Skip to main content
PUT
/
1
/
keys
/
{key}
curl
curl --request PUT \
  --url https://algolia_application_id.algolia.net/1/keys/ALGOLIA_API_KEY \
  --header 'accept: application/json' \
  --header 'content-type: application/json' \
  --header 'x-algolia-api-key: ALGOLIA_API_KEY' \
  --header 'x-algolia-application-id: ALGOLIA_APPLICATION_ID' \
  --data '{"acl":["search","addObject"],"description":"Used for indexing by the CLI","indexes":["dev_*","prod_en_products"],"maxHitsPerQuery":0,"maxQueriesPerIPPerHour":0,"queryParameters":"typoTolerance=strict&restrictSources=192.168.1.0/24","referers":["*algolia.com*"],"validity":86400}'
{
  "key": "13ad45b4d0a2f6ea65ecbddf6aa260f2",
  "updatedAt": "2023-07-04T12:49:15Z"
}
Requires Admin API key

Authorizations

x-algolia-application-id
string
header
required

Your Algolia application ID.

x-algolia-api-key
string
header
required

Your Algolia API key with the necessary permissions to make the request. Permissions are controlled through access control lists (ACL) and access restrictions. The required ACL to make a request is listed in each endpoint's reference.

Path Parameters

key
string
required

API key.

Example:

"ALGOLIA_API_KEY"

Body

application/json

API key object.

acl
enum<string>[]
required

Permissions that determine the type of API requests this key can make. The required ACL is listed in each endpoint's reference. For more information, see access control list.

Example:
["search", "addObject"]
description
string
default:""

Description of an API key to help you identify this API key.

Example:

"Used for indexing by the CLI"

indexes
string[]

Index names or patterns that this API key can access. By default, an API key can access all indices in the same application.

You can use leading and trailing wildcard characters (*):

  • dev_* matches all indices starting with "dev_".
  • *_dev matches all indices ending with "_dev".
  • *_products_* matches all indices containing "products".
Example:
["dev_*", "prod_en_products"]
maxHitsPerQuery
integer
default:0

Maximum number of results this API key can retrieve in one query. By default, there's no limit.

maxQueriesPerIPPerHour
integer
default:0

Maximum number of API requests allowed per IP address or user token per hour.

If this limit is reached, the API returns an error with status code 429. By default, there's no limit.

queryParameters
string
default:""

Query parameters to add when making API requests with this API key.

To restrict this API key to specific IP addresses, add the restrictSources parameter. You can only add a single source, but you can provide a range of IP addresses.

Creating an API key fails if the request is made from an IP address outside the restricted range.

Example:

"typoTolerance=strict&restrictSources=192.168.1.0/24"

referers
string[]

Allowed HTTP referrers for this API key.

By default, all referrers are allowed. You can use leading and trailing wildcard characters (*):

  • https://algolia.com/* allows all referrers starting with "https://algolia.com/"
  • *.algolia.com allows all referrers ending with ".algolia.com"
  • *algolia.com* allows all referrers in the domain "algolia.com".

Like all HTTP headers, referrers can be spoofed. Don't rely on them to secure your data. For more information, see HTTP referrer restrictions.

Example:
["*algolia.com*"]
validity
integer
default:0

Duration (in seconds) after which the API key expires. By default, API keys don't expire.

Example:

86400

Response

OK

key
string
required

API key.

Example:

"13ad45b4d0a2f6ea65ecbddf6aa260f2"

updatedAt
string
required

Date and time when the object was updated, in RFC 3339 format.

Example:

"2023-07-04T12:49:15Z"

I