List API keys
GET /api/api-keys
Returns all API keys for the tenant. For security, the full key value is never included in list responses — only the key prefix is shown for identification. Keys that have expired are still listed but will be rejected if used.
Authorizations
Section titled “Authorizations ”Responses
Section titled “ Responses ”All API keys in the tenant, with metadata but without the key secret.
List of API keys for the tenant. The full key value is never included — only the prefix is shown for identification.
An API key grants programmatic access to the oHallo API. Keys are scoped by permission and can optionally be restricted to a specific brand or workspace. The full key is only returned once at creation time — store it securely.
object
Unique identifier for the API key.
Example
ak1a2b3c-5678-9abc-def0-1234567890abHuman-readable name for the key, used to identify its purpose in the dashboard.
Example
CRM Integration - ProductionThe first characters of the API key, shown for identification. The full key cannot be retrieved after creation.
Example
sf_live_v1_a3BfPermission scopes granted to this key. Each scope controls access to a specific set of endpoints. Common scopes: ‘conversations:read’, ‘conversations:write’, ‘kb:read’, ‘kb:write’, ‘contacts:read’, ‘contacts:write’.
Example
[ "conversations:read", "contacts:read", "kb:read"]If set, this key can only access resources within the specified brand. Null means unrestricted across all brands.
If set, this key can only access resources within the specified workspace. Null means unrestricted across all workspaces.
Timestamp of the most recent API call made with this key. Null if never used.
Example
2026-03-25T16:30:00.000ZTimestamp when the key expires. Null means the key does not expire. Expired keys are automatically rejected.
Example
2027-01-01T00:00:00.000ZTimestamp when the key was created.
Example
2026-03-01T10:00:00.000Z