Skip to main content
POST
/
auth
/
provider_keys
Save Provider Key
curl --request POST \
  --url https://api.app.shinzo.ai/auth/provider_keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "provider": "<string>",
  "provider_api_key": "<string>",
  "provider_base_url": "<string>",
  "label": "<string>"
}
'

Save Provider Key

Securely store an AI provider API key in the Shinzo Platform. Keys are encrypted at rest and can be used with the Spotlight model proxy.

Authentication

Requires JWT token authentication.
provider
string
required
Provider name (anthropic)
provider_api_key
string
required
The API key to store
provider_base_url
string
Custom base URL (for proxies or self-hosted)
label
string
Optional label to identify this key

Example Request

curl -X POST https://api.app.shinzo.ai/auth/provider_keys \
  -H "Authorization: Bearer <jwt_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "provider": "anthropic",
    "provider_api_key": "sk-ant-api03-...",
    "label": "Production Key"
  }'

Response

{
  "uuid": "pk_abc123def456",
  "provider": "anthropic",
  "label": "Production Key",
  "status": "active",
  "created_at": "2025-01-15T10:00:00Z"
}

Response Fields

FieldTypeDescription
uuidstringUnique identifier for the stored key
providerstringProvider name
labelstringUser-provided label (if set)
statusstringKey status (active)
created_atstringCreation timestamp (ISO 8601)

Status Codes

CodeDescription
201Key saved successfully
400Invalid request (missing fields, unsupported provider)
401Invalid or missing JWT token

Security Notes

  • API keys are encrypted before storage using industry-standard encryption
  • Original key values cannot be retrieved after storage
  • Keys can be updated or deleted but not viewed