> ## Documentation Index > Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt > Use this file to discover all available pages before exploring further. # Create API key > Creates a new API key with the specified scopes and expiry defined via `expires_in` (seconds). ## OpenAPI ````yaml /products/guardian/openapi.yaml post /api/admin/api-keys openapi: 3.1.0 info: title: Guardian API version: '1.0' contact: name: Starfish GmbH & Co. KG email: hello@starfish.team url: https://hellgate.io/cpa/guardian license: name: Hellgate API Terms url: https://hellgate.io/terms-and-conditions servers: - url: https://{cluster_id}.on-hellgate.cloud description: Guardian service instance variables: cluster_id: default: my-cluster-id description: | Guardian is a service of the Hellgate Cloud Platform. The unique cluster-id is used to connect to your instance. security: [] tags: - name: pci description: Management of card payment credentials under the ruling of PCI DSS. - name: network description: Management of network tokens and cryptograms for secure transactions. - name: generic description: Management of generic tokens and their schemas for various use cases. - name: metadata description: Inquiries for card metadata based on PAN, PCI tokens, or network tokens. - name: apikey description: Management of API keys for service access. - name: webhook description: Management of webhooks for event notifications. - name: types description: Management of types for generic token schemas. paths: /api/admin/api-keys: post: tags: - apikey summary: Create API key description: > Creates a new API key with the specified scopes and expiry defined via `expires_in` (seconds). operationId: admin_api_key_create requestBody: content: application/json: schema: $ref: '#/components/schemas/api_key_create_request' responses: '200': description: Success response content: application/json: schema: $ref: '#/components/schemas/api_key_create_response' '401': $ref: '#/components/responses/401_UnauthorizedError' '403': $ref: '#/components/responses/403_ForbiddenError' '422': $ref: '#/components/responses/422_ValidationError' security: - APIKey: [] - AdminToken: [] components: schemas: api_key_create_request: type: object properties: expires_in: type: integer minimum: 1 maximum: 7776000 description: | How many seconds after creation the API key expires automatically. scopes: $ref: '#/components/schemas/scopes' required: - scopes example: expires_in: 3600 scopes: - admin:api-keys:create - admin:api-keys:update api_key_create_response: type: object properties: id: type: string format: uuid created_at: type: string format: date-time expires_at: type: string format: date-time key_value: type: string description: >- The generated API key value. It will only be returned once with this response. scopes: $ref: '#/components/schemas/scopes' required: - id - created_at - key_value - scopes example: id: 123e4567-e89b-12d3-a456-426614174000 created_at: '2023-10-01T10:00:00Z' expires_at: '2023-10-01T11:00:00Z' key_value: key_1234567890ABCDEF scopes: - admin:api-keys:create - admin:api-keys:update scopes: type: array description: A list of scopes that the API key will have access to. minItems: 1 items: type: string enum: - pci:tokens:create - pci:tokens:read - pci:tokens:update - pci:tokens:delete - pci:tokens:forward - generic:tokens:create - generic:tokens:read - generic:tokens:delete - network:tokens:create - network:tokens:read - network:tokens:delete - network:tokens:use - network:tokens:forward - metadata:inquiries:create - admin:api-keys:create - admin:api-keys:read - admin:api-keys:update - admin:api-keys:delete - admin:webhooks:create - admin:webhooks:read - admin:webhooks:delete - admin:types:create - admin:types:read - admin:types:delete - admin:imports:create - admin:imports:read - admin:imports:cancel ErrorGeneric: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' ErrorValidation: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' validation_errors: type: array items: type: object properties: path: type: string description: Json-path in the request which points to the validation error message: type: string description: Human readable validation message ErrorStatusCode: type: integer description: The corresponding HTTP status code for the error ErrorClassifier: type: string description: Technical code that helps to identify the error ErrorMessage: type: string description: Human readable representation of the error responses: 401_UnauthorizedError: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 401 message: No valid means of authentication was provided classifier: UNAUTHORIZED 403_ForbiddenError: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 403 message: Not allowed to access this resource or feature classifier: FORBIDDEN 422_ValidationError: description: Validation error content: application/json: schema: $ref: '#/components/schemas/ErrorValidation' example: code: 422 classifier: VALIDATION_ERROR message: Validation error validation_errors: - path: json-path message: human readable error message securitySchemes: APIKey: type: apiKey name: x-api-key in: header AdminToken: type: apiKey name: x-admin-token in: header ````