> ## Documentation Index > Fetch the complete documentation index at: https://developers.partoo.co/llms.txt > Use this file to discover all available pages before exploring further. # Update API key > This endpoint lets you update an API key you have access to. For more details on how API keys work, and how to handle them securely, see the [Security and API Key Usage](/guides/api/resources/settings/security_and_api_key_usage) guide. ## OpenAPI ````yaml /assets/openapi/openapi-bundled.yaml put /api_keys/{key_id} openapi: 3.1.0 info: title: Partoo Rest API version: v2 license: name: © Copyright Partoo url: https://www.partoo.co/en/gtu-api/ x-logo: url: >- https://partoo-client-images.s3.amazonaws.com/logo-partoo-restapi-white.png description: > ## Introduction The Partoo Rest API allows you to automate all the actions that are possible to do in the Partoo Web Application. The Partoo Rest API can be used for many different purposes: - Create/update/delete your businesses & users if you are a client. - Create/subscribe/manage organizations, businesses & users if you are a reseller. - Retrieve data on businesses you have access to if you are a publisher. - ... servers: - url: https://api.partoo.co/v2 description: Production server - url: https://api.sandbox.partoo.co/v2 description: Sandbox server (dev environment for clients & partners) security: - ApiKeyAuth: [] paths: /api_keys/{key_id}: put: tags: - ApiKeys summary: Update API key description: >- This endpoint lets you update an API key you have access to. For more details on how API keys work, and how to handle them securely, see the [Security and API Key Usage](/guides/api/resources/settings/security_and_api_key_usage) guide. operationId: updateApiKey parameters: - in: path name: key_id required: true schema: $ref: '#/components/schemas/id' description: Key ID requestBody: content: application/json: schema: $ref: '#/components/schemas/ApiKeyBody' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/ApiKey' '400': $ref: '#/components/responses/400' '401': $ref: '#/components/responses/401' '403': $ref: '#/components/responses/403' '404': $ref: '#/components/responses/404' deprecated: false components: schemas: id: type: integer example: 3245 ApiKeyBody: type: object description: Request body schema for creating or updating an API key properties: label: $ref: '#/components/schemas/label' description: type: string example: API key for updating business name, and categories. description: Description of the API key expiration_date: $ref: '#/components/schemas/expiration_date' ip_whitelist: $ref: '#/components/schemas/ip_whitelist' has_restricted_permissions: type: boolean default: false description: > Whether or not the API key has customized permissions. If false, it has the same permissions as the user who created the key. ⚠️ **Required if the `permissions` parameter is provided.** ⚠️ example: true permissions: type: array description: > List of permission names to assign to the API Key. ⚠️ **Required if the `has_restricted_permissions` parameter is provided.** ⚠️ items: type: string example: - business_edit - business_edit_name - business_edit_categories ApiKey: allOf: - $ref: '#/components/schemas/ApiKeyBase' - type: object properties: permissions: type: array description: List of permission names linked to the API Key. items: type: string example: - business_edit - business_edit_name - business_edit_categories label: type: string example: API key name description: Name given to recognize the Api key expiration_date: type: string pattern: yyyy-mm-dd example: '2022-06-05' description: >- Must be at least the day after today. If you want it to expire today you must revoke it. You can set it to null. ip_whitelist: description: > List of IP or CIDR network notations to which API Key calls are restricted. Empty list means no restriction. type: array items: type: string example: - 172.16.0.0/12 - 127.0.0.1 ApiKeyBase: type: object description: Base API Key object with common properties properties: id: $ref: '#/components/schemas/id' label: $ref: '#/components/schemas/label' description: type: string example: API key for updating business name, and categories. description: Description of the API key user_id: $ref: '#/components/schemas/UserId' user_name: $ref: '#/components/schemas/UserName' user_role: $ref: '#/components/schemas/Role' user_type: type: string enum: - bot - user example: user description: >- Whether the API key belongs to a bot user (created automatically for integrations) or a regular human user. disabled: type: boolean example: false description: Is true if someone revoked the key. expiration_date: $ref: '#/components/schemas/expiration_date' last_used_at: type: string pattern: date example: '2019-08-22 11:46:38.914467+00' created_by: $ref: '#/components/schemas/UserId' created_by_name: description: >- First name and last name concatenated of the user that created the key type: string example: John Smith created_at: type: string pattern: date example: '2018-03-12 11:49:03.399475+00' revoked_by: $ref: '#/components/schemas/UserId' revoked_by_name: description: >- First name and last name concatenated of the user that revoked the key type: string example: John Smith revoked_at: type: string pattern: date example: '2020-10-20 11:46:38.914467+00' ip_whitelist: $ref: '#/components/schemas/ip_whitelist' has_restricted_permissions: type: boolean example: true description: >- Whether or not the API key has customized permissions. If false, it has the same permissions as the user who created the key. UserId: description: User id type: string example: 5309c3a237bbc544d8e26737 UserName: description: >- User first name and last name concatenated. Can be null if it's your org integration api key. type: string example: Perceval de Galles Role: description: User role in the application type: string enum: - PROVIDER - ORG_ADMIN - ORG_MANAGER - GROUP_MANAGER - BUSINESS_MANAGER - PUBLISHER example: BUSINESS_MANAGER responses: '400': description: Your request is incorrect content: application/json: schema: description: | Error that occcurs when your request is incorrect properties: errors: type: object description: The detail of the error encountered properties: json: type: object '401': description: You are not authenticated content: application/json: schema: description: Error that occurs when you are not authenticated type: object properties: errors: type: object description: The detail of the error encountered properties: authentication: type: string default: User not authenticated '403': description: | You are not allowed to perform this action content: application/json: schema: description: > Error that occurs when you are authenticated but you are trying to perform an action you are not allowed to perform type: object properties: errors: type: object description: The detail of the error encountered properties: authorization: type: string default: Operation not allowed '404': description: Resource does not exist content: application/json: schema: description: >- Error that occcurs when you are trying to reach a resource that does not exist type: object properties: errors: type: object description: The detail of the error encountered properties: json: type: string default: Resource not found securitySchemes: ApiKeyAuth: description: > The authentication system on Partoo API is using API Key that should be put in the header of the request (the name of the header is `x-APIKey`). An api_key is linked to a user. This user's role will give you different access level to the API features. type: apiKey in: header name: x-APIKey ````