# API Keys

Create, list, and revoke API keys for programmatic access.

## GET /v1/api-keys

**GET** `/v1/api-keys`

Lists all API keys for your account. Requires full-access key.

```response — 200 OK
{
  "keys": [
    {
      "id": "clx2b3c4d0000efgh5678ijkl",
      "name": "default",
      "prefix": "rm_a1b2c",
      "createdAt": "2026-03-11T00:00:00.000Z",
      "enabled": true
    }
  ]
}
```


## POST /v1/api-keys

**POST** `/v1/api-keys`

Create a new API key. Requires full-access key.

**Request body**

| Name | Type | Description |
|------|------|-------------|
| `name` | `string` | Optional label for the key |
| `mailboxIds` | `string[]` | Scope key to specific mailboxes. Omit for full access. |

```response — 201 Created
{
  "key": "rm_new_key_value...",
  "prefix": "rm_new_k",
  "scoped": false
}
```

The raw key is only returned once. Store it securely.


## DELETE /v1/api-keys/:id

**DELETE** `/v1/api-keys/:id`

Revoke an API key. Requires full-access key. When authenticating via API key, you cannot revoke your only active key. Session-authenticated users can revoke any key.

```response — 200 OK
{ "revoked": true }
```

### Errors

- `400` — Cannot revoke only active key
- `404` — Key not found


---

Previous: [Account](https://robotomail.com/docs/api/account.md) | Next: [Mailboxes](https://robotomail.com/docs/api/mailboxes.md)