Skip to main content
POST
/
auth
/
key
Create API Key
curl --request POST \
  --url https://api.example.com/auth/key \
  --header 'Content-Type: application/json' \
  --data '
{
  "data": {},
  "data.type": "<string>",
  "data.attributes": {},
  "data.attributes.appId": "<string>"
}
'
import requests

url = "https://api.example.com/auth/key"

payload = {
"data": {},
"data.type": "<string>",
"data.attributes": {},
"data.attributes.appId": "<string>"
}
headers = {"Content-Type": "application/json"}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
data: {},
'data.type': '<string>',
'data.attributes': {},
'data.attributes.appId': '<string>'
})
};

fetch('https://api.example.com/auth/key', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.example.com/auth/key",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'data' => [

],
'data.type' => '<string>',
'data.attributes' => [

],
'data.attributes.appId' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.example.com/auth/key"

payload := strings.NewReader("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.example.com/auth/key")
.header("Content-Type", "application/json")
.body("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.example.com/auth/key")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}"

response = http.request(request)
puts response.read_body
{
  "errors": [
    {
      "status": "400",
      "title": "Bad Request",
      "detail": "The appId field is required",
      "source": {
        "pointer": "/data/attributes/appId"
      }
    }
  ]
}
{
  "errors": [
    {
      "status": "401",
      "title": "Unauthorized",
      "detail": "Invalid API key"
    }
  ]
}
{
  "errors": [
    {
      "status": "403",
      "title": "Forbidden",
      "detail": "The account is not authorized"
    }
  ]
}

Endpoint

POST https://api.digitzs.com/auth/key

Overview

Use this endpoint to generate an app key for your application. The app key is required to create access tokens via the /auth/token endpoint.
Creating a new app key renders the previous key unusable. Plan key rotation carefully to avoid service disruption.

Authentication

This endpoint requires only the x-api-key header. No Bearer token is needed.
HeaderValueRequired
x-api-keyYour API key from onboardingYes
Content-Typeapplication/jsonYes

Request Body

data
object
required
Container for API data
data.type
string
required
Must be "auth"
data.attributes
object
required
Container for authentication attributes
data.attributes.appId
string
required
Your application ID provided during onboarding

Example Request

{
  "data": {
    "type": "auth",
    "attributes": {
      "appId": "your-application-id"
    }
  }
}

Response

Success Response (201 Created)

Contains URLs related to the resource
data
object
Container for response data

Example Response

{
  "links": {
    "self": "https://api.digitzs.com/auth/key"
  },
  "data": {
    "type": "auth",
    "id": "api-key-xyz",
    "attributes": {
      "appKey": "generated-app-key-abc123"
    }
  }
}

Code Examples

curl -X POST https://api.digitzs.com/auth/key \
  -H "x-api-key: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "type": "auth",
      "attributes": {
        "appId": "your-application-id"
      }
    }
  }'
const axios = require('axios');

async function createAppKey() {
  const response = await axios.post(
    'https://api.digitzs.com/auth/key',
    {
      data: {
        type: 'auth',
        attributes: {
          appId: 'your-application-id'
        }
      }
    },
    {
      headers: {
        'x-api-key': 'your-api-key',
        'Content-Type': 'application/json'
      }
    }
  );

  const appKey = response.data.data.attributes.appKey;
  console.log('App Key:', appKey);
  return appKey;
}

createAppKey();
import requests

def create_app_key():
    url = "https://api.digitzs.com/auth/key"

    headers = {
        "x-api-key": "your-api-key",
        "Content-Type": "application/json"
    }

    payload = {
        "data": {
            "type": "auth",
            "attributes": {
                "appId": "your-application-id"
            }
        }
    }

    response = requests.post(url, headers=headers, json=payload)
    response.raise_for_status()

    app_key = response.json()["data"]["attributes"]["appKey"]
    print(f"App Key: {app_key}")
    return app_key

create_app_key()
<?php

function createAppKey() {
    $url = "https://api.digitzs.com/auth/key";

    $headers = [
        "x-api-key: your-api-key",
        "Content-Type: application/json"
    ];

    $payload = json_encode([
        "data" => [
            "type" => "auth",
            "attributes" => [
                "appId" => "your-application-id"
            ]
        ]
    ]);

    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    $response = curl_exec($ch);
    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    if ($httpCode === 201) {
        $data = json_decode($response, true);
        $appKey = $data["data"]["attributes"]["appKey"];
        echo "App Key: " . $appKey . "\n";
        return $appKey;
    } else {
        throw new Exception("Error creating app key: " . $response);
    }
}

createAppKey();
?>
require 'net/http'
require 'json'
require 'uri'

def create_app_key
  uri = URI('https://api.digitzs.com/auth/key')

  request = Net::HTTP::Post.new(uri)
  request['x-api-key'] = 'your-api-key'
  request['Content-Type'] = 'application/json'

  request.body = {
    data: {
      type: 'auth',
      attributes: {
        appId: 'your-application-id'
      }
    }
  }.to_json

  response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http|
    http.request(request)
  end

  if response.code == '201'
    data = JSON.parse(response.body)
    app_key = data['data']['attributes']['appKey']
    puts "App Key: #{app_key}"
    app_key
  else
    raise "Error creating app key: #{response.body}"
  end
end

create_app_key

Error Responses

{
  "errors": [
    {
      "status": "400",
      "title": "Bad Request",
      "detail": "The appId field is required",
      "source": {
        "pointer": "/data/attributes/appId"
      }
    }
  ]
}
{
  "errors": [
    {
      "status": "401",
      "title": "Unauthorized",
      "detail": "Invalid API key"
    }
  ]
}
{
  "errors": [
    {
      "status": "403",
      "title": "Forbidden",
      "detail": "The account is not authorized"
    }
  ]
}

Common Error Scenarios

Error: 401 UnauthorizedSolution: Ensure the x-api-key header is included in the request with your valid API key.
Error: 400 Bad RequestSolution: Verify your application ID matches the ID provided during onboarding.
Error: 403 ForbiddenSolution: Contact Digitzs support to check your account status.

Best Practices

Store Securely: Save the returned app key in a secure location (environment variable or secret management service). You’ll need it to generate access tokens.
Key Rotation: When creating a new app key, the previous key becomes invalid immediately. Ensure all services are updated before rotating keys.

Next Steps

After creating an app key, use it to generate an access token:

Create App Token

Generate an access token using your app key