Your application, mail client, or website can all use API (Application Programming Interface) keys to authenticate access to SendGrid services. You can revoke an API key at any time without having to change your username and password, and an API key can be scoped to perform a limited number of actions.
There are 3 different types of API keys:
GET
,
PATCH
,
PUT
,
DELETE
and
POST
endpoints for all parts of your account, excluding billing and Email Address Validation.
You must create your first API key using the Twilio SendGrid App. Once you have a key with permissions to manage other keys, you can use the endpoints documented as part of this API.
Twilio SendGrid API keys are 69 characters long. We are unable to make exceptions for third-party infrastructure that is unable to support a key of 69 characters.
There is a limit of 100 API Keys on your account.
This endpoint allows you to create a new API Key for the user.
To create your initial SendGrid API Key, you should use the SendGrid App. Once you have created a first key with scopes to manage additional API keys, you can use this API for all other key management.
A JSON request body containing a name
property is required when making requests to this endpoint. If the number of maximum keys, 100, is reached, a 403
status will be returned.
Though the name
field is required, it does not need to be unique. A unique API key ID will be generated for each key you create and returned in the response body.
It is not necessary to pass a scopes
field to the API when creating a key, but you should be aware that omitting the scopes
field from your request will create a key with "Full Access" permissions by default.
See the API Key Permissions List for all available scopes. An API key's scopes can be updated after creation using the "Update API keys" endpoint.
Bearer <<YOUR_API_KEY_HERE>>
The on-behalf-of
header allows you to make API calls from a parent account on behalf of the parent's Subusers or customer accounts. You will use the parent account's API key when using this header. When making a call on behalf of a customer account, the property value should be "account-id" followed by the customer account's ID (e.g., on-behalf-of: account-id <account-id>
). When making a call on behalf of a Subuser, the property value should be the Subuser's username (e.g., on-behalf-of: <subuser-username>
). See On Behalf Of for more information.
application/json
The name you will use to describe this API Key.
The individual permissions that you are giving to this API Key.
1const client = require('@sendgrid/client');2client.setApiKey(process.env.SENDGRID_API_KEY);34const data = {5"name": "My API Key",6"scopes": [7"mail.send",8"alerts.create",9"alerts.read"10]11};1213const request = {14url: `/v3/api_keys`,15method: 'POST',16body: data17}1819client.request(request)20.then(([response, body]) => {21console.log(response.statusCode);22console.log(response.body);23})24.catch(error => {25console.error(error);26});