> ## Documentation Index
> Fetch the complete documentation index at: https://docs.moritosh.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create an API key

> The full secret value is returned only once, in this response. Store it securely; Pulsewave cannot show it to you again.



## OpenAPI

````yaml POST /api-keys
openapi: 3.1.0
info:
  title: Pulsewave API
  description: >-
    Pulsewave is a messaging platform for sending transactional and marketing
    email, SMS, and push notifications. This specification documents every
    resource and operation exposed by the Pulsewave API.
  version: '2024-06-01'
  license:
    name: MIT
  contact:
    name: Pulsewave Developer Support
    url: https://pulsewave.dev/support
    email: developers@pulsewave.dev
servers:
  - url: https://api.pulsewave.dev/v1
    description: Production
  - url: https://api.sandbox.pulsewave.dev/v1
    description: Sandbox (test keys only)
security:
  - bearerAuth: []
tags:
  - name: Messages
    description: Send and inspect individual messages
  - name: Templates
    description: Reusable, versioned content for messages
  - name: Contacts
    description: People you send messages to
  - name: Lists
    description: Named groups of contacts
  - name: Domains
    description: Sending domains and their verification status
  - name: API Keys
    description: Credentials used to authenticate requests
  - name: Webhook Endpoints
    description: URLs that receive event notifications
  - name: Events
    description: Read-only log of everything that happened to a message
paths:
  /api-keys:
    post:
      tags:
        - API Keys
      summary: Create an API key
      description: >-
        The full secret value is returned only once, in this response. Store it
        securely; Pulsewave cannot show it to you again.
      operationId: createApiKey
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - name
              properties:
                name:
                  type: string
                  example: Production backend
                mode:
                  $ref: '#/components/schemas/ApiKeyMode'
                scopes:
                  type: array
                  items:
                    type: string
                  description: >-
                    Permissions granted to this key. Defaults to
                    `["messages:write", "messages:read"]`.
                  example:
                    - messages:write
                    - messages:read
      responses:
        '201':
          description: The created API key, including its one-time secret
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiKeyCreated'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
components:
  schemas:
    ApiKeyMode:
      type: string
      enum:
        - live
        - test
      description: >-
        Test keys can only send to verified test addresses and never incur
        charges
    ApiKeyCreated:
      allOf:
        - $ref: '#/components/schemas/ApiKey'
        - type: object
          properties:
            secret:
              type: string
              description: The full secret key. Only returned once.
              example: pw_live_8f2k9q3m1n7r5t6y4u2i0o8p
    ApiKey:
      type: object
      properties:
        id:
          type: string
          example: key_4m8n2q
        object:
          type: string
          enum:
            - api_key
        name:
          type: string
        mode:
          $ref: '#/components/schemas/ApiKeyMode'
        scopes:
          type: array
          items:
            type: string
        last_used_at:
          type: string
          format: date-time
          nullable: true
        created_at:
          type: string
          format: date-time
    Error:
      type: object
      properties:
        error:
          type: object
          properties:
            type:
              type: string
              enum:
                - invalid_request
                - authentication_error
                - not_found
                - validation_error
                - rate_limit_error
                - api_error
            code:
              type: string
              example: missing_required_field
            message:
              type: string
              example: The 'to' field is required for channel 'email'
            param:
              type: string
              nullable: true
              example: to
  responses:
    Unauthorized:
      description: Missing or invalid API key
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    ValidationError:
      description: The request body failed validation
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        All requests must include `Authorization: Bearer <api_key>`. Keys are
        prefixed `pw_live_` or `pw_test_`. See
        [Authentication](/authentication).

````