0block docs
Dashboard & API Keys

API Keys

List, create, and revoke the API keys used to submit transactions.

Beta — rolling out now. The dashboard and its control-plane API are in active rollout. The contract documented here is stable, but availability may vary by deployment.

All routes are under /api/v1 and require Authorization: Bearer <token>. API keys authenticate transaction submissions — see Authentication for the format and usage.

GET /keys

List your keys, newest first.

Response — 200 OK

{
  "keys": [
    {
      "id": "…",
      "name": "prod",
      "prefix": "0b_ab12cd34",
      "created_at": "2026-07-05T18:00:00Z",
      "last_used_at": "2026-07-05T18:22:31Z",
      "revoked_at": null
    }
  ]
}
  • prefix is the 0b_ + 8-character display prefix (11 characters). The full key is never returned here.
  • last_used_at is null until the key authenticates its first submission.
  • revoked_at is null for active keys, or the revocation timestamp.

POST /keys

Create a key. The full secret is returned once in this response and never again.

Request

{ "name": "prod" }

Response — 201 Created

{
  "id": "…",
  "name": "prod",
  "prefix": "0b_ab12cd34",
  "key": "0b_ab12cd34XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

Copy key now. Only a hash is stored server-side, so it cannot be shown again — if you lose it, revoke the key and create a new one.

Errors

StatusCodeWhen
400invalid_nameName is missing or invalid.
409key_limitYou already have the maximum of 10 active keys.

DELETE /keys/{id}

Revoke a key. Revocation is immediate and idempotent.

Response — 204 No Content (empty body)

Errors

StatusCodeWhen
404not_foundNo key with that id is owned by your account.