API Keys

API keys allow external systems to call the ApiMeld API without going through the JWT login flow. Useful for CI/CD pipelines, scripts on other servers, and integrations.

Creating an API key

1. Click your avatar in the top right → API Keys
2. Click New API Key
3. Give it a descriptive name (e.g. "GitHub Actions", "Monitoring Script")
4. Copy the key — it is shown only once and starts with msk_

Store the key securely. It cannot be retrieved again — if lost, delete it and create a new one.

Using an API key

Pass the key in the Authorization header:

curl -H "Authorization: Bearer msk_your_key_here" \
  https://tasks.example.com/api/tasks

API keys use the same endpoints as regular users. The key inherits the permissions of the user who created it.

Triggering a task via API

# Run a task immediately
curl -X POST \
  -H "Authorization: Bearer msk_your_key_here" \
  https://tasks.example.com/api/tasks/{taskId}/run

Restrictions

API keys cannot be used for:

• Admin configuration changes (/api/admin/config)
• Creating or revoking other API keys

These operations require a JWT (interactive login) to prevent automated key escalation.

Revoking an API key

Go to API Keys and click Revoke next to the key. It stops working immediately.