> ## Documentation Index > Fetch the complete documentation index at: https://kernel.sh/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create an API key > Create a new API key within the authenticated organization. ## OpenAPI ````yaml https://app.stainless.com/api/spec/documented/kernel/openapi.documented.yml post /org/api_keys openapi: 3.1.0 info: title: Kernel API description: Developer tools and cloud infrastructure for AI agents to use web browsers version: 0.1.0 servers: - url: https://api.onkernel.com description: API Server security: - bearerAuth: [] tags: - name: Browsers description: Create and manage browser sessions. - name: Browser Computer Controls description: Control mouse, keyboard, and screen on the browser instance. - name: Browser Playwright description: Execute Playwright code against the browser instance. - name: Browser Filesystem description: Read, write, and manage files on the browser instance. - name: Browser Processes description: Execute and manage processes on the browser instance. - name: Browser Replays description: Record and manage browser session video replays. - name: Browser Logs description: Stream logs from the browser instance. - name: Browser Telemetry description: Stream live telemetry events from a browser session. - name: Profiles description: Create, list, retrieve, and delete browser profiles. - name: Proxies description: Create and manage proxy configurations for routing browser traffic. - name: Extensions description: Create, list, retrieve, and delete browser extensions. - name: Browser Pools description: Create and manage browser pools for acquiring and releasing browsers. - name: Managed Auth description: >- Create and manage auth connections for automated credential capture and login. - name: Credentials description: Create and manage credentials for authentication. - name: Credential Providers description: Configure external credential providers like 1Password. - name: Apps description: List applications and versions. - name: Deployments description: Create and manage app deployments and stream deployment events. - name: Invocations description: Invoke actions and stream or query invocation status and events. - name: Organization description: Read and manage organization-level limits. - name: Projects description: Create and manage projects for resource isolation within an organization. - name: API Keys description: Create and manage API keys for organization and project-scoped access. - name: Audit Logs description: Read audit log records for the authenticated organization. paths: /org/api_keys: post: tags: - API Keys summary: Create an API key description: Create a new API key within the authenticated organization. operationId: postApiKeys requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/CreateApiKeyRequest' responses: '201': description: API key created successfully content: application/json: schema: $ref: '#/components/schemas/CreatedApiKey' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '404': $ref: '#/components/responses/NotFound' '500': $ref: '#/components/responses/InternalError' security: - bearerAuth: [] x-codeSamples: - lang: JavaScript source: >- import Kernel from '@onkernel/sdk'; const client = new Kernel({ apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted }); const createdAPIKey = await client.apiKeys.create({ name: 'staging' }); console.log(createdAPIKey); - lang: Python source: |- import os from kernel import Kernel client = Kernel( api_key=os.environ.get("KERNEL_API_KEY"), # This is the default and can be omitted ) created_api_key = client.api_keys.create( name="staging", ) print(created_api_key) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/kernel/kernel-go-sdk\"\n\t\"github.com/kernel/kernel-go-sdk/option\"\n)\n\nfunc main() {\n\tclient := kernel.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\tcreatedAPIKey, err := client.APIKeys.New(context.TODO(), kernel.APIKeyNewParams{\n\t\tName: \"staging\",\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", createdAPIKey)\n}\n" components: schemas: CreateApiKeyRequest: type: object required: - name properties: name: type: string description: API key name (1-255 characters) minLength: 1 maxLength: 255 example: staging days_to_expire: type: integer description: Number of days until expiry, up to 3650. Use null for never. minimum: 1 maximum: 3650 example: 30 nullable: true project_id: type: string description: Unique project identifier example: proj_abc123 nullable: true CreatedApiKey: description: >- API key returned immediately after creation. Includes the plaintext key once. allOf: - $ref: '#/components/schemas/ApiKey' - type: object required: - key properties: key: type: string description: Plaintext API key. Only returned once when the key is created. example: sk_1234abcd ApiKey: type: object required: - id - name - created_at - created_by - expires_at - deleted_at - project_id - project_name - masked_key properties: id: type: string description: Unique API key identifier example: ckv9w8q2f000001l5r3j7k9m4 name: type: string description: API key name example: production created_at: type: string format: date-time description: When the API key was created created_by: $ref: '#/components/schemas/ApiKeyCreator' expires_at: type: string format: date-time description: When the API key expires nullable: true deleted_at: type: string format: date-time description: >- When the API key was deleted (soft-deleted). Null for keys that have not been deleted. nullable: true project_id: type: string description: Project identifier for project-scoped API keys. Null means org-wide. example: proj_abc123 nullable: true project_name: type: string description: >- Project name for project-scoped API keys. Null means the key is org-wide or the project name is unavailable. example: Production nullable: true masked_key: type: string description: Masked version of the API key example: sk_1234...abcd Error: type: object required: - code - message properties: code: type: string description: Application-specific error code (machine-readable) example: bad_request message: type: string description: Human-readable error description for debugging example: 'Missing required field: app_name' details: type: array description: Additional error details (for multiple errors) items: $ref: '#/components/schemas/ErrorDetail' inner_error: $ref: '#/components/schemas/ErrorDetail' ApiKeyCreator: type: object required: - id - email - name properties: id: type: string description: Kernel user ID of the creator. example: user-abc123 email: type: string format: email description: Email address of the creator. example: user@example.com name: type: string nullable: true description: Display name of the creator, if available. example: Jane Doe ErrorDetail: type: object properties: code: type: string description: Lower-level error code providing more specific detail example: invalid_input message: type: string description: Further detail about the error example: Provided version string is not semver compliant responses: BadRequest: description: Bad Request – invalid input content: application/json: schema: $ref: '#/components/schemas/Error' Unauthorized: description: Unauthorized – missing or invalid authorization token content: application/json: schema: $ref: '#/components/schemas/Error' NotFound: description: Resource not found content: application/json: schema: $ref: '#/components/schemas/Error' InternalError: description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/Error' securitySchemes: bearerAuth: type: http scheme: bearer ````