Skip to main content
POST
/
investors
/
{investor_id}
/
api-keys
Create an investor-scoped API key
curl --request POST \
  --url https://api.bluumfinance.com/v1/investors/{investor_id}/api-keys \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Mobile app (prod)",
  "environment": "PRODUCTION"
}
'
{
  "id": "apk_2ahq810t9rgmwgncgcawcm5400",
  "object": "api_key",
  "created": 123,
  "livemode": true,
  "account_id": "inv_2ahq810t9rgmwgncgcawcm5400",
  "name": "<string>",
  "public_key": "<string>",
  "expires_at": "2023-11-07T05:31:56Z",
  "metadata": {},
  "secret_key": "<string>"
}

Authorizations

Authorization
string
header
required

HTTP Basic Authentication using the API Key as username and API Secret as password.

Path Parameters

investor_id
string
required

The prefixed public id of the investor (e.g. inv_…).

Body

application/json
name
string

Human-readable label for the key.

Maximum string length: 120
environment
enum<string>
default:TEST
Available options:
TEST,
PRODUCTION

Response

API key created. secret_key is shown only here.

An investor-scoped API key (without the secret).

id
string
Example:

"apk_2ahq810t9rgmwgncgcawcm5400"

object
string
Example:

"api_key"

created
integer | null

Unix timestamp (seconds).

livemode
boolean
account_id
string

Prefixed investor id the key is scoped to.

Example:

"inv_2ahq810t9rgmwgncgcawcm5400"

name
string
environment
enum<string>
Available options:
TEST,
PRODUCTION
status
enum<string>
Available options:
active,
revoked,
expired
public_key
string
expires_at
string<date-time> | null
metadata
object
secret_key
string

Returned only once, at creation. Store it securely.