Management API Keys
Programmatically manage API keys for automation and governance
TheRouter.ai provides management endpoints for key lifecycle operations. This is useful for SaaS provisioning, automated rotation policies, and usage controls by customer or environment.
Create a management key
- Open the TheRouter.ai dashboard management keys settings page.
- Create a new Management API key.
- Store it in your secure secret manager.
Scope boundary
Management keys are for administration only and should not be used for normal completion traffic.
CRUD examples
TypeScript (fetch)
const MANAGEMENT_API_KEY = "<MANAGEMENT_KEY>";
const BASE_URL = "https://api.therouter.ai/v1/keys";
// List keys
await fetch(BASE_URL, {
headers: { Authorization: "Bearer " + MANAGEMENT_API_KEY },
});
// Create key
await fetch(BASE_URL, {
method: "POST",
headers: {
Authorization: "Bearer " + MANAGEMENT_API_KEY,
"Content-Type": "application/json",
},
body: JSON.stringify({
name: "Customer Instance Key",
limit: 1000,
}),
});
// Update key
await fetch(BASE_URL + "/<KEY_HASH>", {
method: "PATCH",
headers: {
Authorization: "Bearer " + MANAGEMENT_API_KEY,
"Content-Type": "application/json",
},
body: JSON.stringify({
disabled: true,
limit_reset: "daily",
include_byok_in_limit: false,
}),
});
// Delete key
await fetch(BASE_URL + "/<KEY_HASH>", {
method: "DELETE",
headers: { Authorization: "Bearer " + MANAGEMENT_API_KEY },
});Scopes and policy controls
- Set per-key limits and reset cadence (daily, weekly, monthly).
- Disable compromised keys without rotating every consumer.
- Decide whether BYOK usage counts toward key-level limits.
Response shape
keys-response.json
{
"data": [
{
"hash": "<KEY_HASH>",
"label": "sk-or-v1-abc...123",
"name": "Customer Key",
"disabled": false,
"limit": 10,
"limit_remaining": 10,
"limit_reset": "daily",
"include_byok_in_limit": false,
"usage": 0
}
]
}