DraftFilterDeveloper API

Developer reference

API Keys

Create, rotate, revoke, and inspect API keys in the authenticated dashboard. Those dashboard routes are not customer API-key-authenticated public API routes, so they are omitted from openapi/draftfilter-api.v1.yaml.

API-key plaintext is shown only when a key is created or rotated. After that, the dashboard stores and returns safe metadata such as key id, display name, scope list, prefix, last four secret characters, status, creation time, and rotation or revocation timestamps when present.

Revoking a key disables future API use but preserves audit metadata. Revoked records are retained so job attribution, usage history, revokedAt, revokedByUserId, and rotation lineage remain inspectable.

Rotation creates a successor key, shows the new plaintext value once, and revokes the previous key. Deploy clients with the successor key before removing the old key from secrets managers.

Default keys include these scopes unless reduced in the dashboard:

text
score_jobs:create
score_jobs:read
rewrite_jobs:create
rewrite_jobs:read

Dashboard-internal routes under /dashboard/* are unsupported internal implementation details for the web app. Public API clients should only call the /v1/* routes documented by the OpenAPI contract.