Skip to main content
POST
/
auth
/
key
Create API Key
curl --request POST \
  --url https://api.example.com/auth/key \
  --header 'Content-Type: application/json' \
  --data '
{
  "data": {},
  "data.type": "<string>",
  "data.attributes": {},
  "data.attributes.appId": "<string>"
}
'
{
  "errors": [
    {
      "status": "400",
      "title": "Bad Request",
      "detail": "The appId field is required",
      "source": {
        "pointer": "/data/attributes/appId"
      }
    }
  ]
}

Endpoint

POST https://api.digitzs.com/auth/key

Overview

Use this endpoint to generate an app key for your application. The app key is required to create access tokens via the /auth/token endpoint.
Creating a new app key renders the previous key unusable. Plan key rotation carefully to avoid service disruption.

Authentication

This endpoint requires only the x-api-key header. No Bearer token is needed.
HeaderValueRequired
x-api-keyYour API key from onboardingYes
Content-Typeapplication/jsonYes

Request Body

data
object
required
Container for API data
data.type
string
required
Must be "auth"
data.attributes
object
required
Container for authentication attributes
data.attributes.appId
string
required
Your application ID provided during onboarding

Example Request

{
  "data": {
    "type": "auth",
    "attributes": {
      "appId": "your-application-id"
    }
  }
}

Response

Success Response (201 Created)

links
object
Contains URLs related to the resource
data
object
Container for response data

Example Response

{
  "links": {
    "self": "https://api.digitzs.com/auth/key"
  },
  "data": {
    "type": "auth",
    "id": "api-key-xyz",
    "attributes": {
      "appKey": "generated-app-key-abc123"
    }
  }
}

Code Examples

curl -X POST https://api.digitzs.com/auth/key \
  -H "x-api-key: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "type": "auth",
      "attributes": {
        "appId": "your-application-id"
      }
    }
  }'

Error Responses

{
  "errors": [
    {
      "status": "400",
      "title": "Bad Request",
      "detail": "The appId field is required",
      "source": {
        "pointer": "/data/attributes/appId"
      }
    }
  ]
}

Common Error Scenarios

Error: 401 UnauthorizedSolution: Ensure the x-api-key header is included in the request with your valid API key.
Error: 400 Bad RequestSolution: Verify your application ID matches the ID provided during onboarding.
Error: 403 ForbiddenSolution: Contact Digitzs support to check your account status.

Best Practices

Store Securely: Save the returned app key in a secure location (environment variable or secret management service). You’ll need it to generate access tokens.
Key Rotation: When creating a new app key, the previous key becomes invalid immediately. Ensure all services are updated before rotating keys.

Next Steps

After creating an app key, use it to generate an access token:

Create App Token

Generate an access token using your app key