Scopes
Only
admin and full scopes can create, list, or revoke API keys.
Bootstrap API key
For automated deployments, set theADMIN_API_KEY environment variable:
admin-scope key without being stored in the database. It lets you make the first API call to create a proper stored key.
First-launch setup
If no API keys exist andADMIN_API_KEY is not set, use the setup endpoint:
/admin guides you through this process with a setup wizard.
Create an API key
Response (201):
List API keys
Revoke an API key
revokedAt timestamp.
Revoked keys are rejected on all subsequent requests.
Key format
API keys use the formatbk_ followed by 64 hex characters (32 random bytes):
bk_ prefix makes keys easy to identify in logs and configuration.
Next steps
- Content API — register and manage content
- Admin Dashboard — manage keys from the browser
- Docker Setup — environment variables and deployment