Create API Key
curl --request POST \
--url https://api.example.com/auth/key \
--header 'Content-Type: application/json' \
--data '
{
"data": {},
"data.type": "<string>",
"data.attributes": {},
"data.attributes.appId": "<string>"
}
'import requests
url = "https://api.example.com/auth/key"
payload = {
"data": {},
"data.type": "<string>",
"data.attributes": {},
"data.attributes.appId": "<string>"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
data: {},
'data.type': '<string>',
'data.attributes': {},
'data.attributes.appId': '<string>'
})
};
fetch('https://api.example.com/auth/key', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.example.com/auth/key",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'data' => [
],
'data.type' => '<string>',
'data.attributes' => [
],
'data.attributes.appId' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.example.com/auth/key"
payload := strings.NewReader("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.example.com/auth/key")
.header("Content-Type", "application/json")
.body("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.example.com/auth/key")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"errors": [
{
"status": "400",
"title": "Bad Request",
"detail": "The appId field is required",
"source": {
"pointer": "/data/attributes/appId"
}
}
]
}
{
"errors": [
{
"status": "401",
"title": "Unauthorized",
"detail": "Invalid API key"
}
]
}
{
"errors": [
{
"status": "403",
"title": "Forbidden",
"detail": "The account is not authorized"
}
]
}
Authorization
Create API Key
Generate an app key for your application to create access tokens
POST
/
auth
/
key
Create API Key
curl --request POST \
--url https://api.example.com/auth/key \
--header 'Content-Type: application/json' \
--data '
{
"data": {},
"data.type": "<string>",
"data.attributes": {},
"data.attributes.appId": "<string>"
}
'import requests
url = "https://api.example.com/auth/key"
payload = {
"data": {},
"data.type": "<string>",
"data.attributes": {},
"data.attributes.appId": "<string>"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
data: {},
'data.type': '<string>',
'data.attributes': {},
'data.attributes.appId': '<string>'
})
};
fetch('https://api.example.com/auth/key', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.example.com/auth/key",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'data' => [
],
'data.type' => '<string>',
'data.attributes' => [
],
'data.attributes.appId' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.example.com/auth/key"
payload := strings.NewReader("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.example.com/auth/key")
.header("Content-Type", "application/json")
.body("{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.example.com/auth/key")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"data\": {},\n \"data.type\": \"<string>\",\n \"data.attributes\": {},\n \"data.attributes.appId\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"errors": [
{
"status": "400",
"title": "Bad Request",
"detail": "The appId field is required",
"source": {
"pointer": "/data/attributes/appId"
}
}
]
}
{
"errors": [
{
"status": "401",
"title": "Unauthorized",
"detail": "Invalid API key"
}
]
}
{
"errors": [
{
"status": "403",
"title": "Forbidden",
"detail": "The account is not authorized"
}
]
}
Endpoint
POST https://api.digitzs.com/auth/key
Overview
Use this endpoint to generate an app key for your application. The app key is required to create access tokens via the/auth/token endpoint.
Creating a new app key renders the previous key unusable. Plan key rotation carefully to avoid service disruption.
Authentication
This endpoint requires only thex-api-key header. No Bearer token is needed.
| Header | Value | Required |
|---|---|---|
x-api-key | Your API key from onboarding | Yes |
Content-Type | application/json | Yes |
Request Body
Container for API data
Must be
"auth"Container for authentication attributes
Your application ID provided during onboarding
Example Request
{
"data": {
"type": "auth",
"attributes": {
"appId": "your-application-id"
}
}
}
Response
Success Response (201 Created)
Contains URLs related to the resource
Show properties
Show properties
URL of the current endpoint
Example Response
{
"links": {
"self": "https://api.digitzs.com/auth/key"
},
"data": {
"type": "auth",
"id": "api-key-xyz",
"attributes": {
"appKey": "generated-app-key-abc123"
}
}
}
Code Examples
curl -X POST https://api.digitzs.com/auth/key \
-H "x-api-key: your-api-key" \
-H "Content-Type: application/json" \
-d '{
"data": {
"type": "auth",
"attributes": {
"appId": "your-application-id"
}
}
}'
const axios = require('axios');
async function createAppKey() {
const response = await axios.post(
'https://api.digitzs.com/auth/key',
{
data: {
type: 'auth',
attributes: {
appId: 'your-application-id'
}
}
},
{
headers: {
'x-api-key': 'your-api-key',
'Content-Type': 'application/json'
}
}
);
const appKey = response.data.data.attributes.appKey;
console.log('App Key:', appKey);
return appKey;
}
createAppKey();
import requests
def create_app_key():
url = "https://api.digitzs.com/auth/key"
headers = {
"x-api-key": "your-api-key",
"Content-Type": "application/json"
}
payload = {
"data": {
"type": "auth",
"attributes": {
"appId": "your-application-id"
}
}
}
response = requests.post(url, headers=headers, json=payload)
response.raise_for_status()
app_key = response.json()["data"]["attributes"]["appKey"]
print(f"App Key: {app_key}")
return app_key
create_app_key()
<?php
function createAppKey() {
$url = "https://api.digitzs.com/auth/key";
$headers = [
"x-api-key: your-api-key",
"Content-Type: application/json"
];
$payload = json_encode([
"data" => [
"type" => "auth",
"attributes" => [
"appId" => "your-application-id"
]
]
]);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode === 201) {
$data = json_decode($response, true);
$appKey = $data["data"]["attributes"]["appKey"];
echo "App Key: " . $appKey . "\n";
return $appKey;
} else {
throw new Exception("Error creating app key: " . $response);
}
}
createAppKey();
?>
require 'net/http'
require 'json'
require 'uri'
def create_app_key
uri = URI('https://api.digitzs.com/auth/key')
request = Net::HTTP::Post.new(uri)
request['x-api-key'] = 'your-api-key'
request['Content-Type'] = 'application/json'
request.body = {
data: {
type: 'auth',
attributes: {
appId: 'your-application-id'
}
}
}.to_json
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http|
http.request(request)
end
if response.code == '201'
data = JSON.parse(response.body)
app_key = data['data']['attributes']['appKey']
puts "App Key: #{app_key}"
app_key
else
raise "Error creating app key: #{response.body}"
end
end
create_app_key
Error Responses
{
"errors": [
{
"status": "400",
"title": "Bad Request",
"detail": "The appId field is required",
"source": {
"pointer": "/data/attributes/appId"
}
}
]
}
{
"errors": [
{
"status": "401",
"title": "Unauthorized",
"detail": "Invalid API key"
}
]
}
{
"errors": [
{
"status": "403",
"title": "Forbidden",
"detail": "The account is not authorized"
}
]
}
Common Error Scenarios
Missing x-api-key header
Missing x-api-key header
Error: 401 UnauthorizedSolution: Ensure the
x-api-key header is included in the request with your valid API key.Invalid appId
Invalid appId
Error: 400 Bad RequestSolution: Verify your application ID matches the ID provided during onboarding.
Account suspended
Account suspended
Error: 403 ForbiddenSolution: Contact Digitzs support to check your account status.
Best Practices
Store Securely: Save the returned app key in a secure location (environment variable or secret management service). You’ll need it to generate access tokens.
Key Rotation: When creating a new app key, the previous key becomes invalid immediately. Ensure all services are updated before rotating keys.
Next Steps
After creating an app key, use it to generate an access token:Create App Token
Generate an access token using your app key
⌘I

