Skip to main content
GET
/
api
/
adm
/
companyProjectKeys
/
actual
Get Unmasked API Key Value
curl --request GET \
  --url https://localhost:44371/api/adm/companyProjectKeys/actual \
  --header 'Authorization: Bearer <token>'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Returns the full, unmasked API key value that can be used for authentication. This endpoint should be used with caution as it exposes the complete credential. Common use cases include displaying the key to users who need to configure it in their applications, or retrieving it for secure storage in external systems.

Input

  • Query Parameter: model (CompanyProjectActualKeyRequest, required) — Request containing:
    • keyId (guid, required) — Unique identifier of the key to retrieve.

Output

Returns a CompanyProjectActualKeyResponse containing the complete unmasked API key value.

Example Request

GET /api/admin/companyProjectKeys/actual?keyId=9ef15c43-a955-6f4h-c7g3-1h6d4f0e3g9c
Authorization: Bearer {token}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null,
  "keyValue": "pk_live_4a3b2c1d5e6f7g8h9i0j1k2l3m4n5o6p"
}

Errors

  • 404 Not Found — No API key exists with the specified ID.
  • 401 Unauthorized — Missing or invalid authentication token.
  • 403 Forbidden — User does not have permission to access this key.
  • 400 Bad Request — Missing required keyId parameter.

Notes

  • This endpoint exposes the full unmasked API key; use only when absolutely necessary.
  • Access to this endpoint should be restricted to authorized administrators only.
  • Consider auditing calls to this endpoint for security compliance.
  • Never log, cache, or store the returned key value in unsecured locations.
  • If the key has been compromised, delete it immediately and generate a new one.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Query Parameters

CompanyProjectId
string<guid>

The identifier of the project whose key should be returned.

Type
enum<string>

The type of key to retrieve.

Available options:
TransactionRSAKey,
FileContentPGPKey

Response

Always returned. Check the success property in the response body to determine if the operation succeeded.

Standard response structure containing operation status and error information. Represents the response that contains the active key for a project.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null

entry
object

The active key entry.