> For the complete documentation index, see [llms.txt](https://docs.alternativepayments.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.alternativepayments.io/getting-started/quick-start/api-keys.md).

# API Keys

Before making any API calls, you'll need to generate an API key and exchange it for an access token. Here's how:

## 🔑 Generate Your API Key

1. Log into the Partner Dashboard.
2. Go to **Team Preferences → API Keys**.
3. Click **Generate API Key**.
4. Give it a descriptive name (e.g. "Quoting Tool - Production").
5. Use the **scope picker** to select only the permissions this key needs — or click **Select all** for full access.
6. Copy and store the key somewhere safe. This key authenticates your API requests and should be kept secure.

{% embed url="<https://app.arcade.software/share/wgP3Hah7Ed6oup9p5K9v>" %}
Generating an API Key on Partner Dashboard
{% endembed %}

> Treat this key like a password. Do not expose it in client-side code or share it publicly.

### Scoped API Keys

API keys can now be created with only the permissions they need. Limiting scope reduces the blast radius if a credential is ever leaked or misused.

#### Available Scopes

Each scope area supports **read**, **write**, or both, where applicable:

| Scope Area      | Read | Write |
| --------------- | ---- | ----- |
| Invoices        | ✓    | ✓     |
| Payments        | ✓    | ✓     |
| Customers       | ✓    | ✓     |
| Refunds         | ✓    | ✓     |
| Payouts         | ✓    | ✓     |
| Webhooks        | ✓    | ✓     |
| Hosted Checkout | ✓    | ✓     |

#### Scope Picker UI

When you click **Generate API Key**, the dialog includes a scope picker organized by capability area. Select individual read or write permissions for each area, or use the **Select all** shortcut when you need full access.

#### Existing Keys — "Full Access" Label

Every key minted before scoped keys were introduced is automatically labeled **Full access**, so you can spot the highest-blast-radius keys at a glance. There is no forced rotation — migrate those keys to narrower scopes on your own timeline.

#### Inline Scope Auditing

The **API Keys** list shows each key's scopes inline, so you can audit what each integration is allowed to do without opening individual key details.

#### Scopes in the OpenAPI Spec

All scopes are published in the public OpenAPI spec as a scopes catalog, with per-route scope tags — ready for code generators and API clients.

### Example Use Cases

Assign the minimum permissions each integration actually needs:

* **Accountant access** — `Customers: read` + `Invoices: read`
* **Reconciliation tool** — `Payments: read`
* **Refunds operator** — `Refunds: write`

***

## 🗑️ Revoke an API Key

If a key is no longer needed or may be compromised, go to **API Keys** in the dashboard, click **Revoke** next to the key you want to disable, and confirm the action.

> **Important:** Revoking a key is permanent. Make sure your application is updated with a new key before revoking the old one.

## ✏️ Rename an API Key

To update the name of an existing key, go to **API Keys** in the dashboard, click **Edit Key Name** next to the key, enter a new name, and save.

Renaming helps you keep keys organized by usage or environment.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.alternativepayments.io/getting-started/quick-start/api-keys.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
