Build

API Keys

Manage API keys for authenticating with the Lev API.

Updated March 2026

Overview

API keys are managed via the Lev web app or the /api-keys REST endpoints. Keys are tied to the authenticated user's account and inherit their permissions.

Keys are prefixed with lev_sk_ for identification
The full key value is only shown once at creation — store it immediately
Revoked keys take effect immediately
Each account has a maximum number of allowed keys based on its API tier

Tier ceilings

Tier	Max API keys
Free	2
Standard	10
Enterprise	50

The current count and ceiling for your account are returned under platform.api_keys in the scoped GET /me response — { current_count, max_allowed }. A POST /api-keys request that would exceed the ceiling returns 422 validation_error.

Creating Keys via the Lev Web App

The fastest way to create an API key is through the Lev settings page at app.lev.com.

Requirements

You must be a workspace admin to manage API keys. The feature must be enabled for your account.

Create a key

Sign in to Lev
Sign in at app.lev.com.
You're in your Lev workspace.
Open Settings
Click your name at the bottom of the sidebar, then click Settings.
The Settings page is open.
Go to the API Keys tab
Select the API Keys tab.
You see the list of existing keys for your account.
Create a new key
Click the Create key button.
A dialog asks you to label the new key.
Label and create
Enter a descriptive label (for example, "Production Sync" or "CI Pipeline") and click Create.
The new key is generated and shown exactly once.
Copy the key immediately
Click the copy icon next to the key. Store it somewhere secure, then click Done.
Your key is stored safely — you won't see it again.

Store your key securely

The full API key is only displayed once at creation time. If you lose it, you'll need to revoke the key and create a new one.

Revoke a key

Open API Keys settings
Go to Settings → API Keys.
You see all active keys for your account.
Trash the key
Find the key in the list and click the trash icon.
A confirmation dialog opens.
Confirm revocation
Click Revoke key. Revocation is instant.
The key is revoked and any subsequent request using it returns 401 Unauthorized.

Create Key (API)

POST/api/external/v2/api-keys

Create a new API key for the authenticated user

Request body

labelstringrequired

Human-readable label for the key (1–255 characters)

Response (201):

{
  "request_id": "...",
  "timestamp": "2026-03-20T15:30:45Z",
  "data": {
    "id": 42,
    "label": "CI Pipeline Key",
    "key_prefix": "lev_sk_abc1",
    "api_key": "lev_sk_abc123def456ghi789...",
    "created_at": "2026-03-20T15:30:45Z"
  }
}

Warning: The api_key field is only included in the creation response. Store it securely.

List Keys (API)

GET/api/external/v2/api-keys

List all API keys for the authenticated user

Query parameters

limitinteger

Results per page (1–200, default 50)

offsetinteger

Number of results to skip (default 0)

Response (200):

{
  "request_id": "...",
  "timestamp": "2026-03-20T15:30:45Z",
  "data": [
    {
      "id": 42,
      "label": "CI Pipeline Key",
      "key_prefix": "lev_sk_abc1",
      "created_at": "2026-03-20T15:30:45Z",
      "last_used_at": "2026-03-19T12:00:00Z"
    }
  ],
  "pagination": {
    "total": 3,
    "limit": 50,
    "offset": 0,
    "has_more": false
  }
}

Note: The full key value is never returned in list responses — only the key_prefix.

Revoke Key (API)

DELETE/api/external/v2/api-keys/{key_id}

Permanently revoke an API key

Path parameters

key_idintegerrequired

The ID of the API key to revoke

Response (200):

{
  "request_id": "...",
  "timestamp": "2026-03-20T15:30:45Z",
  "data": {
    "deleted": true
  }
}

Revoked keys are immediately invalidated. Any request using a revoked key will receive a 401 Unauthorized response.