |
apisecret | string | The API secret associated with the key |
scopes | string/null | Permissions or scopes for the API key |
is_active | integer | Whether the API key is active (1) or inactive (0) |
created_at | string | When the API key was created |
updated_at | string | When the API key was last updated |
expires_at | string/null | When the API key expires (null if no expiration) |
last_used_at | string/null | Last time the API key was used (null if never used) |
Error Responses
401 Unauthorized
{
"status": 401,
"message": "Invalid JWT token",
"data": null
}
403 Forbidden
{
"status": 403,
"message": "Insufficient permissions",
"data": null
}
400 Bad Request
{
"status": 400,
"message": "Invalid query parameters",
"data": null
}
Implementation Example
async function listApiKeys(jwtToken) {
try {
const response = await fetch('https://k2-ussd-api.devlorde.xyz/api/clients/api-keys', {
method: 'GET',
headers: {
'Authorization': `Bearer ${jwtToken}`,
'Content-Type': 'application/json'
}
});
const data = await response.json();
if (data.status === 200) {
console.log('API Keys retrieved:', data.data);
return data.data;
} else {
throw new Error(data.message);
}
} catch (error) {
console.error('Failed to list API keys:', error.message);
throw error;
}
}
// Usage example
const apiKeys = await listApiKeys(jwtToken);
console.log(`Found ${apiKeys.length} API keys`);
// Access specific API key details
apiKeys.forEach(key => {
console.log(`API Key: ${key.apikey}, Active: ${key.is_active ? 'Yes' : 'No'}`);
});
Best Practices
- Regular Monitoring: Check your API keys regularly for security
- Usage Tracking: Monitor usage patterns to identify unusual activity
- Cleanup: Remove unused or expired API keys
- Pagination: Use pagination for large lists to improve performance
- Status Filtering: Filter by status to focus on relevant keys
Next Steps
- Generate API Keys - Create new API keys
- Delete API Keys - Remove unused API keys
- Error Handling - Understand error responses