Create Key

​

Endpoint

POST /apiops/projects/{projectName}/keys/

​

Authentication

​

Header

Authorization: Bearer YOUR_TOKEN

​

Request

​

Headers

​

Path Parameters

​

Request Body

{
  "name": "my-key",
  "description": "Key for API encryption",
  "keyType": "PRIVATE_KEY",
  "cryptoKeyInfoEnvironmentList": [
    {
      "environmentName": "production",
      "content": "base64-encoded-key-content",
      "alias": "my-key-alias"
    }
  ]
}

​

Request Body Fields

​

Key Environment Object

​

Notes

• Request Format: This API uses application/json content type. Unlike the Certificate API, files are not uploaded via multipart/form-data. Instead, key content must be base64-encoded and included in the JSON body.
• name must be unique within the project
• Key is automatically deployed to all specified environments after creation
• Key material must be provided as base64-encoded content in the content field
• environmentName is used to identify the environment (not environmentId)
• To encode a key file to base64, you can use command-line tools like base64 (Linux/Mac) or certutil -encode (Windows), or any base64 encoding library in your programming language

​

Response

​

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "message": "Deployment completed successfully",
    "environmentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployed successfully"
      }
    ]
  }
}

​

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "Key (name: my-key) is already exist! Try update operation if want to change its value."
}

​

cURL Example

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/keys/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-key",
    "description": "Key for API encryption",
    "keyType": "PRIVATE_KEY",
    "cryptoKeyInfoEnvironmentList": [
      {
        "environmentName": "production",
        "content": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0t...",
        "alias": "my-key-alias"
      }
    ]
  }'

​

Example 2: Create Key with Multiple Environments

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/keys/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-key",
    "description": "Key for API encryption",
    "keyType": "SECRET_KEY",
    "cryptoKeyInfoEnvironmentList": [
      {
        "environmentName": "production",
        "content": "base64-encoded-key-content",
        "alias": "prod-key-alias"
      },
      {
        "environmentName": "staging",
        "content": "base64-encoded-key-content",
        "alias": "staging-key-alias"
      }
    ]
  }'

​

Notes and Warnings

• Key Name:
  • Must be unique within the project
  • Cannot be changed after creation
• Key Type:
  • SECRET_KEY: Symmetric key (AES, DES, DESede)
  • PRIVATE_KEY: Asymmetric private key (RSA)
  • PUBLIC_KEY: Asymmetric public key (RSA)
• Environment Name:
  • Use environmentName (not environmentId) to specify the environment
  • Environment name must exist and be accessible
• Key Content:
  • Must be base64-encoded and included in the JSON body (not uploaded as a file)
  • For private/public keys, include the full key material (PEM format)
  • Example: Read your key file and encode it to base64: base64 -i private-key.pem (Linux/Mac) or certutil -encode private-key.pem temp.txt && type temp.txt (Windows)
  • Content is encrypted before storage
  • Note: This API uses JSON body format. If you need to upload a file directly, consider using the Certificate API which supports multipart/form-data
• Automatic Deployment:
  • Key is automatically deployed to all specified environments after creation
  • Deployment results are returned in the response

​

Permissions

​

Related Documentation

• List Keys - List all keys
• Update Key - Update a key