Skip to main content
Manage your API keys programmatically. API keys allow you to authenticate requests to the G-Tateth API.
These endpoints require JWT authentication (user login), not API key authentication.

List API Keys

environment
string
Filter by environment: production or staging
isActive
boolean
Filter by active status: true or false
page
integer
Page number (default: 1)
limit
integer
Items per page (default: 20)
success
boolean
true
data.keys
array
Array of API key objects
data.total
number
Total number of API keys
data.page
number
Current page number
data.limit
number
Items per page
data.totalPages
number
Total number of pages

Create API Key

name
body
required
Name for the API key (e.g., “Production API Key”)
environment
body
Environment: production or staging (default: production)
permissions
body
required
Array of permission strings (e.g., ["read:conversations", "write:customers"])
expiresAt
body
Expiration date (ISO 8601 format)
rotationPolicy
body
Automatic rotation policy:
{
  "enabled": true,
  "intervalDays": 90,
  "notifyDaysBefore": 7
}
rateLimit
body
Per-key rate limit override:
{
  "requests": 1000,
  "window": "1h"
}
ipWhitelist
body
Array of allowed IP addresses
success
boolean
true
data.key
string
The full API key (only shown once!)
data.keyPrefix
string
First 8 characters for display
Save the API key immediately - it will not be shown again after this response!

Get API Key

id
string
required
API key ID

Update API Key

id
string
required
API key ID
name
body
New name for the API key
permissions
body
Updated permissions array
isActive
body
Activate or deactivate the key

Revoke API Key

id
string
required
API key ID

Delete API Key

id
string
required
API key ID
This action cannot be undone!

Get API Key Usage

id
string
required
API key ID
month
string
Month in YYYY-MM format (default: current month)
success
boolean
true
data.totalRequests
number
Total requests in the month
data.requestsByEndpoint
object
Requests broken down by endpoint
data.requestsByMethod
object
Requests broken down by HTTP method