OOpenSend Docs
Docs navigationBrowse documentation216
OverviewStart here

OpenSend docs

List API Keys

List API keys for the authenticated tenant. This page documents the OpenSend-owned API contract for GET /api-keys.

Raw markdown

GET /api-keys

Authentication

Use an OpenSend API key in the Authorization header. Dashboard session cookies are not API credentials for public API clients.

http
Authorization: Bearer os_YOUR_API_KEY

When to use it

API key routes are account-management endpoints. Newly created tokens are only shown once, so store the os_... value in your secrets manager and rotate by creating a replacement key before deleting the old one. Return a tenant-scoped collection. Use pagination parameters when available instead of assuming a fixed result size.

Parameters

limit and after may be used on collection routes when the route supports cursor pagination.

Response

Successful responses return JSON scoped to the authenticated tenant. A representative response shape is:

json
{
  "id": "api_key_123",
  "name": "Production worker",
  "token": "os_...",
  "createdAt": "2026-05-28T00:00:00.000Z"
}

Errors

OpenSend returns structured errors for missing authentication, validation failures, not-found resources, quota/rate-limit conditions, and unexpected server failures. Treat 404 as either missing or not owned by the caller.

Self-hosting notes

Self-hosted deployments can use the same path on their own OPENSEND_BASE_URL. Run migrations before deploying code that expects new fields, and keep API keys in a secrets manager instead of committing them to source control.