Validate API Key
POST
/v1/api-keys/validateValidate an API key and retrieve its metadata.
About API Key Validation
This endpoint allows you to verify if an API key is valid and retrieve information about it, including its scopes, metadata, and expiration date. This is useful for checking key validity before making API calls or for debugging authentication issues.
Use Cases:
- Verify API key validity before making requests
- Check key permissions and scopes
- Retrieve key metadata and expiration information
- Debug authentication issues
Request History
Log in to see full request history
| TIME | STATUS | USER AGENT |
|---|---|---|
| Make a request to see history. | ||
0 Requests This Month
Headers
This endpoint requires the API key to be validated in the request headers. No request body is needed.
| Header | Type | Description |
|---|---|---|
| x-api-key | string required | The API key you want to validate. This should be the key you want to check for validity, scopes, and metadata. |
| Content-Type | string optional | Content type of the request. Recommended: application/json |
Request Example
shell
curl -X POST https://api.konpro.ai/v1/api-keys/validate \
-H "x-api-key: <your-api-key-to-validate>" \
-H "Content-Type: application/json"Response
| Field | Type | Description |
|---|---|---|
| valid | boolean | Whether the API key is valid (true) or invalid (false) |
| key_id | string | Unique identifier for the API key (e.g., key-001) |
| scopes | array | Array of permission scopes granted to the API key (e.g., ["read", "write"]) |
| metadata | object | Additional metadata associated with the API key (e.g., environment, project name) |
| expires_at | string | ISO 8601 timestamp of when the API key expires. If null, the key does not expire. |
Sample Successful Response
json
{
"valid": true,
"key_id": "key-001",
"scopes": ["read", "write"],
"metadata": {
"env": "production",
"project": "customer-support"
},
"expires_at": "2024-12-31T23:59:59Z"
}Notes
- This endpoint requires the API key to be validated in the
x-api-keyheader. - No request body is required - the API key is provided in the header.
- The
validfield indicates whether the API key is currently valid and active. - The
scopesarray shows what permissions the key has (e.g.,read,write). - The
metadataobject contains custom information associated with the key, such as environment or project identifiers. - If
expires_atisnull, the API key does not have an expiration date. - This endpoint is useful for verifying API key validity before making other API calls, or for debugging authentication issues.
- For error descriptions, see Error Responses.