API Keys

API keys provide secure, programmatic access to the CrossCheck API. Unlike user tokens, API keys can be scoped and rotated independently, making them ideal for automated systems, CI/CD pipelines, and service-to-service communication.

Endpoints

GET /api/api-keys/ — List API keys for current user

POST /api/api-keys/ — Create API key

Optional body: {"name": "My key"}. Server generates key (e.g. cc_...).

GET /api/api-keys/{id}/ — API key detail

PATCH /api/api-keys/{id}/ — Update (e.g. name, is_active)

DELETE /api/api-keys/{id}/ — Delete API key

Response Fields

id - API key ID
name - API key name
key - The API key value (e.g. cc_...)
is_active - Whether the key is active
created_at - Creation timestamp
last_used - Last usage timestamp
usage_count - Number of times used
usage_stats - Usage statistics object

Example

curl -X POST https://crosscheck.app/api/api-keys/ \
  -H "Authorization: Token <your-token>" \
  -H "Content-Type: application/json" \
  -d '{"name":"Production API Key"}'

Endpoints​

Response Fields​

Example​

Endpoints

Response Fields

Example