API Key Management

Manage API keys to authenticate requests to the Logproof API. Each key can be scoped to specific permissions and renamed or revoked as needed.

Important: The full API key is only shown once upon creation. Store it securely and never commit it to version control.

Available Scopes

Scope Description
events:read Read event data from your account
events:write Create and update events
verify Access verification endpoints
export Export event data
keys:manage Create, update, and delete API keys

Create API Key

POST https://logproof.de/v1/api-keys

Creates a new API key with the specified name and scopes.

Required Scope: keys:manage

Request Body

Parameter Type Required Description
name string Yes A descriptive name for the API key
scopes array No Array of scope strings. Defaults to all available scopes if not provided

Response (201 Created)

curl -X POST https://logproof.de/v1/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production API Key",
    "scopes": ["events:read", "events:write", "verify"]
  }'
const response = await fetch('https://logproof.de/v1/api-keys', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    name: 'Production API Key',
    scopes: ['events:read', 'events:write', 'verify']
  })
});

const data = await response.json();
$client = new \GuzzleHttp\Client();

$response = $client->post('https://logproof.de/v1/api-keys', [
    'headers' => [
        'Authorization' => 'Bearer YOUR_API_KEY',
        'Content-Type' => 'application/json'
    ],
    'json' => [
        'name' => 'Production API Key',
        'scopes' => ['events:read', 'events:write', 'verify']
    ]
]);

$data = json_decode($response->getBody(), true);
import requests

response = requests.post(
    'https://logproof.de/v1/api-keys',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY',
        'Content-Type': 'application/json'
    },
    json={
        'name': 'Production API Key',
        'scopes': ['events:read', 'events:write', 'verify']
    }
)

data = response.json()

Response Body

{
  "data": {
    "id": "key_1a2b3c4d5e6f",
    "name": "Production API Key",
    "key": "lp_sk_live_1a2b3c4d5e6f7g8h9i0j",
    "key_prefix": "lp_sk_...0j",
    "scopes": ["events:read", "events:write", "verify"],
    "created_at": "2026-02-10T14:30:00Z"
  }
}
Note: The key field contains the full API key and is only returned in this response. Store it securely. Subsequent requests will only show the key_prefix.

List API Keys

GET https://logproof.de/v1/api-keys

Retrieves a list of all API keys for your account. Full keys are never returned in list responses.

Required Scope: keys:manage

Example Request

curl -X GET https://logproof.de/v1/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY"
const response = await fetch('https://logproof.de/v1/api-keys', {
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY'
  }
});

const data = await response.json();
$client = new \GuzzleHttp\Client();

$response = $client->get('https://logproof.de/v1/api-keys', [
    'headers' => [
        'Authorization' => 'Bearer YOUR_API_KEY'
    ]
]);

$data = json_decode($response->getBody(), true);
import requests

response = requests.get(
    'https://logproof.de/v1/api-keys',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY'
    }
)

data = response.json()

Response Body

{
  "data": [
    {
      "id": "key_1a2b3c4d5e6f",
      "name": "Production API Key",
      "key_prefix": "lp_sk_...0j",
      "scopes": ["events:read", "events:write", "verify"],
      "created_at": "2026-02-10T14:30:00Z"
    },
    {
      "id": "key_9z8y7x6w5v4u",
      "name": "Development Key",
      "key_prefix": "lp_sk_...4u",
      "scopes": ["events:read"],
      "created_at": "2026-02-08T10:15:00Z"
    }
  ]
}

Update API Key

PATCH https://logproof.de/v1/api-keys/{id}

Updates the name of an existing API key. Scopes cannot be modified after creation.

Required Scope: keys:manage

Request Body

Parameter Type Required Description
name string Yes The new name for the API key

Example Request

curl -X PATCH https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated Production Key"
  }'
const response = await fetch('https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f', {
  method: 'PATCH',
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    name: 'Updated Production Key'
  })
});

const data = await response.json();
$client = new \GuzzleHttp\Client();

$response = $client->patch('https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f', [
    'headers' => [
        'Authorization' => 'Bearer YOUR_API_KEY',
        'Content-Type' => 'application/json'
    ],
    'json' => [
        'name' => 'Updated Production Key'
    ]
]);

$data = json_decode($response->getBody(), true);
import requests

response = requests.patch(
    'https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY',
        'Content-Type': 'application/json'
    },
    json={
        'name': 'Updated Production Key'
    }
)

data = response.json()

Response Body

{
  "data": {
    "id": "key_1a2b3c4d5e6f",
    "name": "Updated Production Key",
    "key_prefix": "lp_sk_...0j",
    "scopes": ["events:read", "events:write", "verify"],
    "created_at": "2026-02-10T14:30:00Z"
  }
}

Delete API Key

DELETE https://logproof.de/v1/api-keys/{id}

Revokes an API key immediately. All subsequent requests using this key will be rejected.

Required Scope: keys:manage

Warning: This action is irreversible. Any applications or services using this key will immediately lose access.

Example Request

curl -X DELETE https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f \
  -H "Authorization: Bearer YOUR_API_KEY"
const response = await fetch('https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f', {
  method: 'DELETE',
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY'
  }
});

// Response status: 204 No Content
$client = new \GuzzleHttp\Client();

$response = $client->delete('https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f', [
    'headers' => [
        'Authorization' => 'Bearer YOUR_API_KEY'
    ]
]);

// Response status: 204 No Content
import requests

response = requests.delete(
    'https://logproof.de/v1/api-keys/key_1a2b3c4d5e6f',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY'
    }
)

# Response status: 204 No Content

Response

Returns 204 No Content on successful deletion.

← Previous Stats