Platform API Keys
Platform API keys provide programmatic access to the Shinzo Platform APIs, including AI agent management and Spotlight analytics. They’re designed for server-to-server communication, CI/CD pipelines, and automated workflows.
Create a new platform API key.
Endpoint
Authentication
Requires JWT token authentication.
Request Body
| Field | Type | Required | Description |
|---|
name | string | Yes | A descriptive name for the API key |
Example Request
curl -X POST https://api.app.shinzo.ai/auth/platform_keys \
-H "Authorization: Bearer <jwt_token>" \
-H "Content-Type: application/json" \
-d '{"name": "CI/CD Pipeline Key"}'
Response
{
"uuid": "key_abc123def456",
"key": "sk_shinzo_abc123def456ghi789...",
"name": "CI/CD Pipeline Key",
"created_at": "2025-01-15T10:00:00Z",
"status": "active"
}
The API key value is only displayed once at creation. Store it securely as it cannot be retrieved later.
Response Fields
| Field | Type | Description |
|---|
uuid | string | Unique identifier for the key |
key | string | The API key value (shown only once) |
name | string | Descriptive name |
created_at | string | Creation timestamp (ISO 8601) |
status | string | Key status (active) |
Retrieve all platform API keys associated with your account.
Endpoint
Authentication
Requires JWT token authentication.
Example Request
curl -X GET https://api.app.shinzo.ai/auth/platform_keys \
-H "Authorization: Bearer <jwt_token>"
Response
{
"keys": [
{
"uuid": "key_abc123def456",
"name": "CI/CD Pipeline Key",
"prefix": "sk_shinzo_abc1...",
"created_at": "2025-01-15T10:00:00Z",
"last_used_at": "2025-01-20T14:30:00Z",
"status": "active"
},
{
"uuid": "key_xyz789uvw012",
"name": "Production Automation",
"prefix": "sk_shinzo_xyz7...",
"created_at": "2025-01-10T08:00:00Z",
"last_used_at": "2025-01-18T09:15:00Z",
"status": "active"
}
]
}
Full key values are not returned when listing. Only the prefix and metadata are shown.
Delete an existing platform API key. Deleted keys can no longer be used for authentication.
Endpoint
DELETE /auth/platform_keys/:keyUuid
Authentication
Requires JWT token authentication.
Path Parameters
| Parameter | Type | Required | Description |
|---|
keyUuid | string | Yes | The UUID of the key to delete |
Example Request
curl -X DELETE https://api.app.shinzo.ai/auth/platform_keys/key_abc123def456 \
-H "Authorization: Bearer <jwt_token>"
Response
{
"message": "API key deleted successfully",
"uuid": "key_abc123def456",
"deleted_at": "2025-01-20T16:00:00Z"
}
Status Codes
| Code | Description |
|---|
200 | Key deleted successfully |
401 | Invalid or missing JWT token |
404 | Key not found |
Platform API keys support multiple header formats:
# Using x-shinzo-api-key header (recommended)
curl -X GET https://api.app.shinzo.ai/agent/list \
-H "x-shinzo-api-key: sk_shinzo_abc123..."
# Using Authorization header
curl -X GET https://api.app.shinzo.ai/agent/list \
-H "Authorization: Bearer sk_shinzo_abc123..."
# Using x-api-key header
curl -X GET https://api.app.shinzo.ai/agent/list \
-H "x-api-key: sk_shinzo_abc123..."
sk_shinzo_*
Example: sk_shinzo_abc123def456ghi789jkl012mno345...
Supported Endpoints
Platform API keys can be used to authenticate requests to:
- Agent Management (
/agent/*) - Create, manage, and interact with AI agents
- Spotlight (
/spotlight/*) - Model proxy and session analytics
