> ## Documentation Index
> Fetch the complete documentation index at: https://docs.agribackup.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List All API Keys for Your Organization

> Retrieve metadata for every active API key registered to your AgriBackup enterprise organization. Raw key values are never returned.

Use this endpoint to audit the API keys currently active on your AgriBackup organization. The response contains metadata — name, assigned scopes, creation timestamp, and identifier — for every key in your account. For security reasons, the raw key string is never returned after initial generation; if you have lost a key value, you must rotate or delete and recreate it.

**`GET /api/v1/enterprise/api-keys`**

## Request Parameters

This endpoint accepts no request body and no query parameters.

## Code Examples

<CodeGroup>
  ```python Python theme={null}
  import agribackup
  from agribackup.rest import ApiException

  configuration = agribackup.Configuration(host="https://live.agribackup.com/api/v1")
  configuration.api_key["ApiKeyAuth"] = "sk_live_YOUR_API_KEY"

  with agribackup.ApiClient(configuration) as api_client:
      try:
          api_instance = agribackup.EnterpriseAPIKeysApi(api_client)
          response = api_instance.list_api_keys()
          print(response)
      except ApiException as e:
          print("Exception when calling API: %s\n" % e)
  ```

  ```javascript Node.js theme={null}
  import { AgriBackupClient } from "@agribackup/sdk";

  const client = new AgriBackupClient({
    apiKey: "sk_live_YOUR_API_KEY",
    baseUrl: "https://live.agribackup.com/api/v1",
  });

  async function listApiKeys() {
    try {
      const response = await client.keys.listApiKeys();
      console.log(response);
    } catch (error) {
      console.error(error);
    }
  }

  listApiKeys();
  ```

  ```bash cURL theme={null}
  curl --request GET \
    --url https://live.agribackup.com/api/v1/enterprise/api-keys \
    --header "Authorization: Bearer sk_live_YOUR_API_KEY"
  ```
</CodeGroup>

## Response

A `200 OK` response returns an array of API key metadata objects. An empty array (`[]`) indicates no keys are currently active for the organization.

```json theme={null}
[
  {
    "id": "key_a1b2c3d4e5f6",
    "name": "Production Integration Key",
    "scopes": ["*"],
    "createdAt": "2026-01-15T09:30:00Z"
  },
  {
    "id": "key_g7h8i9j0k1l2",
    "name": "Read-Only Audit Key",
    "scopes": ["risk:read", "suppliers:read"],
    "createdAt": "2026-03-22T14:00:00Z"
  }
]
```

<ResponseField name="id" type="string">
  The unique identifier for the API key. Use this value as the `keyId` path parameter when calling the rotate or delete endpoints.
</ResponseField>

<ResponseField name="name" type="string">
  The human-readable label assigned to the key at creation time. Useful for identifying keys by their intended purpose or integration target.
</ResponseField>

<ResponseField name="scopes" type="array of strings">
  The list of permission scopes granted to this key. A value of `["*"]` indicates unrestricted access to all endpoints. Narrower scopes such as `risk:read` or `suppliers:write` limit the key to specific resource groups and HTTP methods.
</ResponseField>

<ResponseField name="createdAt" type="string (ISO 8601)">
  The UTC timestamp at which the key was originally generated, formatted as an ISO 8601 date-time string.
</ResponseField>

## Error Responses

| HTTP Status             | Error Code     | Description                                                                                 |
| ----------------------- | -------------- | ------------------------------------------------------------------------------------------- |
| `401 Unauthorized`      | `UNAUTHORIZED` | The `Authorization` header is missing or the bearer token is invalid.                       |
| `403 Forbidden`         | `FORBIDDEN`    | The authenticated identity does not have permission to list API keys for this organization. |
| `429 Too Many Requests` | `RATE_LIMITED` | You have exceeded the hourly rate limit. Check `X-RateLimit-Reset` for your reset time.     |

```json theme={null}
{
  "code": "UNAUTHORIZED",
  "message": "Missing or invalid authorization token",
  "details": []
}
```
