Create API Key
curl --request POST \
  --url https://api.tensorone.ai/v2/accounts/api-keys \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>",
  "permissions": "read"
}'
{
  "id": "<string>",
  "name": "<string>",
  "permissions": "read",
  "lastUsed": "2023-11-07T05:31:56Z",
  "createdAt": "2023-11-07T05:31:56Z"
}
Manage API keys for programmatic access to the TensorOne platform. Create keys with specific permissions, monitor usage, and implement secure key rotation practices.

List API Keys

Retrieve all API keys associated with your account. 
curl -X GET "https://api.tensorone.ai/v2/accounts/api-keys" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
    "apiKeys": [
        {
            "id": "key_1234567890abcdef",
            "name": "Production API Key",
            "prefix": "tpo_prod_",
            "permissions": ["read", "write", "execute"],
            "scopes": ["endpoints", "clusters", "billing"],
            "lastUsed": "2024-03-20T10:30:00Z",
            "createdAt": "2024-01-15T10:30:00Z",
            "expiresAt": "2025-01-15T10:30:00Z",
            "status": "active",
            "usageCount": 15420,
            "rateLimit": {
                "reads": 1000,
                "writes": 100,
                "executions": 500
            }
        },
        {
            "id": "key_fedcba0987654321",
            "name": "Development Key",
            "prefix": "tpo_dev_",
            "permissions": ["read"],
            "scopes": ["endpoints"],
            "lastUsed": "2024-03-19T15:45:00Z",
            "createdAt": "2024-02-01T09:00:00Z",
            "expiresAt": null,
            "status": "active",
            "usageCount": 832,
            "rateLimit": {
                "reads": 500,
                "writes": 0,
                "executions": 0
            }
        }
    ],
    "total": 2
}

Create API Key

Create a new API key with specified permissions and scopes. 
curl -X POST "https://api.tensorone.ai/v2/accounts/api-keys" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Mobile App Key",
    "permissions": ["read", "execute"],
    "scopes": ["endpoints"],
    "expiresAt": "2024-12-31T23:59:59Z",
    "rateLimit": {
      "reads": 500,
      "executions": 100
    }
  }'

Request Schema

{
    "name": "string (required, 1-100 characters)",
    "permissions": "array (required, ['read', 'write', 'execute'])",
    "scopes": "array (required, ['endpoints', 'clusters', 'billing', 'accounts'])",
    "expiresAt": "string (optional, ISO 8601 date)",
    "rateLimit": {
        "reads": "number (optional, max requests per hour)",
        "writes": "number (optional, max requests per hour)",
        "executions": "number (optional, max requests per hour)"
    }
}

Available Permissions

  • read: Access to GET endpoints and data retrieval
  • write: Access to POST, PUT, DELETE operations
  • execute: Access to endpoint execution and compute resources

Available Scopes

  • endpoints: Serverless endpoint management
  • clusters: GPU cluster management
  • billing: Billing and usage information
  • accounts: Account and team management

Response

{
    "id": "key_abc1234567890def",
    "name": "Mobile App Key",
    "key": "tpo_live_abc1234567890def_xyz9876543210ghi",
    "prefix": "tpo_live_",
    "permissions": ["read", "execute"],
    "scopes": ["endpoints"],
    "createdAt": "2024-03-20T14:30:00Z",
    "expiresAt": "2024-12-31T23:59:59Z",
    "status": "active",
    "rateLimit": {
        "reads": 500,
        "writes": 0,
        "executions": 100
    }
}
The full API key is only returned once during creation. Store it securely and never expose it in client-side code.

Update API Key

Update an existing API key’s name, permissions, or rate limits. 
curl -X PUT "https://api.tensorone.ai/v2/accounts/api-keys/key_1234567890abcdef" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated Production Key",
    "permissions": ["read", "write"],
    "rateLimit": {
      "reads": 2000,
      "writes": 200
    }
  }'

Request Schema

{
    "name": "string (optional, 1-100 characters)",
    "permissions": "array (optional, ['read', 'write', 'execute'])",
    "scopes": "array (optional, ['endpoints', 'clusters', 'billing', 'accounts'])",
    "expiresAt": "string (optional, ISO 8601 date)",
    "rateLimit": {
        "reads": "number (optional)",
        "writes": "number (optional)",
        "executions": "number (optional)"
    }
}

Rotate API Key

Generate a new key value while preserving the key’s configuration and permissions. 
curl -X POST "https://api.tensorone.ai/v2/accounts/api-keys/key_1234567890abcdef/rotate" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
    "id": "key_1234567890abcdef",
    "name": "Production API Key",
    "key": "tpo_live_new1234567890key_rotated5678901234",
    "oldKeyRevoked": true,
    "rotatedAt": "2024-03-20T16:00:00Z",
    "message": "API key rotated successfully. Update your applications with the new key."
}
The old key is immediately revoked when rotating. Update your applications immediately to avoid service interruption.

Revoke API Key

Permanently revoke an API key, making it unusable. 
curl -X DELETE "https://api.tensorone.ai/v2/accounts/api-keys/key_1234567890abcdef" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
    "id": "key_1234567890abcdef",
    "status": "revoked",
    "revokedAt": "2024-03-20T17:00:00Z",
    "message": "API key revoked successfully"
}

Get API Key Usage

Retrieve detailed usage statistics for a specific API key. 
curl -X GET "https://api.tensorone.ai/v2/accounts/api-keys/key_1234567890abcdef/usage" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -G -d "period=30d"

Query Parameters

  • period: Time period for usage data (1d, 7d, 30d, 90d)
  • granularity: Data granularity (hour, day, week)

Response

{
    "keyId": "key_1234567890abcdef",
    "period": "30d",
    "usage": {
        "reads": 45230,
        "writes": 1820,
        "executions": 3450,
        "totalRequests": 50500
    },
    "timeline": [
        {
            "date": "2024-03-01",
            "reads": 1520,
            "writes": 45,
            "executions": 120
        },
        {
            "date": "2024-03-02",
            "reads": 1680,
            "writes": 52,
            "executions": 135
        }
    ],
    "topEndpoints": [
        {
            "endpoint": "/endpoints",
            "method": "GET",
            "count": 12500
        },
        {
            "endpoint": "/endpoints/{id}/execute",
            "method": "POST",
            "count": 3450
        }
    ]
}

Code Examples

Python SDK

from tensorone import TensorOneAPI
from datetime import datetime, timedelta

client = TensorOneAPI(api_key="your_api_key")

# List all API keys
keys = client.accounts.api_keys.list()
for key in keys:
    print(f"Key: {key.name} - Status: {key.status}")

# Create a new API key
new_key = client.accounts.api_keys.create(
    name="CI/CD Pipeline Key",
    permissions=["read", "execute"],
    scopes=["endpoints"],
    expires_at=datetime.now() + timedelta(days=365),
    rate_limit={
        "reads": 1000,
        "executions": 200
    }
)
print(f"New key created: {new_key.key}")

# Update API key permissions
updated_key = client.accounts.api_keys.update(
    key_id="key_1234567890abcdef",
    permissions=["read", "write", "execute"],
    rate_limit={"reads": 2000, "writes": 300}
)

# Rotate API key
rotated_key = client.accounts.api_keys.rotate("key_1234567890abcdef")
print(f"New rotated key: {rotated_key.key}")

# Get usage statistics
usage = client.accounts.api_keys.get_usage(
    key_id="key_1234567890abcdef",
    period="30d"
)
print(f"Total requests: {usage.total_requests}")

# Revoke API key
client.accounts.api_keys.revoke("key_1234567890abcdef")

JavaScript SDK

import { TensorOneAPI } from "@tensorone/sdk";

const client = new TensorOneAPI("your_api_key");

// List all API keys
const keys = await client.accounts.apiKeys.list();
keys.forEach((key) => {
    console.log(`Key: ${key.name} - Status: ${key.status}`);
});

// Create a new API key
const newKey = await client.accounts.apiKeys.create({
    name: "Frontend App Key",
    permissions: ["read"],
    scopes: ["endpoints"],
    expiresAt: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000).toISOString(),
    rateLimit: {
        reads: 500,
    },
});
console.log(`New key created: ${newKey.key}`);

// Update API key
const updatedKey = await client.accounts.apiKeys.update("key_1234567890abcdef", {
    name: "Updated Production Key",
    permissions: ["read", "write"],
    rateLimit: {
        reads: 2000,
        writes: 200,
    },
});

// Rotate API key
const rotatedKey = await client.accounts.apiKeys.rotate("key_1234567890abcdef");
console.log(`New rotated key: ${rotatedKey.key}`);

// Get usage statistics
const usage = await client.accounts.apiKeys.getUsage("key_1234567890abcdef", {
    period: "30d",
    granularity: "day",
});
console.log(`Total requests: ${usage.totalRequests}`);

// Revoke API key
await client.accounts.apiKeys.revoke("key_1234567890abcdef");

Error Responses

400 Bad Request

{
    "error": "INVALID_PERMISSIONS",
    "message": "Invalid permission or scope combination",
    "details": {
        "invalidPermissions": ["invalid_permission"],
        "validPermissions": ["read", "write", "execute"]
    }
}

403 Forbidden

{
    "error": "INSUFFICIENT_PERMISSIONS",
    "message": "Current API key lacks permission to manage API keys",
    "details": {
        "requiredPermission": "write",
        "requiredScope": "accounts"
    }
}

404 Not Found

{
    "error": "KEY_NOT_FOUND",
    "message": "API key not found",
    "details": {
        "keyId": "key_nonexistent123"
    }
}

429 Too Many Requests

{
    "error": "RATE_LIMIT_EXCEEDED",
    "message": "API key creation rate limit exceeded",
    "details": {
        "limit": 10,
        "period": "1h",
        "resetAt": "2024-03-20T18:00:00Z"
    }
}

Security Best Practices

Key Management

  • Use the principle of least privilege - grant only necessary permissions
  • Set expiration dates for temporary or project-specific keys
  • Rotate keys regularly, especially for production environments
  • Monitor key usage for anomalous activity

Permission Design

  • Create separate keys for different applications or environments
  • Use read-only keys for monitoring and analytics tools
  • Restrict execution permissions to trusted applications only
  • Regularly audit and review key permissions

Storage and Transmission

  • Store API keys in secure environment variables or key management systems
  • Never commit keys to version control systems
  • Use HTTPS for all API communications
  • Implement proper key rotation in your applications

Use Cases

CI/CD Pipeline Integration

# Create a key for automated deployments
ci_key = client.accounts.api_keys.create(
    name="GitHub Actions Deploy",
    permissions=["read", "write"],
    scopes=["endpoints", "clusters"],
    expires_at=datetime.now() + timedelta(days=90)
)

Monitoring and Analytics

# Create read-only key for monitoring tools
monitoring_key = client.accounts.api_keys.create(
    name="DataDog Integration",
    permissions=["read"],
    scopes=["endpoints", "clusters", "billing"],
    rate_limit={"reads": 2000}
)

Application-Specific Access

# Create key for mobile app with execution access only
mobile_key = client.accounts.api_keys.create(
    name="Mobile App v2.1",
    permissions=["execute"],
    scopes=["endpoints"],
    rate_limit={"executions": 1000}
)

Regular Key Rotation

# Implement automated key rotation
def rotate_production_keys():
    prod_keys = [k for k in client.accounts.api_keys.list()
                 if k.name.startswith("Production")]

    for key in prod_keys:
        if key.created_at < datetime.now() - timedelta(days=90):
            rotated = client.accounts.api_keys.rotate(key.id)
            # Update application configuration with new key
            update_app_config(key.name, rotated.key)

Authorizations

Authorization
string
header
required

API key authentication. Use 'Bearer YOUR_API_KEY' format.

Body

application/json

Response

201 - application/json

API key created successfully

The response is of type object.