> ## Documentation Index > Fetch the complete documentation index at: https://docs.prisme.ai/llms.txt > Use this file to discover all available pages before exploring further. # Get Org API Key > Fetch a single API key by id (raw key never returned). ## OpenAPI ````yaml /api-reference/swagger.yml get /v2/orgs/{orgSlug}/api-keys/{keyId} openapi: 3.0.0 info: version: 1.0.0 title: Prisme.ai APIs description: Prisme.ai APIs specifications termsOfService: https://www.prisme.ai/mentions-legales contact: name: Prisme.ai Support Team email: support@prisme.ai url: https://www.prisme.ai license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html servers: - url: https://api.studio.prisme.ai description: Prisme.ai Cloud - url: https://{customDomain} description: Self-hosted Prisme.ai instance variables: customDomain: default: api.your-prisme-instance.com description: API hostname of your self-hosted Prisme.ai deployment - url: http://localhost:3001 description: Local development security: - BearerAuth: [] - OrgApiKeyAuth: [] - BearerAuth: [] OrgApiKeyAuth: [] tags: - name: API Gateway description: >- Authentication, session management, SSO providers, and user profile endpoints. - name: Prisme.ai Workspaces description: >- CRUD operations for workspaces and their resources (pages, apps, automations, imports, variables). - name: Prisme.ai Runtime description: Execute workspace automations and manage their runtime lifecycle. - name: Prisme.ai Events description: Event ingestion, delivery, and subscription filtering across the platform. - name: Organizations description: >- Manage organizations, members, roles, invites, groups, and org-level service accounts. - name: Subscriptions description: >- Manage organization subscription plans and tier assignments (SuperAdmin only). - name: Secrets description: Read and patch encrypted key-value secrets scoped to a workspace. - name: ApiKeys description: Create, list, rotate, and validate workspace-scoped API keys. - name: Permissions description: >- Share or unshare resources (workspaces, pages, …) with users via roles or fine-grained rules. - name: Monitoring description: Platform readiness checks across services (SuperAdmin only). - name: AuthProviders paths: /v2/orgs/{orgSlug}/api-keys/{keyId}: get: tags: - Organizations summary: Get Org API Key description: Fetch a single API key by id (raw key never returned). operationId: getOrgApiKey parameters: - name: orgSlug in: path required: true schema: type: string - name: keyId in: path required: true schema: type: string responses: '200': description: Success content: application/json: schema: $ref: '#/components/schemas/OrgApiKey' '401': description: AuthenticationError content: application/json: schema: $ref: '#/components/schemas/AuthenticationError' '403': description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ForbiddenError' '404': description: Not found content: application/json: schema: $ref: '#/components/schemas/ObjectNotFoundError' components: schemas: OrgApiKey: type: object properties: id: type: string description: Internal role ID slug: type: string description: Unique slug identifying the API key within the org name: type: string permissions: type: array description: >- Array of permission strings. Convention: {product}:{resource}:{action} Wildcards: Use * at end only (e.g., orgs:* matches orgs:members:manage) Platform permissions: - orgs:* (full org access) - orgs:members:manage, orgs:roles:manage, orgs:manage - orgs:branding:manage, orgs:navigation:manage - orgs:subscriptions:view, orgs:subscriptions:manage - orgs:apikeys:manage, orgs:invites:manage, orgs:join-rules:manage - secure-chat:*, store:*, knowledge:*, builder:* - agent-builder:*, analytics:view, platform-admin:* Custom app permissions: {app-slug}:{resource}:{action} Example: my-crm:contacts:read, my-crm:deals:manage Super admin: ["*"] (matches everything) items: type: string scopes: type: array description: >- Optional string array of resource patterns restricting where permissions apply. Format: resourceType:resourceId. Examples: agents:agent-abc-123, models:gpt-4o, orgs:acme, agents:*, models:*, * items: type: string ownerType: type: string description: >- Optional owner type identifier for this API key (e.g. agent, user, app). Indexed alongside ownerId for fast lookups. ownerId: type: string description: >- Optional owner ID for this API key. Indexed alongside ownerType for fast lookups. expiresAt: type: string format: date-time disabled: type: boolean createdAt: type: string updatedAt: type: string AuthenticationError: type: object properties: error: type: string example: AuthenticationError message: type: string example: Unauthenticated ForbiddenError: type: object properties: error: type: string example: ForbiddenError message: type: string example: Forbidden ObjectNotFoundError: type: object properties: error: type: string example: ObjectNotFound message: type: string securitySchemes: BearerAuth: type: http scheme: bearer bearerFormat: JWT OrgApiKeyAuth: type: apiKey in: header name: x-prismeai-api-key ````