Skip to main content
curl --request POST \
  --url https://api.baseten.co/v1/gateway/groups/abc123hash/api_keys \
  --header "Authorization: Api-Key $BASETEN_API_KEY" \
  --header "Content-Type: application/json" \
  --data '{
    "name": "prod-key-1"
  }'

{
  "api_key": "aBcDeFg.<api-key-secret>",
  "prefix": "aBcDeFg",
  "name": "prod-key-1"
}
Mint a new federated API key under an existing group. The key inherits the group’s effective model set and limits; the request body does not configure either on the key. The plaintext key is returned exactly once in the response and is unrecoverable afterward.

Authentication

Authorization
string
required
Workspace API key with management scope, passed as Authorization: Api-Key $BASETEN_API_KEY (or Bearer; both are accepted).

Path parameters

group_id
string
required
Internal Baseten ID of the group to mint the key under. Returned as id from Create a group.

Body

name
string
Display name for the key. Useful for distinguishing multiple keys under the same group.

Response

api_key
string
required
The plaintext key, formatted prefix.secret. Returned exactly once. Hand this to the downstream consumer immediately and store it securely on their side. Baseten does not store the secret portion and cannot show it again.
prefix
string
required
The substring before the . in api_key. Use the prefix (not the full key) as the path parameter in every per-key URL.
name
string
Echoes the request name. null if no name was provided.

Errors

StatusMeaning
403 ForbiddenThe group exists but isn’t in your workspace, or the caller doesn’t have management scope.
404 Not FoundNo group with this id in your workspace, or it has been deleted.
curl --request POST \
  --url https://api.baseten.co/v1/gateway/groups/abc123hash/api_keys \
  --header "Authorization: Api-Key $BASETEN_API_KEY" \
  --header "Content-Type: application/json" \
  --data '{
    "name": "prod-key-1"
  }'

{
  "api_key": "aBcDeFg.<api-key-secret>",
  "prefix": "aBcDeFg",
  "name": "prod-key-1"
}