List API keys

Free - does not consume credits

curl https://xquik.com/api/v1/api-keys \
  -H "Cookie: session_token=YOUR_SESSION_TOKEN" | jq

Headers

Dashboard session cookie. Format: session_token=YOUR_SESSION_TOKEN.

x-api-key

string

API key for the same account. Use this instead of Cookie for server-to-server management.

Authorization

string

OAuth bearer token for the same account. Format: Bearer YOUR_TOKEN.

Response

200 OK
401 Unauthenticated
429 Rate Limited

keys

array

Array of API key objects.

Show key object

string

Unique identifier for the API key.

name

string

Display name of the key.

prefix

string

First 8 characters of the key including the xq_ prefix (e.g. "xq_a1b2").

isActive

boolean

Whether the key is currently active.

createdAt

string

ISO 8601 creation timestamp.

lastUsedAt

string

ISO 8601 timestamp of the last API call made with this key. Omitted if never used.

{
  "keys": [
    {
      "id": "42",
      "name": "Production",
      "prefix": "xq_a1b2",
      "isActive": true,
      "createdAt": "2026-02-24T10:30:00.000Z",
      "lastUsedAt": "2026-02-24T18:45:12.000Z"
    },
    {
      "id": "43",
      "name": "Staging",
      "prefix": "xq_c3d4",
      "isActive": true,
      "createdAt": "2026-02-20T09:00:00.000Z"
    }
  ]
}

{ "error": "unauthenticated" }

Missing or invalid session cookie, API key, or bearer token.

{ "error": "rate_limit_exceeded", "message": "Too many requests. Try again later.", "retryAfter": 1 }

Too many requests. Wait for the Retry-After header before retrying.

Use a dashboard session cookie to inspect keys from the dashboard, or an API key or OAuth bearer token to automate key inventory for the same account.Related: Create API Key · Revoke API Key

Documentation Index

​Headers

​Response

Headers

Response