const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.factify.com/v1/api-keys', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));{
"api_keys": [
{
"id": "key_01h2xcejqtf2nbrexx3vqjhp41",
"org_id": "org_01h2xcejqtf2nbrexx3vqjhp41",
"name": "Production Key",
"prefix": "ffy_prod_01kdx2z2...",
"created_at": "2025-01-15T10:30:00Z",
"updated_at": "2025-01-15T10:35:00Z",
"is_active": true,
"expires_at": "2026-01-15T10:30:00Z",
"revoked_at": "2023-11-07T05:31:56Z",
"revoked_by": "usr_01h2xcejqtf2nbrexx3vqjhp41",
"revoked_comment": "rotated"
}
]
}List API keys
Lists API keys for the caller’s organization. Secrets are
never returned — use the prefix field to identify a key in
the UI.
Authorization: requires organization admin role.
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.factify.com/v1/api-keys', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));{
"api_keys": [
{
"id": "key_01h2xcejqtf2nbrexx3vqjhp41",
"org_id": "org_01h2xcejqtf2nbrexx3vqjhp41",
"name": "Production Key",
"prefix": "ffy_prod_01kdx2z2...",
"created_at": "2025-01-15T10:30:00Z",
"updated_at": "2025-01-15T10:35:00Z",
"is_active": true,
"expires_at": "2026-01-15T10:30:00Z",
"revoked_at": "2023-11-07T05:31:56Z",
"revoked_by": "usr_01h2xcejqtf2nbrexx3vqjhp41",
"revoked_comment": "rotated"
}
]
}Documentation Index
Fetch the complete documentation index at: https://developers.factify.com/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Bearer authentication using a factapi-issued API key
(ffy_<env>_<base32_uuid><base62_random>). Cookie-based
sessions are accepted automatically by user-facing endpoints
but are not surfaced as an OpenAPI auth scheme.
Headers
Optional. Factify-staff acting-as override: when set, factapi
resolves the request against this organization instead of the
session-bound one. Honored only for callers with @factify.com
emails; non-staff requests carrying this header are rejected
with 403. The value is a typed org id (e.g.
org_01h2xcejqtf2nbrexx3vqjhp41).
^org_[0-9a-hjkmnp-tv-z]{26}$"org_01h2xcejqtf2nbrexx3vqjhp41"
Query Parameters
Whether to include revoked keys. Defaults to false.
Expired-but-not-revoked keys are always returned; use the
is_active field to filter currently usable keys.
false
Response
A list of API keys for the organization.
A page of API keys for the caller's organization. Secrets are never included.
API keys for the organization.
Show child attributes
Show child attributes