# List API keys

`GET /api/v1/keys`

Lists all API keys in the selected organization, visible to every member of it. Secrets are never returned; only a short suffix is shown to help identify each key. Requires an interactive (JWT) session: an API key cannot list keys. Use the X-Organization-Id header to choose the organization; otherwise the caller's default organization is used.

**Header parameters**

| Name                | Type    | Required | Description                                                                                                               |
| ------------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- |
| `X-Organization-Id` | integer | no       | Selects which of the caller's organizations the request acts on. When omitted, the caller's default organization is used. |

**Example request**

```
curl https://api.mobilenexthq.com/api/v1/keys \

  -X GET \

  -H 'Authorization: Bearer mob_...'
```

**Responses**

**200** — All API keys in the selected organization

```
{

  "keys": [

    {

      "id": "string",

      "apiKeySuffix": "a1b",

      "name": "string",

      "createdAt": "2026-01-01T00:00:00Z",

      "lastUsedAt": "2026-01-01T00:00:00Z"

    }

  ]

}
```

**401** — Missing or invalid Bearer token

```
{

  "error": {

    "code": "string",

    "message": "string"

  }

}
```

**403** — Caller lacks permission for this action (e.g. not an admin)

```
{

  "error": {

    "code": "string",

    "message": "string"

  }

}
```