Skip to main content
POST
/
auth
/
provider_keys
Save Provider Key
curl --request POST \
  --url https://api.example.com/auth/provider_keys

Save Provider Key

Securely store an AI provider API key in the Shinzo Platform. Keys are encrypted at rest and can be used with the Spotlight model proxy.

Endpoint

POST /auth/provider_keys

Authentication

Requires JWT token authentication.

Request Body

FieldTypeRequiredDescription
providerstringYesProvider name (anthropic)
provider_api_keystringYesThe API key to store
provider_base_urlstringNoCustom base URL (for proxies or self-hosted)
labelstringNoOptional label to identify this key

Example Request

curl -X POST https://api.app.shinzo.ai/auth/provider_keys \
  -H "Authorization: Bearer <jwt_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "provider": "anthropic",
    "provider_api_key": "sk-ant-api03-...",
    "label": "Production Key"
  }'

Response

{
  "uuid": "pk_abc123def456",
  "provider": "anthropic",
  "label": "Production Key",
  "status": "active",
  "created_at": "2025-01-15T10:00:00Z"
}

Response Fields

FieldTypeDescription
uuidstringUnique identifier for the stored key
providerstringProvider name
labelstringUser-provided label (if set)
statusstringKey status (active)
created_atstringCreation timestamp (ISO 8601)

Status Codes

CodeDescription
201Key saved successfully
400Invalid request (missing fields, unsupported provider)
401Invalid or missing JWT token

Security Notes

  • API keys are encrypted before storage using industry-standard encryption
  • Original key values cannot be retrieved after storage
  • Keys can be updated or deleted but not viewed