# Admin API Keys ## List all organization and project API keys. **get** `/organization/admin_api_keys` List organization API keys ### Query Parameters - `after: optional string` Return keys with IDs that come after this ID in the pagination order. - `limit: optional number` Maximum number of keys to return. - `order: optional "asc" or "desc"` Order results by creation time, ascending or descending. - `"asc"` - `"desc"` ### Returns - `data: optional array of object { id, created_at, last_used_at, 5 more }` - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. - `first_id: optional string` - `has_more: optional boolean` - `last_id: optional string` - `object: optional string` ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys \ -H "Authorization: Bearer $OPENAI_API_KEY" ``` #### Response ```json { "data": [ { "id": "key_abc", "created_at": 1711471533, "last_used_at": 1711471534, "name": "Administration Key", "object": "organization.admin_api_key", "owner": { "id": "sa_456", "created_at": 1711471533, "name": "My Service Account", "object": "organization.user", "role": "owner", "type": "user" }, "redacted_value": "sk-admin...def", "value": "sk-admin-1234abcd" } ], "first_id": "key_abc", "has_more": false, "last_id": "key_xyz", "object": "list" } ``` ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys?after=key_abc&limit=20 \ -H "Authorization: Bearer $OPENAI_ADMIN_KEY" \ -H "Content-Type: application/json" ``` #### Response ```json { "object": "list", "data": [ { "object": "organization.admin_api_key", "id": "key_abc", "name": "Main Admin Key", "redacted_value": "sk-admin...def", "created_at": 1711471533, "last_used_at": 1711471534, "owner": { "type": "service_account", "object": "organization.service_account", "id": "sa_456", "name": "My Service Account", "created_at": 1711471533, "role": "member" } } ], "first_id": "key_abc", "last_id": "key_abc", "has_more": false } ``` ## Create admin API key **post** `/organization/admin_api_keys` Create an organization admin API key ### Body Parameters - `name: string` ### Returns - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $OPENAI_API_KEY" \ -d '{ "name": "New Admin Key" }' ``` #### Response ```json { "id": "key_abc", "created_at": 1711471533, "last_used_at": 1711471534, "name": "Administration Key", "object": "organization.admin_api_key", "owner": { "id": "sa_456", "created_at": 1711471533, "name": "My Service Account", "object": "organization.user", "role": "owner", "type": "user" }, "redacted_value": "sk-admin...def", "value": "sk-admin-1234abcd" } ``` ### Example ```http curl -X POST https://api.openai.com/v1/organization/admin_api_keys \ -H "Authorization: Bearer $OPENAI_ADMIN_KEY" \ -H "Content-Type: application/json" \ -d '{ "name": "New Admin Key" }' ``` #### Response ```json { "object": "organization.admin_api_key", "id": "key_xyz", "name": "New Admin Key", "redacted_value": "sk-admin...xyz", "created_at": 1711471533, "last_used_at": 1711471534, "owner": { "type": "user", "object": "organization.user", "id": "user_123", "name": "John Doe", "created_at": 1711471533, "role": "owner" }, "value": "sk-admin-1234abcd" } ``` ## Retrieve admin API key **get** `/organization/admin_api_keys/{key_id}` Retrieve a single organization API key ### Path Parameters - `key_id: string` The ID of the API key. ### Returns - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys/$KEY_ID \ -H "Authorization: Bearer $OPENAI_API_KEY" ``` #### Response ```json { "id": "key_abc", "created_at": 1711471533, "last_used_at": 1711471534, "name": "Administration Key", "object": "organization.admin_api_key", "owner": { "id": "sa_456", "created_at": 1711471533, "name": "My Service Account", "object": "organization.user", "role": "owner", "type": "user" }, "redacted_value": "sk-admin...def", "value": "sk-admin-1234abcd" } ``` ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys/key_abc \ -H "Authorization: Bearer $OPENAI_ADMIN_KEY" \ -H "Content-Type: application/json" ``` #### Response ```json { "object": "organization.admin_api_key", "id": "key_abc", "name": "Main Admin Key", "redacted_value": "sk-admin...xyz", "created_at": 1711471533, "last_used_at": 1711471534, "owner": { "type": "user", "object": "organization.user", "id": "user_123", "name": "John Doe", "created_at": 1711471533, "role": "owner" } } ``` ## Delete admin API key **delete** `/organization/admin_api_keys/{key_id}` Delete an organization admin API key ### Path Parameters - `key_id: string` The ID of the API key to be deleted. ### Returns - `id: optional string` - `deleted: optional boolean` - `object: optional string` ### Example ```http curl https://api.openai.com/v1/organization/admin_api_keys/$KEY_ID \ -X DELETE \ -H "Authorization: Bearer $OPENAI_API_KEY" ``` #### Response ```json { "id": "key_abc", "deleted": true, "object": "organization.admin_api_key.deleted" } ``` ### Example ```http curl -X DELETE https://api.openai.com/v1/organization/admin_api_keys/key_abc \ -H "Authorization: Bearer $OPENAI_ADMIN_KEY" \ -H "Content-Type: application/json" ``` #### Response ```json { "id": "key_abc", "object": "organization.admin_api_key.deleted", "deleted": true } ``` ## Domain Types ### Admin API Key List Response - `AdminAPIKeyListResponse object { id, created_at, last_used_at, 5 more }` Represents an individual Admin API key in an org. - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. ### Admin API Key Create Response - `AdminAPIKeyCreateResponse object { id, created_at, last_used_at, 5 more }` Represents an individual Admin API key in an org. - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. ### Admin API Key Retrieve Response - `AdminAPIKeyRetrieveResponse object { id, created_at, last_used_at, 5 more }` Represents an individual Admin API key in an org. - `id: string` The identifier, which can be referenced in API endpoints - `created_at: number` The Unix timestamp (in seconds) of when the API key was created - `last_used_at: number` The Unix timestamp (in seconds) of when the API key was last used - `name: string` The name of the API key - `object: string` The object type, which is always `organization.admin_api_key` - `owner: object { id, created_at, name, 3 more }` - `id: optional string` The identifier, which can be referenced in API endpoints - `created_at: optional number` The Unix timestamp (in seconds) of when the user was created - `name: optional string` The name of the user - `object: optional string` The object type, which is always organization.user - `role: optional string` Always `owner` - `type: optional string` Always `user` - `redacted_value: string` The redacted value of the API key - `value: optional string` The value of the API key. Only shown on create. ### Admin API Key Delete Response - `AdminAPIKeyDeleteResponse object { id, deleted, object }` - `id: optional string` - `deleted: optional boolean` - `object: optional string`