Skip to contentSkip to navigationSkip to topbar
Rate this page:
On this page

Create API keys



API Overview

api-overview page anchor

Your application, mail client, or website can all use API (Application Programming Interface) keys to authenticate access to SendGrid services. You can revoke an API key at any time without having to change your username and password, and an API key can be scoped to perform a limited number of actions.

There are 3 different types of API keys:

  • Full Access
    Allows the API key to access GET , PATCH , PUT , DELETE and POST endpoints for all parts of your account, excluding billing and Email Address Validation.
  • Restricted Access
    Customizes levels of access for all parts of your account, excluding billing and Email Address Validation.
  • Billing Access
    Allows the API key to access billing endpoints for the account.

You must create your first API key using the Twilio SendGrid App(link takes you to an external page). Once you have a key with permissions to manage other keys, you can use the endpoints documented as part of this API.

(warning)

Warning

Twilio SendGrid API keys are 69 characters long. We are unable to make exceptions for third-party infrastructure that is unable to support a key of 69 characters.

(information)

Info

There is a limit of 100 API Keys on your account.


POST/v3/api_keys

Base url: https://api.sendgrid.com

This endpoint allows you to create a new API Key for the user.

To create your initial SendGrid API Key, you should use the SendGrid App(link takes you to an external page). Once you have created a first key with scopes to manage additional API keys, you can use this API for all other key management. A JSON request body containing a name property is required when making requests to this endpoint. If the number of maximum keys, 100, is reached, a 403 status will be returned. Though the name field is required, it does not need to be unique. A unique API key ID will be generated for each key you create and returned in the response body. It is not necessary to pass a scopes field to the API when creating a key, but you should be aware that omitting the scopes field from your request will create a key with "Full Access" permissions by default. See the API Key Permissions List for all available scopes. An API key's scopes can be updated after creation using the "Update API keys" endpoint.


Authentication

authentication page anchor
Authorizationstringrequired
Default: Bearer <<YOUR_API_KEY_HERE>>

on-behalf-ofstring

The on-behalf-of header allows you to make API calls from a parent account on behalf of the parent's Subusers or customer accounts. You will use the parent account's API key when using this header. When making a call on behalf of a customer account, the property value should be "account-id" followed by the customer account's ID (e.g., on-behalf-of: account-id <account-id>). When making a call on behalf of a Subuser, the property value should be the Subuser's username (e.g., on-behalf-of: <subuser-username>). See On Behalf Of for more information.

SchemaExample
namestringrequired

The name you will use to describe this API Key.


scopesarray[string]

The individual permissions that you are giving to this API Key.

201400401403404500
SchemaExample
api_keystring

api_key_idstring

namestring

scopesarray[string]

Create API keys

create-api-keys page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
curl

_26
const client = require('@sendgrid/client');
_26
client.setApiKey(process.env.SENDGRID_API_KEY);
_26
_26
const data = {
_26
"name": "My API Key",
_26
"scopes": [
_26
"mail.send",
_26
"alerts.create",
_26
"alerts.read"
_26
]
_26
};
_26
_26
const request = {
_26
url: `/v3/api_keys`,
_26
method: 'POST',
_26
body: data
_26
}
_26
_26
client.request(request)
_26
.then(([response, body]) => {
_26
console.log(response.statusCode);
_26
console.log(response.body);
_26
})
_26
.catch(error => {
_26
console.error(error);
_26
});


Rate this page: