# Create an API key

`POST /api/v1/keys`

Creates a new API key in the selected organization and returns its secret. The full secret is shown only once, in this response; it is never retrievable again.

Requires an interactive (JWT) session: an API key cannot create another API key. Use the X-Organization-Id header to choose which organization the new key belongs to.

**Header parameters**

| Name                | Type    | Required | Description                                                                                                               |
| ------------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- |
| `X-Organization-Id` | integer | no       | Selects which of the caller's organizations the request acts on. When omitted, the caller's default organization is used. |

**Request body** (application/json)

| Field  | Type   | Required | Description                      |
| ------ | ------ | -------- | -------------------------------- |
| `name` | string | yes      | Human-readable label for the key |

**Example request**

```
curl https://api.mobilenexthq.com/api/v1/keys \

  -X POST \

  -H 'Authorization: Bearer mob_...' \

  -H 'Content-Type: application/json' \

  -d '{"name":"CI pipeline"}'
```

**Responses**

**201** — API key created; the full secret is returned once in apiKey

```
{

  "id": "string",

  "apiKey": "mob_a1b2c3...",

  "name": "string",

  "createdAt": "2026-01-01T00:00:00Z"

}
```

**400** — Invalid request body

```
{

  "error": {

    "code": "string",

    "message": "string"

  }

}
```

**401** — Missing or invalid Bearer token

```
{

  "error": {

    "code": "string",

    "message": "string"

  }

}
```

**403** — Caller used an API key (not an interactive JWT session) to create a key

```
{

  "error": {

    "code": "string",

    "message": "string"

  }

}
```