Rybbit

GitHubrybbit-io/rybbit

12.3K676
DocumentationAPI Reference
API Keys

Update API Key

Update an existing API key's name, enabled state, or expiry.

POST /api/auth/api-key/update
This endpoint uses POST, not PUT or PATCH.

Updates mutable fields on an existing API key. The key is identified by its keyId.

This endpoint authenticates with your logged-in dashboard session, not an API key. Send your session cookie with the request.

Request Body

Prop

Type

Response

Returns the updated API key object (without the secret key value).

Prop

Type

Note: Additional fields may be present in the response object.

Request
curl -X POST "https://app.rybbit.io/api/auth/api-key/update" \
  -H "Cookie: better-auth.session_token=YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"keyId": "key_8f3a1b2c4d5e6f7g", "name": "CI pipeline (rotated)", "enabled": true}'
Request
const response = await fetch(
  'https://app.rybbit.io/api/auth/api-key/update',
  {
    method: 'POST',
    credentials: 'include',
    headers: {
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      keyId: 'key_8f3a1b2c4d5e6f7g',
      name: 'CI pipeline (rotated)',
      enabled: true
    })
  }
);

const data = await response.json();
Request
import requests

response = requests.post(
    'https://app.rybbit.io/api/auth/api-key/update',
    json={
        'keyId': 'key_8f3a1b2c4d5e6f7g',
        'name': 'CI pipeline (rotated)',
        'enabled': True
    },
    headers={
        'Cookie': 'better-auth.session_token=YOUR_SESSION_TOKEN'
    }
)

data = response.json()
Request
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://app.rybbit.io/api/auth/api-key/update");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
    'keyId' => 'key_8f3a1b2c4d5e6f7g',
    'name' => 'CI pipeline (rotated)',
    'enabled' => true
]));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Cookie: better-auth.session_token=YOUR_SESSION_TOKEN',
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
Request
require 'net/http'
require 'json'

uri = URI("https://app.rybbit.io/api/auth/api-key/update")
req = Net::HTTP::Post.new(uri)
req['Cookie'] = 'better-auth.session_token=YOUR_SESSION_TOKEN'
req['Content-Type'] = 'application/json'
req.body = {
  keyId: 'key_8f3a1b2c4d5e6f7g',
  name: 'CI pipeline (rotated)',
  enabled: true
}.to_json

res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(req) }
data = JSON.parse(res.body)
Request
body := bytes.NewBuffer([]byte(`{
  "keyId": "key_8f3a1b2c4d5e6f7g",
  "name": "CI pipeline (rotated)",
  "enabled": true
}`))
req, _ := http.NewRequest("POST", "https://app.rybbit.io/api/auth/api-key/update", body)
req.Header.Set("Cookie", "better-auth.session_token=YOUR_SESSION_TOKEN")
req.Header.Set("Content-Type", "application/json")

client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()

var data map[string]interface{}
json.NewDecoder(resp.Body).Decode(&data)
Request
let client = reqwest::Client::new();
let res = client
    .post("https://app.rybbit.io/api/auth/api-key/update")
    .header("Cookie", "better-auth.session_token=YOUR_SESSION_TOKEN")
    .json(&serde_json::json!({
        "keyId": "key_8f3a1b2c4d5e6f7g",
        "name": "CI pipeline (rotated)",
        "enabled": true
    }))
    .send()
    .await?;

let data: serde_json::Value = res.json().await?;
Request
HttpClient client = HttpClient.newHttpClient();
String json = "{\"keyId\": \"key_8f3a1b2c4d5e6f7g\", \"name\": \"CI pipeline (rotated)\", \"enabled\": true}";
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://app.rybbit.io/api/auth/api-key/update"))
    .header("Cookie", "better-auth.session_token=YOUR_SESSION_TOKEN")
    .header("Content-Type", "application/json")
    .POST(HttpRequest.BodyPublishers.ofString(json))
    .build();

HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
Request
using var client = new HttpClient();
client.DefaultRequestHeaders.Add("Cookie", "better-auth.session_token=YOUR_SESSION_TOKEN");

var content = new StringContent(
    "{\"keyId\": \"key_8f3a1b2c4d5e6f7g\", \"name\": \"CI pipeline (rotated)\", \"enabled\": true}",
    Encoding.UTF8,
    "application/json"
);

var response = await client.PostAsync("https://app.rybbit.io/api/auth/api-key/update", content);
var data = await response.Content.ReadAsStringAsync();
Response
{
  "id": "key_8f3a1b2c4d5e6f7g",
  "name": "CI pipeline (rotated)",
  "start": "rybbit_sk_live_xxxx",
  "prefix": "rybbit_sk_live_",
  "userId": "user_2a9b8c7d6e5f4g3h",
  "enabled": true,
  "expiresAt": "2026-07-25T12:00:00.000Z",
  "createdAt": "2026-06-25T12:00:00.000Z",
  "updatedAt": "2026-06-26T12:00:00.000Z",
  "rateLimitEnabled": true,
  "rateLimitMax": 200,
  "rateLimitTimeWindow": 60000
}

List API KeysGET

List the API keys for your account or organization.

Delete API KeyPOST

Revoke an API key by its id.