# User # API Keys ## List your API keys **get** `/api/user/api-keys` Returns metadata for all your API keys (PATs and Ed25519 key pairs). The plaintext key is **never** returned here — only on creation. ### Returns - `keys: optional array of object { id, createdAt, lastUsedAt, 3 more }` - `id: optional string` - `createdAt: optional string` - `lastUsedAt: optional string` - `name: optional string` - `prefix: optional string` First 8 hex chars of the secret (safe to display) - `type: optional "PAT" or "ED25519"` - `"PAT"` - `"ED25519"` ### Example ```http curl https://racks.cash/api/user/api-keys ``` #### Response ```json { "keys": [ { "id": "id", "createdAt": "2019-12-27T18:11:19.117Z", "lastUsedAt": "2019-12-27T18:11:19.117Z", "name": "name", "prefix": "prefix", "type": "PAT" } ] } ``` ## Create a new API key **post** `/api/user/api-keys` Creates a new PAT or Ed25519 key pair. The plaintext key / private key PEM is returned **once** and never stored. ### Body Parameters - `name: optional string` Optional label for the key (max 64 characters) - `type: optional "PAT" or "ED25519"` Key type — PAT for Bearer tokens, ED25519 for asymmetric signing - `"PAT"` - `"ED25519"` ### Returns - `id: optional string` - `fingerprint: optional string` SHA256 fingerprint of the public key (Ed25519 keys only) - `key: optional string` Full `racks_…` token (PAT) or private key PEM (Ed25519) — store it now, it will not be shown again - `publicKeyPem: optional string` Ed25519 public key PEM (Ed25519 keys only) ### Example ```http curl https://racks.cash/api/user/api-keys \ -X POST ``` #### Response ```json { "id": "id", "fingerprint": "fingerprint", "key": "key", "publicKeyPem": "publicKeyPem" } ``` ## Revoke an API key **delete** `/api/user/api-keys/{id}` Permanently revokes one of your API keys. This cannot be undone. ### Path Parameters - `id: string` ### Returns - `deleted: optional boolean` ### Example ```http curl https://racks.cash/api/user/api-keys/$ID \ -X DELETE ``` #### Response ```json { "deleted": true } ```