API keys¶
API keys let a script or integration call the AzScraper API without logging in with a password. Each key is scoped to one project and carries that project's organization access. Manage keys in the dashboard under a project's API keys tab, or via the API routes below.
Treat keys like passwords
A key's secret is shown once at creation. Store it in a secret manager or env var. Anyone with the key can spend your credits. Revoke leaked keys immediately.
Using a key¶
Send the key as a Bearer token, exactly like a JWT access token:
curl -sS "https://api.azscraper.com/projects/$PROJECT_ID/jobs" \
-H "Authorization: Bearer $AZSCRAPER_API_KEY"
A key authenticates as the user who created it, but is locked to the key's project.
Manage keys¶
Replace https://api.azscraper.com with your deployment's base URL if self-hosting.
All routes require a logged-in JWT (you manage keys from the dashboard session, not with
another key).
List keys¶
GET /private/projects/{projectId}/api-keys
{
"data": [
{
"id": "67e0...",
"name": "ci-pipeline",
"keyHint": "a1b2",
"createdAt": "2026-06-01T09:00:00.000Z",
"lastUsedAt": "2026-06-01T10:00:00.000Z"
}
]
}
keyHint is the last 4 characters of the key, safe to display. The full key is never
returned again after creation.
Create a key¶
POST /private/projects/{projectId}/api-keys — Body: { "name": "ci-pipeline" }
curl -sS -X POST "$API_BASE/private/projects/$PROJECT_ID/api-keys" \
-H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"name":"ci-pipeline"}'
{
"data": {
"id": "67e0...",
"name": "ci-pipeline",
"key": "<full-key-shown-once>",
"createdAt": "2026-06-01T09:00:00.000Z"
}
}
The key field is returned only on this response. Copy it now — it cannot be
retrieved again.
Rename a key¶
PATCH /private/projects/{projectId}/api-keys/{id} — Body: { "name": "new-name" } → { "success": true }
Revoke a key¶
DELETE /private/projects/{projectId}/api-keys/{id} → { "success": true }
Revoked keys stop working immediately.
Related¶
- Authentication — JWT login, Bearer tokens, error envelope
- Get data — the endpoints you call with a key
- Rate limits & concurrency — credit spend per job