> ## Documentation Index > Fetch the complete documentation index at: https://langwatch.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create API key > Create a new API key. For service keys, pass keyType:"service". Optionally scope to specific projects via projectIds (ADMIN on each). Omit projectIds for full org access. The plaintext token is returned once — store it securely. ## OpenAPI ````yaml POST /api/api-keys openapi: 3.1.0 info: title: LangWatch API version: 1.0.0 description: LangWatch openapi spec servers: - url: https://app.langwatch.ai security: - project_api_key: [] paths: /api/api-keys: post: summary: Create an API key description: >- Create a new API key. For service keys, pass keyType:"service". Optionally scope to specific projects via projectIds (ADMIN on each). Omit projectIds for full org access. The plaintext token is returned once — store it securely. operationId: createApiKey requestBody: required: true content: application/json: schema: type: object properties: name: type: string minLength: 1 maxLength: 100 description: Human-readable name for this token description: type: string maxLength: 500 description: Optional description expiresAt: type: string format: date-time description: Optional expiration date (ISO 8601) bindings: type: array minItems: 1 maxItems: 20 description: Role bindings that define what this token can access items: type: object properties: role: type: string enum: - ADMIN - MEMBER - VIEWER description: Role to grant scopeType: type: string enum: - ORGANIZATION - TEAM - PROJECT description: Scope level scopeId: type: string description: ID of the organization, team, or project required: - role - scopeType - scopeId keyType: type: string enum: - personal - service default: personal description: >- personal = tied to a user. service = not tied to any user, for automation. projectIds: type: array items: type: string maxItems: 50 description: >- For service keys with restricted scope: list of project IDs to grant ADMIN access to. Omit for full org access. required: - name - bindings responses: '201': description: >- API key created. The token field contains the plaintext key — it is only shown once. content: application/json: schema: type: object properties: token: type: string description: >- Plaintext API key token (sk-lw-...). Store securely — shown only once. apiKey: type: object properties: id: type: string name: type: string createdAt: type: string format: date-time '401': description: Invalid or missing API key token '403': description: >- Requested binding exceeds the creator's own permissions, or scope does not belong to this organization '422': description: Validation error (missing name, empty bindings, etc.) security: - admin_api_key: [] components: securitySchemes: project_api_key: type: apiKey in: header name: X-Auth-Token description: >- Project API key for sending traces and accessing project-scoped resources. Format: sk-lw-... (no underscore). Obtain one by creating a project via the Admin API or the LangWatch UI. admin_api_key: type: http scheme: bearer description: >- Admin API key for organization-level operations (managing projects, API keys). Create one in Settings > API Keys or via POST /api/api-keys. Format: sk-lw-{id}_{secret}. ````