Skip to main content
POST
/
api_keys
Create API key
curl --request POST \
  --url https://api.partoo.co/v2/api_keys \
  --header 'Content-Type: application/json' \
  --header 'x-APIKey: <api-key>' \
  --data '
{
  "label": "API key name",
  "description": "API key for updating business name, and categories.",
  "expiration_date": "2022-06-05",
  "ip_whitelist": [
    "172.16.0.0/12",
    "127.0.0.1"
  ],
  "has_restricted_permissions": true,
  "permissions": [
    "business_edit",
    "business_edit_name",
    "business_edit_categories"
  ]
}
'
{
  "id": 3245,
  "label": "API key name",
  "description": "API key for updating business name, and categories.",
  "user_id": "5309c3a237bbc544d8e26737",
  "user_name": "Perceval de Galles",
  "user_role": "BUSINESS_MANAGER",
  "user_type": "user",
  "disabled": false,
  "expiration_date": "2022-06-05",
  "last_used_at": "2019-08-22 11:46:38.914467+00",
  "created_by": "5309c3a237bbc544d8e26737",
  "created_by_name": "John Smith",
  "created_at": "2018-03-12 11:49:03.399475+00",
  "revoked_by": "5309c3a237bbc544d8e26737",
  "revoked_by_name": "John Smith",
  "revoked_at": "2020-10-20 11:46:38.914467+00",
  "ip_whitelist": [
    "172.16.0.0/12",
    "127.0.0.1"
  ],
  "has_restricted_permissions": true,
  "permissions": [
    "business_edit",
    "business_edit_name",
    "business_edit_categories"
  ]
}

Authorizations

x-APIKey
string
header
required

The authentication system on Partoo API is using API Key that should be put in the header of the request (the name of the header is x-APIKey). An api_key is linked to a user. This user's role will give you different access level to the API features.

Body

application/json

Request body schema for creating or updating an API key

label
string

Name given to recognize the Api key

Example:

"API key name"

description
string

Description of the API key

Example:

"API key for updating business name, and categories."

expiration_date
string

Must be at least the day after today. If you want it to expire today you must revoke it. You can set it to null.

Pattern: yyyy-mm-dd
Example:

"2022-06-05"

ip_whitelist
string[]

List of IP or CIDR network notations to which API Key calls are restricted.

Empty list means no restriction.

Example:
["172.16.0.0/12", "127.0.0.1"]
has_restricted_permissions
boolean
default:false

Whether or not the API key has customized permissions. If false, it has the same permissions as the user who created the key.

⚠️ Required if the permissions parameter is provided. ⚠️

Example:

true

permissions
string[]

List of permission names to assign to the API Key.

⚠️ Required if the has_restricted_permissions parameter is provided. ⚠️

Example:
[
  "business_edit",
  "business_edit_name",
  "business_edit_categories"
]

Response

Created

Base API Key object with common properties

id
integer
Example:

3245

label
string

Name given to recognize the Api key

Example:

"API key name"

description
string

Description of the API key

Example:

"API key for updating business name, and categories."

user_id
string

User id

Example:

"5309c3a237bbc544d8e26737"

user_name
string

User first name and last name concatenated. Can be null if it's your org integration api key.

Example:

"Perceval de Galles"

user_role
enum<string>

User role in the application

Available options:
PROVIDER,
ORG_ADMIN,
ORG_MANAGER,
GROUP_MANAGER,
BUSINESS_MANAGER,
PUBLISHER
Example:

"BUSINESS_MANAGER"

user_type
enum<string>

Whether the API key belongs to a bot user (created automatically for integrations) or a regular human user.

Available options:
bot,
user
Example:

"user"

disabled
boolean

Is true if someone revoked the key.

Example:

false

expiration_date
string

Must be at least the day after today. If you want it to expire today you must revoke it. You can set it to null.

Pattern: yyyy-mm-dd
Example:

"2022-06-05"

last_used_at
string
Pattern: date
Example:

"2019-08-22 11:46:38.914467+00"

created_by
string

User id

Example:

"5309c3a237bbc544d8e26737"

created_by_name
string

First name and last name concatenated of the user that created the key

Example:

"John Smith"

created_at
string
Pattern: date
Example:

"2018-03-12 11:49:03.399475+00"

revoked_by
string

User id

Example:

"5309c3a237bbc544d8e26737"

revoked_by_name
string

First name and last name concatenated of the user that revoked the key

Example:

"John Smith"

revoked_at
string
Pattern: date
Example:

"2020-10-20 11:46:38.914467+00"

ip_whitelist
string[]

List of IP or CIDR network notations to which API Key calls are restricted.

Empty list means no restriction.

Example:
["172.16.0.0/12", "127.0.0.1"]
has_restricted_permissions
boolean

Whether or not the API key has customized permissions. If false, it has the same permissions as the user who created the key.

Example:

true

permissions
string[]

List of permission names linked to the API Key.

Example:
[
  "business_edit",
  "business_edit_name",
  "business_edit_categories"
]