> ## Documentation Index > Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt > Use this file to discover all available pages before exploring further. # Update API key > Updates the scopes of an existing API key. ## OpenAPI ````yaml /products/guardian/openapi.yaml patch /api/admin/api-keys/{id} openapi: 3.1.0 info: title: Guardian API version: '1.0' contact: name: Starfish GmbH & Co. KG email: hello@starfish.team url: https://hellgate.io/cpa/guardian license: name: Hellgate API Terms url: https://hellgate.io/terms-and-conditions servers: - url: https://{cluster_id}.on-hellgate.cloud description: Guardian service instance variables: cluster_id: default: my-cluster-id description: | Guardian is a service of the Hellgate Cloud Platform. The unique cluster-id is used to connect to your instance. security: [] tags: - name: pci description: Management of card payment credentials under the ruling of PCI DSS. - name: network description: Management of network tokens and cryptograms for secure transactions. - name: generic description: Management of generic tokens and their schemas for various use cases. - name: metadata description: Inquiries for card metadata based on PAN, PCI tokens, or network tokens. - name: apikey description: Management of API keys for service access. - name: webhook description: Management of webhooks for event notifications. - name: types description: Management of types for generic token schemas. paths: /api/admin/api-keys/{id}: patch: tags: - apikey summary: Update API key description: Updates the scopes of an existing API key. operationId: admin_api_key_update parameters: - name: id in: path required: true description: The unique identifier of the API key. schema: type: string format: uuid requestBody: content: application/json: schema: $ref: '#/components/schemas/api_key_update_request' responses: '200': description: Success response content: application/json: schema: $ref: '#/components/schemas/api_key' '401': $ref: '#/components/responses/401_UnauthorizedError' '403': $ref: '#/components/responses/403_ForbiddenError' '404': $ref: '#/components/responses/404_NotFoundError' '422': $ref: '#/components/responses/422_ValidationError' security: - APIKey: [] - AdminToken: [] components: schemas: api_key_update_request: type: object properties: scopes: $ref: '#/components/schemas/scopes' required: - scopes example: scopes: - admin:api-keys:create - admin:api-keys:update api_key: type: object properties: id: type: string created_at: type: string format: date-time expires_at: type: string format: date-time masked_key_value: type: string scopes: $ref: '#/components/schemas/scopes' required: - id - created_at - masked_key_value - scopes example: id: 123e4567-e89b-12d3-a456-426614174000 created_at: '2023-10-01T12:00:00Z' masked_key_value: key_123xxxx scopes: - admin:api-keys:create - admin:api-keys:update scopes: type: array description: A list of scopes that the API key will have access to. minItems: 1 items: type: string enum: - pci:tokens:create - pci:tokens:read - pci:tokens:update - pci:tokens:delete - pci:tokens:forward - generic:tokens:create - generic:tokens:read - generic:tokens:delete - network:tokens:create - network:tokens:read - network:tokens:delete - network:tokens:use - network:tokens:forward - metadata:inquiries:create - admin:api-keys:create - admin:api-keys:read - admin:api-keys:update - admin:api-keys:delete - admin:webhooks:create - admin:webhooks:read - admin:webhooks:delete - admin:types:create - admin:types:read - admin:types:delete - admin:imports:create - admin:imports:read - admin:imports:cancel ErrorGeneric: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' ErrorValidation: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' validation_errors: type: array items: type: object properties: path: type: string description: Json-path in the request which points to the validation error message: type: string description: Human readable validation message ErrorStatusCode: type: integer description: The corresponding HTTP status code for the error ErrorClassifier: type: string description: Technical code that helps to identify the error ErrorMessage: type: string description: Human readable representation of the error responses: 401_UnauthorizedError: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 401 message: No valid means of authentication was provided classifier: UNAUTHORIZED 403_ForbiddenError: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 403 message: Not allowed to access this resource or feature classifier: FORBIDDEN 404_NotFoundError: description: Not found content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 404 message: The requested resource was not found. classifier: NOT_FOUND 422_ValidationError: description: Validation error content: application/json: schema: $ref: '#/components/schemas/ErrorValidation' example: code: 422 classifier: VALIDATION_ERROR message: Validation error validation_errors: - path: json-path message: human readable error message securitySchemes: APIKey: type: apiKey name: x-api-key in: header AdminToken: type: apiKey name: x-admin-token in: header ````