Sometimes you would like to create an api key and automatically invalidate it after a certain number of uses.

Example: You are selling API access and a customer has purchased 1000 api requests from you.

Datkey allows you to set/update usage limits on individual keys and we take care of invalidating a key after it has reached its limit.

Example

Let’s create a new key, which can be used/validated 100 times.

curl --request POST \
  --url https://api.datkey.dev/keys \
  --header 'X-api-key: datkey_xxx' \
  --header 'Content-Type: application/json' \
  --data '{
	"api_id":"<API_ID>",
	"name": "ACME INC",
	"validation_limit": 100
}'

Now when you verify the new key, you will receive back the usage count and after all of them are used up, the key is invalid.

curl --request POST \
  --url https://api.datkey.dev/keys/verify \
  --header 'Content-Type: application/json' \
  --data '{
		"key": "<KEY_VALUE>",
		"apI_id": "<API_ID>"
	}'

{
  "valid": true,
  "key": {
    "id": "e94f4576-94d5-4ef7-9b67-3861ff4826c9",
    "name": "ACME INC",
    "key": "flox_sk_05ad2bf*********",
    "prefix": null,
    "length": 16,
    "verifications": 10,
    "verification_limit": 12,
    "expires_at": null,
    "meta": null,
    "created_at": "2023-12-05T11:31:23.000000Z",
    "updated_at": "2023-12-05T13:03:24.000000Z"
  }
}
  • The returned verifications value represents how many verifications have been done.
  • The returned verification_limit value represents the total amount of verification that can be perfermed on that key.
  • The difference between verification_limit and verifications is the about of verifications left.
Time limited Keys