Validate Org API Key

{ "id": "<string>", "slug": "<string>", "name": "<string>", "permissions": [ "<string>" ], "scopes": [ "<string>" ], "ownerType": "<string>", "ownerId": "<string>", "expiresAt": "2023-11-07T05:31:56Z", "disabled": true, "createdAt": "<string>", "updatedAt": "<string>" }

Headers

x-prismeai-api-key

string

The raw API key to validate (alternative to body)

Path Parameters

orgSlug

string

required

Body

application/json

apiKey

string

The raw API key to validate (iak_{orgSlug}_{uuid})

Response

API key is valid

string

Internal role ID

slug

string

Unique slug identifying the API key within the org

name

string

permissions

string[]

Array of permission strings. Convention: {product}:{resource}:{action} Wildcards: Use * at end only (e.g., orgs:* matches orgs:members:manage) Platform permissions: - orgs:* (full org access) - orgs:members:manage, orgs:roles:manage, orgs:manage - orgs:branding:manage, orgs:navigation:manage - orgs:subscriptions:view, orgs:subscriptions:manage - orgs:apikeys:manage, orgs:invites:manage, orgs:join-rules:manage - secure-chat:, store:, knowledge:, builder: - agent-builder:, analytics:view, platform-admin: Custom app permissions: {app-slug}:{resource}:{action} Example: my-crm:contacts:read, my-crm:deals:manage Super admin: ["*"] (matches everything)

scopes

string[]

Optional string array of resource patterns restricting where permissions apply. Format: resourceType:resourceId. Examples: agents:agent-abc-123, models:gpt-4o, orgs:acme, agents:, models:, *

ownerType

string

Optional owner type identifier for this API key (e.g. agent, user, app). Indexed alongside ownerId for fast lookups.

ownerId

string

Optional owner ID for this API key. Indexed alongside ownerType for fast lookups.

expiresAt

string<date-time>

disabled

boolean

createdAt

string

updatedAt

string