Skip to main content
POST
/
api
/
v1
/
partners
/
api-key
Generate a partner API key
curl --request POST \
  --url https://app.puffle.ai/api/v1/partners/api-key \
  --header 'Authorization: Bearer <token>'
{
  "api_key": "pk_live_0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
  "prefix": "pk_live_0123456789abcdef",
  "message": "Save this key — it will not be shown again."
}

Overview

Generate a fresh partner API key. Returns the raw key once — the server stores only a hash, so if the response is lost, the key is unrecoverable and must be revoked + regenerated. Also best-effort-creates a Svix app behind the scenes for webhook delivery. Svix failures are logged but don’t fail the request; if you later find has_webhook: false on getPartnerApiKey, revoke and re-create.

AI agent notes

Session-authenticated. Uses the user’s browser session, not a Bearer token. Intended for the logged-in user to mint their own key.Save the raw key immediately. The response includes api_key once. Anything subsequent (getPartnerApiKey, the admin dashboard) only shows the prefix. Losing it means revoke + regenerate.One-at-a-time. If an active key already exists, the endpoint returns 409 with a hint to revoke first. This prevents accidental duplicate keys — rotation is explicit (revoke then create).Prefix for identification. The first 24 chars (pk_live_<16-hex>) are safe to log, display, or store — they identify the key without revealing the secret.Related: Check partner API key status, Revoke partner API key, Open the webhook portal.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

New API key created. Raw key returned once.

api_key
string
required

The raw API key, formatted pk_live_<64-hex-chars>. Shown once. Save it — the server stores only a hash.

prefix
string
required

First 24 chars of the key. Used to identify the key without revealing the secret. Also returned by getPartnerApiKey.

message
string
required