@unkey/api 0.12.1 → 0.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +2059 -292
  2. package/dist/index.d.ts +2059 -292
  3. package/dist/index.js +42 -47
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +42 -47
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +6 -2
package/dist/index.d.mts CHANGED
@@ -1,395 +1,2153 @@
1
- type ErrorCode = "NOT_FOUND" | "BAD_REQUEST" | "UNAUTHORIZED" | "INTERNAL_SERVER_ERROR" | "RATELIMITED" | "FORBIDDEN" | "KEY_USAGE_EXCEEDED" | "INVALID_KEY_TYPE" | "NOT_UNIQUE" | "FETCH_ERROR";
2
- type UnkeyError = {
3
- code: ErrorCode;
4
- docs: string;
5
- message: string;
6
- requestId: string;
7
- };
8
- type ErrorResponse = {
9
- error: UnkeyError;
10
- };
1
+ /**
2
+ * This file was auto-generated by openapi-typescript.
3
+ * Do not make direct changes to the file.
4
+ */
11
5
 
12
- type UnkeyOptions = ({
13
- token?: never;
14
- /**
15
- * The root key from unkey.dev.
16
- *
17
- * You can create/manage your root keys here:
18
- * https://unkey.dev/app/settings/root-keys
19
- */
20
- rootKey: string;
21
- } | {
22
- /**
23
- * The workspace key from unkey.dev
24
- *
25
- * @deprecated Use `rootKey`
26
- */
27
- token: string;
28
- rootKey?: never;
29
- }) & {
30
- /**
31
- * @default https://api.unkey.dev
32
- */
33
- baseUrl?: string;
34
- /**
35
- * Retry on network errors
36
- */
37
- retry?: {
38
- /**
39
- * How many attempts should be made
40
- * The maximum number of requests will be `attempts + 1`
41
- * `0` means no retries
42
- *
43
- * @default 5
44
- */
45
- attempts?: number;
46
- /**
47
- * Return how many milliseconds to wait until the next attempt is made
48
- *
49
- * @default `(retryCount) => Math.round(Math.exp(retryCount) * 10)),`
50
- */
51
- backoff?: (retryCount: number) => number;
6
+
7
+ interface paths {
8
+ "/v1/liveness": {
9
+ get: {
10
+ responses: {
11
+ /** @description The configured services and their status */
12
+ 200: {
13
+ content: {
14
+ "application/json": {
15
+ /** @description The status of the server */
16
+ status: string;
17
+ services: {
18
+ /**
19
+ * @description The name of the connected metrics service
20
+ * @example AxiomMetrics
21
+ */
22
+ metrics: string;
23
+ /**
24
+ * @description The name of the connected logger service
25
+ * @example AxiomLogger or ConsoleLogger
26
+ */
27
+ logger: string;
28
+ /** @description The name of the connected ratelimit service */
29
+ ratelimit: string;
30
+ /** @description The name of the connected usagelimit service */
31
+ usagelimit: string;
32
+ /** @description The name of the connected analytics service */
33
+ analytics: string;
34
+ };
35
+ };
36
+ };
37
+ };
38
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
39
+ 400: {
40
+ content: {
41
+ "application/json": components["schemas"]["ErrBadRequest"];
42
+ };
43
+ };
44
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
45
+ 401: {
46
+ content: {
47
+ "application/json": components["schemas"]["ErrUnauthorized"];
48
+ };
49
+ };
50
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
51
+ 403: {
52
+ content: {
53
+ "application/json": components["schemas"]["ErrForbidden"];
54
+ };
55
+ };
56
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
57
+ 404: {
58
+ content: {
59
+ "application/json": components["schemas"]["ErrNotFound"];
60
+ };
61
+ };
62
+ /** @description This response is sent when a request conflicts with the current state of the server. */
63
+ 409: {
64
+ content: {
65
+ "application/json": components["schemas"]["ErrConflict"];
66
+ };
67
+ };
68
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
69
+ 429: {
70
+ content: {
71
+ "application/json": components["schemas"]["ErrTooManyRequests"];
72
+ };
73
+ };
74
+ /** @description The server has encountered a situation it does not know how to handle. */
75
+ 500: {
76
+ content: {
77
+ "application/json": components["schemas"]["ErrInternalServerError"];
78
+ };
79
+ };
80
+ };
52
81
  };
53
- /**
54
- * Customize the `fetch` cache behaviour
55
- */
56
- cache?: RequestCache;
57
- };
58
- type Result<R> = {
59
- result: R;
60
- error?: never;
61
- } | {
62
- result?: never;
63
- error: UnkeyError;
64
- };
65
- declare class Unkey {
66
- readonly baseUrl: string;
67
- private readonly rootKey;
68
- private readonly cache?;
69
- readonly retry: {
70
- attempts: number;
71
- backoff: (retryCount: number) => number;
82
+ };
83
+ "/v1/keys.getKey": {
84
+ get: {
85
+ parameters: {
86
+ query: {
87
+ keyId: string;
88
+ };
89
+ };
90
+ responses: {
91
+ /** @description The configuration for a single key */
92
+ 200: {
93
+ content: {
94
+ "application/json": components["schemas"]["Key"];
95
+ };
96
+ };
97
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
98
+ 400: {
99
+ content: {
100
+ "application/json": components["schemas"]["ErrBadRequest"];
101
+ };
102
+ };
103
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
104
+ 401: {
105
+ content: {
106
+ "application/json": components["schemas"]["ErrUnauthorized"];
107
+ };
108
+ };
109
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
110
+ 403: {
111
+ content: {
112
+ "application/json": components["schemas"]["ErrForbidden"];
113
+ };
114
+ };
115
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
116
+ 404: {
117
+ content: {
118
+ "application/json": components["schemas"]["ErrNotFound"];
119
+ };
120
+ };
121
+ /** @description This response is sent when a request conflicts with the current state of the server. */
122
+ 409: {
123
+ content: {
124
+ "application/json": components["schemas"]["ErrConflict"];
125
+ };
126
+ };
127
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
128
+ 429: {
129
+ content: {
130
+ "application/json": components["schemas"]["ErrTooManyRequests"];
131
+ };
132
+ };
133
+ /** @description The server has encountered a situation it does not know how to handle. */
134
+ 500: {
135
+ content: {
136
+ "application/json": components["schemas"]["ErrInternalServerError"];
137
+ };
138
+ };
139
+ };
72
140
  };
73
- constructor(opts: UnkeyOptions);
74
- private fetch;
75
- get keys(): {
76
- create: (req: {
141
+ };
142
+ "/v1/keys.deleteKey": {
143
+ post: {
144
+ requestBody: {
145
+ content: {
146
+ "application/json": {
77
147
  /**
78
- * Provide a name to this key if you want for later reference
148
+ * @description The id of the key to revoke
149
+ * @example key_1234
79
150
  */
80
- name?: string;
151
+ keyId: string;
152
+ };
153
+ };
154
+ };
155
+ responses: {
156
+ /** @description The key was successfully revoked, it may take up to 30s for this to take effect in all regions */
157
+ 200: {
158
+ content: {
159
+ "application/json": Record<string, never>;
160
+ };
161
+ };
162
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
163
+ 400: {
164
+ content: {
165
+ "application/json": components["schemas"]["ErrBadRequest"];
166
+ };
167
+ };
168
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
169
+ 401: {
170
+ content: {
171
+ "application/json": components["schemas"]["ErrUnauthorized"];
172
+ };
173
+ };
174
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
175
+ 403: {
176
+ content: {
177
+ "application/json": components["schemas"]["ErrForbidden"];
178
+ };
179
+ };
180
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
181
+ 404: {
182
+ content: {
183
+ "application/json": components["schemas"]["ErrNotFound"];
184
+ };
185
+ };
186
+ /** @description This response is sent when a request conflicts with the current state of the server. */
187
+ 409: {
188
+ content: {
189
+ "application/json": components["schemas"]["ErrConflict"];
190
+ };
191
+ };
192
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
193
+ 429: {
194
+ content: {
195
+ "application/json": components["schemas"]["ErrTooManyRequests"];
196
+ };
197
+ };
198
+ /** @description The server has encountered a situation it does not know how to handle. */
199
+ 500: {
200
+ content: {
201
+ "application/json": components["schemas"]["ErrInternalServerError"];
202
+ };
203
+ };
204
+ };
205
+ };
206
+ };
207
+ "/v1/keys.createKey": {
208
+ post: {
209
+ requestBody: {
210
+ content: {
211
+ "application/json": {
81
212
  /**
82
- * Choose an API where this key should be created.
213
+ * @description Choose an `API` where this key should be created.
214
+ * @example api_123
83
215
  */
84
216
  apiId: string;
85
217
  /**
86
- * To make it easier for your users to understand which product an api key belongs to, you can add prefix them.
218
+ * @description To make it easier for your users to understand which product an api key belongs to, you can add prefix them.
87
219
  *
88
220
  * For example Stripe famously prefixes their customer ids with cus_ or their api keys with sk_live_.
89
221
  *
90
- * The underscore is automtically added if you are defining a prefix, for example: "prefix": "abc" will result in a key like abc_xxxxxxxxx
222
+ * The underscore is automatically added if you are defining a prefix, for example: "prefix": "abc" will result in a key like abc_xxxxxxxxx
91
223
  */
92
224
  prefix?: string;
93
225
  /**
94
- * The bytelength used to generate your key determines its entropy as well as its length. Higher is better, but keys become longer and more annoying to handle.
95
- *
96
- * The default is 16 bytes, or 2128 possible combinations
226
+ * @description The name for your Key. This is not customer facing.
227
+ * @example my key
228
+ */
229
+ name?: string;
230
+ /**
231
+ * @description The byte length used to generate your key determines its entropy as well as its length. Higher is better, but keys become longer and more annoying to handle. The default is 16 bytes, or 2^^128 possible combinations.
232
+ * @default 16
97
233
  */
98
234
  byteLength?: number;
99
235
  /**
100
- * Your user’s Id. This will provide a link between Unkey and your customer record.
101
- *
236
+ * @description Your user’s Id. This will provide a link between Unkey and your customer record.
102
237
  * When validating a key, we will return this back to you, so you can clearly identify your user from their api key.
238
+ * @example team_123
103
239
  */
104
240
  ownerId?: string;
105
241
  /**
106
- * This is a place for dynamic meta data, anything that feels useful for you should go here
107
- *
108
- * Example:
109
- *
110
- * ```json
111
- * {
112
- * "billingTier":"PRO",
242
+ * @description This is a place for dynamic meta data, anything that feels useful for you should go here
243
+ * @example {
244
+ * "billingTier": "PRO",
113
245
  * "trialEnds": "2023-06-16T17:16:37.161Z"
114
246
  * }
115
- * ```
116
247
  */
117
- meta?: unknown;
248
+ meta?: {
249
+ [key: string]: unknown;
250
+ };
118
251
  /**
119
- * You can auto expire keys by providing a unix timestamp in milliseconds.
120
- *
121
- * Once keys expire they will automatically be deleted and are no longer valid.
252
+ * @description You can auto expire keys by providing a unix timestamp in milliseconds. Once Keys expire they will automatically be disabled and are no longer valid unless you enable them again.
253
+ * @example 1623869797161
122
254
  */
123
255
  expires?: number;
124
256
  /**
125
- * Unkey comes with per-key ratelimiting out of the box.
126
- *
127
- * @see https://unkey.dev/docs/features/ratelimiting
257
+ * @description You can limit the number of requests a key can make. Once a key reaches 0 remaining requests, it will automatically be disabled and is no longer valid unless you update it.
258
+ * @example 1000
259
+ */
260
+ remaining?: number;
261
+ /**
262
+ * @description Unkey comes with per-key ratelimiting out of the box.
263
+ * @example {
264
+ * "type": "fast",
265
+ * "limit": 10,
266
+ * "refillRate": 1,
267
+ * "refillInterval": 60
268
+ * }
128
269
  */
129
270
  ratelimit?: {
130
- type: "fast" | "consistent";
271
+ /**
272
+ * @description Fast ratelimiting doesn't add latency, while consistent ratelimiting is more accurate.
273
+ * @default fast
274
+ * @enum {string}
275
+ */
276
+ type: "fast" | "consistent";
277
+ /** @description The total amount of burstable requests. */
278
+ limit: number;
279
+ /** @description How many tokens to refill during each refillInterval. */
280
+ refillRate: number;
281
+ /** @description Determines the speed at which tokens are refilled, in milliseconds. */
282
+ refillInterval: number;
283
+ };
284
+ };
285
+ };
286
+ };
287
+ responses: {
288
+ /** @description The configuration for an api */
289
+ 200: {
290
+ content: {
291
+ "application/json": {
292
+ /**
293
+ * @description The id of the key. This is not a secret and can be stored as a reference if you wish. You need the keyId to update or delete a key later.
294
+ * @example key_123
295
+ */
296
+ keyId: string;
297
+ /**
298
+ * @description The newly created api key, do not store this on your own system but pass it along to your user.
299
+ * @example prefix_xxxxxxxxx
300
+ */
301
+ key: string;
302
+ };
303
+ };
304
+ };
305
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
306
+ 400: {
307
+ content: {
308
+ "application/json": components["schemas"]["ErrBadRequest"];
309
+ };
310
+ };
311
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
312
+ 401: {
313
+ content: {
314
+ "application/json": components["schemas"]["ErrUnauthorized"];
315
+ };
316
+ };
317
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
318
+ 403: {
319
+ content: {
320
+ "application/json": components["schemas"]["ErrForbidden"];
321
+ };
322
+ };
323
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
324
+ 404: {
325
+ content: {
326
+ "application/json": components["schemas"]["ErrNotFound"];
327
+ };
328
+ };
329
+ /** @description This response is sent when a request conflicts with the current state of the server. */
330
+ 409: {
331
+ content: {
332
+ "application/json": components["schemas"]["ErrConflict"];
333
+ };
334
+ };
335
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
336
+ 429: {
337
+ content: {
338
+ "application/json": components["schemas"]["ErrTooManyRequests"];
339
+ };
340
+ };
341
+ /** @description The server has encountered a situation it does not know how to handle. */
342
+ 500: {
343
+ content: {
344
+ "application/json": components["schemas"]["ErrInternalServerError"];
345
+ };
346
+ };
347
+ };
348
+ };
349
+ };
350
+ "/v1/keys.verifyKey": {
351
+ post: {
352
+ requestBody: {
353
+ content: {
354
+ "application/json": {
355
+ /**
356
+ * @description The id of the api where the key belongs to. This is optional for now but will be required soon.
357
+ * The key will be verified against the api's configuration. If the key does not belong to the api, the verification will fail.
358
+ * @example api_1234
359
+ */
360
+ apiId?: string;
361
+ /**
362
+ * @description The key to verify
363
+ * @example sk_1234
364
+ */
365
+ key: string;
366
+ };
367
+ };
368
+ };
369
+ responses: {
370
+ /** @description The verification result */
371
+ 200: {
372
+ content: {
373
+ "application/json": {
374
+ /**
375
+ * @description The id of the key
376
+ * @example key_1234
377
+ */
378
+ keyId?: string;
379
+ /**
380
+ * @description Whether the key is valid or not.
381
+ * A key could be invalid for a number of reasons, for example if it has expired, has no more verifications left or if it has been deleted.
382
+ * @example true
383
+ */
384
+ valid: boolean;
385
+ /**
386
+ * @description The name of the key, give keys a name to easily identifiy their purpose
387
+ * @example Customer X
388
+ */
389
+ name?: string;
390
+ /**
391
+ * @description The id of the tenant associated with this key. Use whatever reference you have in your system to identify the tenant. When verifying the key, we will send this field back to you, so you know who is accessing your API.
392
+ * @example user_123
393
+ */
394
+ ownerId?: string;
395
+ /**
396
+ * @description Any additional metadata you want to store with the key
397
+ * @example {
398
+ * "roles": [
399
+ * "admin",
400
+ * "user"
401
+ * ],
402
+ * "stripeCustomerId": "cus_1234"
403
+ * }
404
+ */
405
+ meta?: {
406
+ [key: string]: unknown;
407
+ };
408
+ /**
409
+ * @description The unix timestamp in milliseconds when the key will expire. If this field is null or undefined, the key is not expiring.
410
+ * @example 123
411
+ */
412
+ expires?: number;
413
+ /**
414
+ * @description The ratelimit configuration for this key. If this field is null or undefined, the key has no ratelimit.
415
+ * @example {
416
+ * "limit": 10,
417
+ * "remaining": 9,
418
+ * "reset": 3600000
419
+ * }
420
+ */
421
+ ratelimit?: {
131
422
  /**
132
- * The total amount of burstable requests.
423
+ * @description Maximum number of requests that can be made inside a window
424
+ * @example 10
133
425
  */
134
426
  limit: number;
135
427
  /**
136
- * How many tokens to refill during each refillInterval
428
+ * @description Remaining requests after this verification
429
+ * @example 9
137
430
  */
138
- refillRate: number;
431
+ remaining: number;
139
432
  /**
140
- * Determines the speed at which tokens are refilled.
141
- * In milliseconds.
433
+ * @description Unix timestamp in milliseconds when the ratelimit will reset
434
+ * @example 3600000
142
435
  */
143
- refillInterval: number;
436
+ reset: number;
437
+ };
438
+ /**
439
+ * @description The number of requests that can be made with this key before it becomes invalid. If this field is null or undefined, the key has no request limit.
440
+ * @example 1000
441
+ */
442
+ remaining?: number;
443
+ /**
444
+ * @description If the key is invalid this field will be set to the reason why it is invalid.
445
+ * Possible values are:
446
+ * - NOT_FOUND: the key does not exist or has expired
447
+ * - FORBIDDEN: the key is not allowed to access the api
448
+ * - KEY_USAGE_EXCEEDED: the key has exceeded its request limit
449
+ * - RATELIMITED: the key has been ratelimited,
450
+ *
451
+ * @enum {string}
452
+ */
453
+ code?: "NOT_FOUND" | "FORBIDDEN" | "KEY_USAGE_EXCEEDED" | "RATELIMITED";
144
454
  };
455
+ };
456
+ };
457
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
458
+ 400: {
459
+ content: {
460
+ "application/json": components["schemas"]["ErrBadRequest"];
461
+ };
462
+ };
463
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
464
+ 401: {
465
+ content: {
466
+ "application/json": components["schemas"]["ErrUnauthorized"];
467
+ };
468
+ };
469
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
470
+ 403: {
471
+ content: {
472
+ "application/json": components["schemas"]["ErrForbidden"];
473
+ };
474
+ };
475
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
476
+ 404: {
477
+ content: {
478
+ "application/json": components["schemas"]["ErrNotFound"];
479
+ };
480
+ };
481
+ /** @description This response is sent when a request conflicts with the current state of the server. */
482
+ 409: {
483
+ content: {
484
+ "application/json": components["schemas"]["ErrConflict"];
485
+ };
486
+ };
487
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
488
+ 429: {
489
+ content: {
490
+ "application/json": components["schemas"]["ErrTooManyRequests"];
491
+ };
492
+ };
493
+ /** @description The server has encountered a situation it does not know how to handle. */
494
+ 500: {
495
+ content: {
496
+ "application/json": components["schemas"]["ErrInternalServerError"];
497
+ };
498
+ };
499
+ };
500
+ };
501
+ };
502
+ "/v1/keys.updateKey": {
503
+ post: {
504
+ requestBody: {
505
+ content: {
506
+ "application/json": {
145
507
  /**
146
- * Unkey allows you to set/update usage limits on individual keys
147
- *
148
- * @see https://unkey.dev/docs/features/remaining
149
- */
150
- remaining?: number;
151
- }) => Promise<Result<{
152
- key: string;
153
- keyId: string;
154
- }>>;
155
- update: (req: {
156
- /**
157
- * The id of the key to update.
508
+ * @description The id of the key you want to modify
509
+ * @example key_123
158
510
  */
159
511
  keyId: string;
160
512
  /**
161
- * Update the name
513
+ * @description The name of the key
514
+ * @example Customer X
162
515
  */
163
516
  name?: string | null;
164
517
  /**
165
- * Update the owner id
518
+ * @description The id of the tenant associated with this key. Use whatever reference you have in your system to identify the tenant. When verifying the key, we will send this field back to you, so you know who is accessing your API.
519
+ * @example user_123
166
520
  */
167
521
  ownerId?: string | null;
168
522
  /**
169
- * This is a place for dynamic meta data, anything that feels useful for you should go here
170
- *
171
- * Example:
172
- *
173
- * ```json
174
- * {
175
- * "billingTier":"PRO",
176
- * "trialEnds": "2023-06-16T17:16:37.161Z"
523
+ * @description Any additional metadata you want to store with the key
524
+ * @example {
525
+ * "roles": [
526
+ * "admin",
527
+ * "user"
528
+ * ],
529
+ * "stripeCustomerId": "cus_1234"
177
530
  * }
178
- * ```
179
531
  */
180
- meta?: unknown | null;
532
+ meta?: {
533
+ [key: string]: unknown;
534
+ } | null;
181
535
  /**
182
- * Update the expiration time, Unix timstamp in milliseconds
183
- *
184
- *
536
+ * @description The unix timestamp in milliseconds when the key will expire. If this field is null or undefined, the key is not expiring.
537
+ * @example 0
185
538
  */
186
539
  expires?: number | null;
187
540
  /**
188
- * Update the ratelimit
189
- *
190
- * @see https://unkey.dev/docs/features/ratelimiting
541
+ * @description Unkey comes with per-key ratelimiting out of the box. Set `null` to disable.
542
+ * @example {
543
+ * "type": "fast",
544
+ * "limit": 10,
545
+ * "refillRate": 1,
546
+ * "refillInterval": 60
547
+ * }
191
548
  */
192
- ratelimit?: {
193
- type: "fast" | "consistent";
194
- /**
195
- * The total amount of burstable requests.
196
- */
197
- limit: number;
198
- /**
199
- * How many tokens to refill during each refillInterval
200
- */
201
- refillRate: number;
202
- /**
203
- * Determines the speed at which tokens are refilled.
204
- * In milliseconds.
205
- */
206
- refillInterval: number;
207
- } | null;
549
+ ratelimit?: ({
550
+ /**
551
+ * @description Fast ratelimiting doesn't add latency, while consistent ratelimiting is more accurate.
552
+ * @enum {string}
553
+ */
554
+ type: "fast" | "consistent";
555
+ /** @description The total amount of burstable requests. */
556
+ limit: number;
557
+ /** @description How many tokens to refill during each refillInterval. */
558
+ refillRate: number;
559
+ /** @description Determines the speed at which tokens are refilled, in milliseconds. */
560
+ refillInterval: number;
561
+ }) | null;
208
562
  /**
209
- * Update the remaining verifications.
210
- *
211
- * @see https://unkey.dev/docs/features/remaining
563
+ * @description The number of requests that can be made with this key before it becomes invalid. Set `null` to disable.
564
+ * @example 1000
212
565
  */
213
566
  remaining?: number | null;
214
- }) => Promise<Result<{
215
- key: string;
567
+ };
568
+ };
569
+ };
570
+ responses: {
571
+ /** @description The key was successfully updated, it may take up to 30s for this to take effect in all regions */
572
+ 200: {
573
+ content: {
574
+ "application/json": Record<string, never>;
575
+ };
576
+ };
577
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
578
+ 400: {
579
+ content: {
580
+ "application/json": components["schemas"]["ErrBadRequest"];
581
+ };
582
+ };
583
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
584
+ 401: {
585
+ content: {
586
+ "application/json": components["schemas"]["ErrUnauthorized"];
587
+ };
588
+ };
589
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
590
+ 403: {
591
+ content: {
592
+ "application/json": components["schemas"]["ErrForbidden"];
593
+ };
594
+ };
595
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
596
+ 404: {
597
+ content: {
598
+ "application/json": components["schemas"]["ErrNotFound"];
599
+ };
600
+ };
601
+ /** @description This response is sent when a request conflicts with the current state of the server. */
602
+ 409: {
603
+ content: {
604
+ "application/json": components["schemas"]["ErrConflict"];
605
+ };
606
+ };
607
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
608
+ 429: {
609
+ content: {
610
+ "application/json": components["schemas"]["ErrTooManyRequests"];
611
+ };
612
+ };
613
+ /** @description The server has encountered a situation it does not know how to handle. */
614
+ 500: {
615
+ content: {
616
+ "application/json": components["schemas"]["ErrInternalServerError"];
617
+ };
618
+ };
619
+ };
620
+ };
621
+ };
622
+ "/v1/keys.updateRemaining": {
623
+ post: {
624
+ requestBody: {
625
+ content: {
626
+ "application/json": {
627
+ /**
628
+ * @description The id of the key you want to modify
629
+ * @example key_123
630
+ */
216
631
  keyId: string;
217
- }>>;
218
- verify: (req: {
219
632
  /**
220
- * The key to verify
633
+ * @description The operation you want to perform on the remaining count
634
+ * @enum {string}
221
635
  */
222
- key: string;
636
+ op: "increment" | "decrement" | "set";
223
637
  /**
224
- * The api id to verify against
225
- *
226
- * This will be required soon.
638
+ * @description The value you want to set, add or subtract the remaining count by
639
+ * @example 1
227
640
  */
228
- apiId?: string;
229
- }) => Promise<Result<{
641
+ value: number | null;
642
+ };
643
+ };
644
+ };
645
+ responses: {
646
+ /** @description The configuration for an api */
647
+ 200: {
648
+ content: {
649
+ "application/json": {
650
+ /**
651
+ * @description The number of remaining requests for this key after updating it. `null` means unlimited.
652
+ * @example 100
653
+ */
654
+ remaining: number | null;
655
+ };
656
+ };
657
+ };
658
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
659
+ 400: {
660
+ content: {
661
+ "application/json": components["schemas"]["ErrBadRequest"];
662
+ };
663
+ };
664
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
665
+ 401: {
666
+ content: {
667
+ "application/json": components["schemas"]["ErrUnauthorized"];
668
+ };
669
+ };
670
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
671
+ 403: {
672
+ content: {
673
+ "application/json": components["schemas"]["ErrForbidden"];
674
+ };
675
+ };
676
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
677
+ 404: {
678
+ content: {
679
+ "application/json": components["schemas"]["ErrNotFound"];
680
+ };
681
+ };
682
+ /** @description This response is sent when a request conflicts with the current state of the server. */
683
+ 409: {
684
+ content: {
685
+ "application/json": components["schemas"]["ErrConflict"];
686
+ };
687
+ };
688
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
689
+ 429: {
690
+ content: {
691
+ "application/json": components["schemas"]["ErrTooManyRequests"];
692
+ };
693
+ };
694
+ /** @description The server has encountered a situation it does not know how to handle. */
695
+ 500: {
696
+ content: {
697
+ "application/json": components["schemas"]["ErrInternalServerError"];
698
+ };
699
+ };
700
+ };
701
+ };
702
+ };
703
+ "/v1/apis.getApi": {
704
+ get: {
705
+ parameters: {
706
+ query: {
707
+ apiId: string;
708
+ };
709
+ };
710
+ responses: {
711
+ /** @description The configuration for an api */
712
+ 200: {
713
+ content: {
714
+ "application/json": {
715
+ /**
716
+ * @description The id of the key
717
+ * @example key_1234
718
+ */
719
+ id: string;
720
+ /**
721
+ * @description The id of the workspace that owns the api
722
+ * @example ws_1234
723
+ */
724
+ workspaceId: string;
725
+ /**
726
+ * @description The name of the api. This is internal and your users will not see this.
727
+ * @example Unkey - Production
728
+ */
729
+ name?: string;
730
+ };
731
+ };
732
+ };
733
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
734
+ 400: {
735
+ content: {
736
+ "application/json": components["schemas"]["ErrBadRequest"];
737
+ };
738
+ };
739
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
740
+ 401: {
741
+ content: {
742
+ "application/json": components["schemas"]["ErrUnauthorized"];
743
+ };
744
+ };
745
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
746
+ 403: {
747
+ content: {
748
+ "application/json": components["schemas"]["ErrForbidden"];
749
+ };
750
+ };
751
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
752
+ 404: {
753
+ content: {
754
+ "application/json": components["schemas"]["ErrNotFound"];
755
+ };
756
+ };
757
+ /** @description This response is sent when a request conflicts with the current state of the server. */
758
+ 409: {
759
+ content: {
760
+ "application/json": components["schemas"]["ErrConflict"];
761
+ };
762
+ };
763
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
764
+ 429: {
765
+ content: {
766
+ "application/json": components["schemas"]["ErrTooManyRequests"];
767
+ };
768
+ };
769
+ /** @description The server has encountered a situation it does not know how to handle. */
770
+ 500: {
771
+ content: {
772
+ "application/json": components["schemas"]["ErrInternalServerError"];
773
+ };
774
+ };
775
+ };
776
+ };
777
+ };
778
+ "/v1/apis.createApi": {
779
+ post: {
780
+ requestBody: {
781
+ content: {
782
+ "application/json": {
230
783
  /**
231
- * Whether or not this key is valid and has passed the ratelimit. If false you should not grant access to whatever the user is requesting
784
+ * @description The name for your API. This is not customer facing.
785
+ * @example my-api
232
786
  */
233
- valid: boolean;
787
+ name: string;
788
+ };
789
+ };
790
+ };
791
+ responses: {
792
+ /** @description The configuration for an api */
793
+ 200: {
794
+ content: {
795
+ "application/json": {
796
+ /**
797
+ * @description The id of the api
798
+ * @example api_134
799
+ */
800
+ apiId: string;
801
+ };
802
+ };
803
+ };
804
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
805
+ 400: {
806
+ content: {
807
+ "application/json": components["schemas"]["ErrBadRequest"];
808
+ };
809
+ };
810
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
811
+ 401: {
812
+ content: {
813
+ "application/json": components["schemas"]["ErrUnauthorized"];
814
+ };
815
+ };
816
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
817
+ 403: {
818
+ content: {
819
+ "application/json": components["schemas"]["ErrForbidden"];
820
+ };
821
+ };
822
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
823
+ 404: {
824
+ content: {
825
+ "application/json": components["schemas"]["ErrNotFound"];
826
+ };
827
+ };
828
+ /** @description This response is sent when a request conflicts with the current state of the server. */
829
+ 409: {
830
+ content: {
831
+ "application/json": components["schemas"]["ErrConflict"];
832
+ };
833
+ };
834
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
835
+ 429: {
836
+ content: {
837
+ "application/json": components["schemas"]["ErrTooManyRequests"];
838
+ };
839
+ };
840
+ /** @description The server has encountered a situation it does not know how to handle. */
841
+ 500: {
842
+ content: {
843
+ "application/json": components["schemas"]["ErrInternalServerError"];
844
+ };
845
+ };
846
+ };
847
+ };
848
+ };
849
+ "/v1/apis.listKeys": {
850
+ get: {
851
+ parameters: {
852
+ query: {
853
+ apiId: string;
854
+ limit?: number;
855
+ cursor?: string;
856
+ ownerId?: string;
857
+ };
858
+ };
859
+ responses: {
860
+ /** @description The configuration for an api */
861
+ 200: {
862
+ content: {
863
+ "application/json": {
864
+ keys: components["schemas"]["Key"][];
865
+ /**
866
+ * @description The cursor to use for the next page of results, if no cursor is returned, there are no more results
867
+ * @example eyJrZXkiOiJrZXlfMTIzNCJ9
868
+ */
869
+ cursor?: string;
870
+ /** @description The total number of keys for this api */
871
+ total: number;
872
+ };
873
+ };
874
+ };
875
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
876
+ 400: {
877
+ content: {
878
+ "application/json": components["schemas"]["ErrBadRequest"];
879
+ };
880
+ };
881
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
882
+ 401: {
883
+ content: {
884
+ "application/json": components["schemas"]["ErrUnauthorized"];
885
+ };
886
+ };
887
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
888
+ 403: {
889
+ content: {
890
+ "application/json": components["schemas"]["ErrForbidden"];
891
+ };
892
+ };
893
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
894
+ 404: {
895
+ content: {
896
+ "application/json": components["schemas"]["ErrNotFound"];
897
+ };
898
+ };
899
+ /** @description This response is sent when a request conflicts with the current state of the server. */
900
+ 409: {
901
+ content: {
902
+ "application/json": components["schemas"]["ErrConflict"];
903
+ };
904
+ };
905
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
906
+ 429: {
907
+ content: {
908
+ "application/json": components["schemas"]["ErrTooManyRequests"];
909
+ };
910
+ };
911
+ /** @description The server has encountered a situation it does not know how to handle. */
912
+ 500: {
913
+ content: {
914
+ "application/json": components["schemas"]["ErrInternalServerError"];
915
+ };
916
+ };
917
+ };
918
+ };
919
+ };
920
+ "/v1/apis.deleteApi": {
921
+ post: {
922
+ requestBody: {
923
+ content: {
924
+ "application/json": {
234
925
  /**
235
- * If you have set an ownerId on this key it is returned here. You can use this to clearly authenticate a user in your system.
926
+ * @description The id of the api to delete
927
+ * @example api_1234
236
928
  */
237
- ownerId?: string;
929
+ apiId: string;
930
+ };
931
+ };
932
+ };
933
+ responses: {
934
+ /** @description The api was successfully deleted, it may take up to 30s for this to take effect in all regions */
935
+ 200: {
936
+ content: {
937
+ "application/json": Record<string, never>;
938
+ };
939
+ };
940
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
941
+ 400: {
942
+ content: {
943
+ "application/json": components["schemas"]["ErrBadRequest"];
944
+ };
945
+ };
946
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
947
+ 401: {
948
+ content: {
949
+ "application/json": components["schemas"]["ErrUnauthorized"];
950
+ };
951
+ };
952
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
953
+ 403: {
954
+ content: {
955
+ "application/json": components["schemas"]["ErrForbidden"];
956
+ };
957
+ };
958
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
959
+ 404: {
960
+ content: {
961
+ "application/json": components["schemas"]["ErrNotFound"];
962
+ };
963
+ };
964
+ /** @description This response is sent when a request conflicts with the current state of the server. */
965
+ 409: {
966
+ content: {
967
+ "application/json": components["schemas"]["ErrConflict"];
968
+ };
969
+ };
970
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
971
+ 429: {
972
+ content: {
973
+ "application/json": components["schemas"]["ErrTooManyRequests"];
974
+ };
975
+ };
976
+ /** @description The server has encountered a situation it does not know how to handle. */
977
+ 500: {
978
+ content: {
979
+ "application/json": components["schemas"]["ErrInternalServerError"];
980
+ };
981
+ };
982
+ };
983
+ };
984
+ };
985
+ "/v1/keys/{keyId}": {
986
+ put: {
987
+ parameters: {
988
+ header: {
989
+ authorization: string;
990
+ };
991
+ path: {
992
+ keyId: string;
993
+ };
994
+ };
995
+ requestBody: {
996
+ content: {
997
+ "application/json": {
238
998
  /**
239
- * This is the meta data you have set when creating the key.
240
- *
241
- * Example:
242
- *
243
- * ```json
244
- * {
245
- * "billingTier":"PRO",
246
- * "trialEnds": "2023-06-16T17:16:37.161Z"
247
- * }
248
- * ```
999
+ * @description The name of the key
1000
+ * @example Customer X
249
1001
  */
250
- meta?: unknown;
1002
+ name?: string | null;
251
1003
  /**
252
- * Unix timestamp in milliseconds when this key expires
253
- * Only available when the key automatically expires
1004
+ * @description The id of the tenant associated with this key. Use whatever reference you have in your system to identify the tenant. When verifying the key, we will send this field back to you, so you know who is accessing your API.
1005
+ * @example user_123
254
1006
  */
255
- expires?: number;
1007
+ ownerId?: string | null;
256
1008
  /**
257
- * How many verifications are remaining after the current request.
1009
+ * @description Any additional metadata you want to store with the key
1010
+ * @example {
1011
+ * "roles": [
1012
+ * "admin",
1013
+ * "user"
1014
+ * ],
1015
+ * "stripeCustomerId": "cus_1234"
1016
+ * }
258
1017
  */
259
- remaining?: number;
1018
+ meta?: {
1019
+ [key: string]: unknown;
1020
+ } | null;
260
1021
  /**
261
- * Ratelimit data if the key is ratelimited.
1022
+ * @description The unix timestamp in milliseconds when the key will expire. If this field is null or undefined, the key is not expiring.
1023
+ * @example 0
262
1024
  */
263
- ratelimit?: {
264
- /**
265
- * The maximum number of requests for bursting.
266
- */
267
- limit: number;
268
- /**
269
- * How many requests are remaining until `reset`
270
- */
271
- remaining: number;
272
- /**
273
- * Unix timestamp in millisecond when the ratelimit is refilled.
274
- */
275
- reset: number;
276
- };
1025
+ expires?: number | null;
277
1026
  /**
278
- * Machine readable code that explains why a key is invalid or could not be verified
1027
+ * @description Unkey comes with per-key ratelimiting out of the box. Set `null` to disable.
1028
+ * @example {
1029
+ * "type": "fast",
1030
+ * "limit": 10,
1031
+ * "refillRate": 1,
1032
+ * "refillInterval": 60
1033
+ * }
279
1034
  */
280
- code?: "NOT_FOUND" | "FORBIDDEN" | "RATELIMITED" | "KEY_USAGE_EXCEEDED";
281
- }>>;
282
- revoke: (req: {
283
- keyId: string;
284
- }) => Promise<Result<void>>;
285
- };
286
- get apis(): {
287
- create: (req: {
1035
+ ratelimit?: ({
1036
+ /**
1037
+ * @description Fast ratelimiting doesn't add latency, while consistent ratelimiting is more accurate.
1038
+ * @enum {string}
1039
+ */
1040
+ type: "fast" | "consistent";
1041
+ /** @description The total amount of burstable requests. */
1042
+ limit: number;
1043
+ /** @description How many tokens to refill during each refillInterval. */
1044
+ refillRate: number;
1045
+ /** @description Determines the speed at which tokens are refilled, in milliseconds. */
1046
+ refillInterval: number;
1047
+ }) | null;
288
1048
  /**
289
- * A name for you to identify your API.
1049
+ * @description The number of requests that can be made with this key before it becomes invalid. Set `null` to disable.
1050
+ * @example 1000
290
1051
  */
291
- name: string;
292
- }) => Promise<Result<{
1052
+ remaining?: number | null;
1053
+ };
1054
+ };
1055
+ };
1056
+ responses: {
1057
+ /** @description The key was successfully updated, it may take up to 30s for this to take effect in all regions */
1058
+ 200: {
1059
+ content: {
1060
+ "application/json": Record<string, never>;
1061
+ };
1062
+ };
1063
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1064
+ 400: {
1065
+ content: {
1066
+ "application/json": components["schemas"]["ErrBadRequest"];
1067
+ };
1068
+ };
1069
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1070
+ 401: {
1071
+ content: {
1072
+ "application/json": components["schemas"]["ErrUnauthorized"];
1073
+ };
1074
+ };
1075
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1076
+ 403: {
1077
+ content: {
1078
+ "application/json": components["schemas"]["ErrForbidden"];
1079
+ };
1080
+ };
1081
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1082
+ 404: {
1083
+ content: {
1084
+ "application/json": components["schemas"]["ErrNotFound"];
1085
+ };
1086
+ };
1087
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1088
+ 409: {
1089
+ content: {
1090
+ "application/json": components["schemas"]["ErrConflict"];
1091
+ };
1092
+ };
1093
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1094
+ 429: {
1095
+ content: {
1096
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1097
+ };
1098
+ };
1099
+ /** @description The server has encountered a situation it does not know how to handle. */
1100
+ 500: {
1101
+ content: {
1102
+ "application/json": components["schemas"]["ErrInternalServerError"];
1103
+ };
1104
+ };
1105
+ };
1106
+ };
1107
+ };
1108
+ "/v1/keys/:keyId": {
1109
+ get: {
1110
+ parameters: {
1111
+ header: {
1112
+ authorization: string;
1113
+ };
1114
+ };
1115
+ responses: {
1116
+ /** @description The configuration for a single key */
1117
+ 200: {
1118
+ content: {
1119
+ "application/json": components["schemas"]["Key"];
1120
+ };
1121
+ };
1122
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1123
+ 400: {
1124
+ content: {
1125
+ "application/json": components["schemas"]["ErrBadRequest"];
1126
+ };
1127
+ };
1128
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1129
+ 401: {
1130
+ content: {
1131
+ "application/json": components["schemas"]["ErrUnauthorized"];
1132
+ };
1133
+ };
1134
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1135
+ 403: {
1136
+ content: {
1137
+ "application/json": components["schemas"]["ErrForbidden"];
1138
+ };
1139
+ };
1140
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1141
+ 404: {
1142
+ content: {
1143
+ "application/json": components["schemas"]["ErrNotFound"];
1144
+ };
1145
+ };
1146
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1147
+ 409: {
1148
+ content: {
1149
+ "application/json": components["schemas"]["ErrConflict"];
1150
+ };
1151
+ };
1152
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1153
+ 429: {
1154
+ content: {
1155
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1156
+ };
1157
+ };
1158
+ /** @description The server has encountered a situation it does not know how to handle. */
1159
+ 500: {
1160
+ content: {
1161
+ "application/json": components["schemas"]["ErrInternalServerError"];
1162
+ };
1163
+ };
1164
+ };
1165
+ };
1166
+ delete: {
1167
+ parameters: {
1168
+ header: {
1169
+ authorization: string;
1170
+ };
1171
+ };
1172
+ responses: {
1173
+ /** @description The key was successfully revoked, it may take up to 30s for this to take effect in all regions */
1174
+ 200: {
1175
+ content: {
1176
+ "application/json": Record<string, never>;
1177
+ };
1178
+ };
1179
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1180
+ 400: {
1181
+ content: {
1182
+ "application/json": components["schemas"]["ErrBadRequest"];
1183
+ };
1184
+ };
1185
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1186
+ 401: {
1187
+ content: {
1188
+ "application/json": components["schemas"]["ErrUnauthorized"];
1189
+ };
1190
+ };
1191
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1192
+ 403: {
1193
+ content: {
1194
+ "application/json": components["schemas"]["ErrForbidden"];
1195
+ };
1196
+ };
1197
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1198
+ 404: {
1199
+ content: {
1200
+ "application/json": components["schemas"]["ErrNotFound"];
1201
+ };
1202
+ };
1203
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1204
+ 409: {
1205
+ content: {
1206
+ "application/json": components["schemas"]["ErrConflict"];
1207
+ };
1208
+ };
1209
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1210
+ 429: {
1211
+ content: {
1212
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1213
+ };
1214
+ };
1215
+ /** @description The server has encountered a situation it does not know how to handle. */
1216
+ 500: {
1217
+ content: {
1218
+ "application/json": components["schemas"]["ErrInternalServerError"];
1219
+ };
1220
+ };
1221
+ };
1222
+ };
1223
+ };
1224
+ "/v1/keys": {
1225
+ post: {
1226
+ parameters: {
1227
+ header: {
1228
+ authorization: string;
1229
+ };
1230
+ };
1231
+ requestBody: {
1232
+ content: {
1233
+ "application/json": {
293
1234
  /**
294
- * The global unique identifier of your api.
295
- * You'll need this for other api requests.
1235
+ * @description Choose an `API` where this key should be created.
1236
+ * @example api_123
296
1237
  */
297
1238
  apiId: string;
298
- }>>;
299
- remove: (req: {
300
1239
  /**
301
- * The global unique identifier of your api.
302
- * You'll need this for other api requests.
1240
+ * @description To make it easier for your users to understand which product an api key belongs to, you can add prefix them.
1241
+ *
1242
+ * For example Stripe famously prefixes their customer ids with cus_ or their api keys with sk_live_.
1243
+ *
1244
+ * The underscore is automatically added if you are defining a prefix, for example: "prefix": "abc" will result in a key like abc_xxxxxxxxx
303
1245
  */
304
- apiId: string;
305
- }) => Promise<Result<{
1246
+ prefix?: string;
306
1247
  /**
307
- * The global unique identifier of your api.
308
- * You'll need this for other api requests.
1248
+ * @description The name for your Key. This is not customer facing.
1249
+ * @example my key
309
1250
  */
310
- apiId: string;
311
- }>>;
312
- get: (req: {
1251
+ name?: string;
313
1252
  /**
314
- * The api id
1253
+ * @description The byte length used to generate your key determines its entropy as well as its length. Higher is better, but keys become longer and more annoying to handle. The default is 16 bytes, or 2^^128 possible combinations.
1254
+ * @default 16
315
1255
  */
316
- apiId: string;
317
- }) => Promise<Result<{
318
- id: string;
319
- name: string;
320
- workspaceId: string;
321
- }>>;
322
- listKeys: (req: {
1256
+ byteLength?: number;
323
1257
  /**
324
- * The api id
1258
+ * @description Your user’s Id. This will provide a link between Unkey and your customer record.
1259
+ * When validating a key, we will return this back to you, so you can clearly identify your user from their api key.
1260
+ * @example team_123
325
1261
  */
326
- apiId: string;
1262
+ ownerId?: string;
327
1263
  /**
328
- * Limit the number of returned keys, the maximum is 100.
329
- *
330
- * @default 100
1264
+ * @description This is a place for dynamic meta data, anything that feels useful for you should go here
1265
+ * @example {
1266
+ * "billingTier": "PRO",
1267
+ * "trialEnds": "2023-06-16T17:16:37.161Z"
1268
+ * }
331
1269
  */
332
- limit?: number;
1270
+ meta?: {
1271
+ [key: string]: unknown;
1272
+ };
333
1273
  /**
334
- * Specify an offset for pagination.
335
- * @example:
336
- * An offset of 4 will skip the first 4 keys and return keys starting at the 5th position.
337
- *
338
- * @default 0
1274
+ * @description You can auto expire keys by providing a unix timestamp in milliseconds. Once Keys expire they will automatically be disabled and are no longer valid unless you enable them again.
1275
+ * @example 1623869797161
339
1276
  */
340
- offset?: number;
1277
+ expires?: number;
341
1278
  /**
342
- * If provided, this will only return keys where the ownerId matches.
1279
+ * @description You can limit the number of requests a key can make. Once a key reaches 0 remaining requests, it will automatically be disabled and is no longer valid unless you update it.
1280
+ * @example 1000
343
1281
  */
344
- ownerId?: string;
345
- }) => Promise<Result<{
346
- keys: {
347
- id: string;
348
- apiId: string;
349
- ownerId?: string;
350
- workspaceId: string;
351
- start: string;
352
- createdAt: number;
353
- name?: string;
354
- expires?: number;
355
- remaining?: number;
356
- meta?: unknown;
357
- ratelimit?: {
358
- type: "fast" | "consistent";
359
- limit: number;
360
- refillRate: number;
361
- refillInterval: number;
362
- };
363
- }[];
364
- total: number;
365
- }>>;
1282
+ remaining?: number;
1283
+ /**
1284
+ * @description Unkey comes with per-key ratelimiting out of the box.
1285
+ * @example {
1286
+ * "type": "fast",
1287
+ * "limit": 10,
1288
+ * "refillRate": 1,
1289
+ * "refillInterval": 60
1290
+ * }
1291
+ */
1292
+ ratelimit?: {
1293
+ /**
1294
+ * @description Fast ratelimiting doesn't add latency, while consistent ratelimiting is more accurate.
1295
+ * @default fast
1296
+ * @enum {string}
1297
+ */
1298
+ type: "fast" | "consistent";
1299
+ /** @description The total amount of burstable requests. */
1300
+ limit: number;
1301
+ /** @description How many tokens to refill during each refillInterval. */
1302
+ refillRate: number;
1303
+ /** @description Determines the speed at which tokens are refilled, in milliseconds. */
1304
+ refillInterval: number;
1305
+ };
1306
+ };
1307
+ };
1308
+ };
1309
+ responses: {
1310
+ /** @description The configuration for an api */
1311
+ 200: {
1312
+ content: {
1313
+ "application/json": {
1314
+ /**
1315
+ * @description The id of the key. This is not a secret and can be stored as a reference if you wish. You need the keyId to update or delete a key later.
1316
+ * @example key_123
1317
+ */
1318
+ keyId: string;
1319
+ /**
1320
+ * @description The newly created api key, do not store this on your own system but pass it along to your user.
1321
+ * @example prefix_xxxxxxxxx
1322
+ */
1323
+ key: string;
1324
+ };
1325
+ };
1326
+ };
1327
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1328
+ 400: {
1329
+ content: {
1330
+ "application/json": components["schemas"]["ErrBadRequest"];
1331
+ };
1332
+ };
1333
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1334
+ 401: {
1335
+ content: {
1336
+ "application/json": components["schemas"]["ErrUnauthorized"];
1337
+ };
1338
+ };
1339
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1340
+ 403: {
1341
+ content: {
1342
+ "application/json": components["schemas"]["ErrForbidden"];
1343
+ };
1344
+ };
1345
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1346
+ 404: {
1347
+ content: {
1348
+ "application/json": components["schemas"]["ErrNotFound"];
1349
+ };
1350
+ };
1351
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1352
+ 409: {
1353
+ content: {
1354
+ "application/json": components["schemas"]["ErrConflict"];
1355
+ };
1356
+ };
1357
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1358
+ 429: {
1359
+ content: {
1360
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1361
+ };
1362
+ };
1363
+ /** @description The server has encountered a situation it does not know how to handle. */
1364
+ 500: {
1365
+ content: {
1366
+ "application/json": components["schemas"]["ErrInternalServerError"];
1367
+ };
1368
+ };
1369
+ };
366
1370
  };
367
- /**
368
- * Must be authenticated via app token
369
- */
370
- get _internal(): {
371
- createRootKey: (req: {
1371
+ };
1372
+ "/v1/keys/verify": {
1373
+ post: {
1374
+ requestBody: {
1375
+ content: {
1376
+ "application/json": {
372
1377
  /**
373
- * Provide a name to this key if you want for later reference
1378
+ * @description The id of the api where the key belongs to. This is optional for now but will be required soon.
1379
+ * The key will be verified against the api's configuration. If the key does not belong to the api, the verification will fail.
1380
+ * @example api_1234
374
1381
  */
375
- name?: string;
1382
+ apiId?: string;
376
1383
  /**
377
- * You can auto expire keys by providing a unix timestamp in milliseconds.
378
- *
379
- * Once keys expire they will automatically be deleted and are no longer valid.
1384
+ * @description The key to verify
1385
+ * @example sk_1234
380
1386
  */
381
- expires?: number;
382
- forWorkspaceId: string;
383
- }) => Promise<Result<{
384
1387
  key: string;
385
- keyId: string;
386
- }>>;
387
- deleteRootKey: (req: {
1388
+ };
1389
+ };
1390
+ };
1391
+ responses: {
1392
+ /** @description The verification result */
1393
+ 200: {
1394
+ content: {
1395
+ "application/json": {
1396
+ /**
1397
+ * @description The id of the key
1398
+ * @example key_1234
1399
+ */
1400
+ keyId?: string;
1401
+ /**
1402
+ * @description Whether the key is valid or not.
1403
+ * A key could be invalid for a number of reasons, for example if it has expired, has no more verifications left or if it has been deleted.
1404
+ * @example true
1405
+ */
1406
+ valid: boolean;
1407
+ /**
1408
+ * @description The name of the key, give keys a name to easily identifiy their purpose
1409
+ * @example Customer X
1410
+ */
1411
+ name?: string;
1412
+ /**
1413
+ * @description The id of the tenant associated with this key. Use whatever reference you have in your system to identify the tenant. When verifying the key, we will send this field back to you, so you know who is accessing your API.
1414
+ * @example user_123
1415
+ */
1416
+ ownerId?: string;
1417
+ /**
1418
+ * @description Any additional metadata you want to store with the key
1419
+ * @example {
1420
+ * "roles": [
1421
+ * "admin",
1422
+ * "user"
1423
+ * ],
1424
+ * "stripeCustomerId": "cus_1234"
1425
+ * }
1426
+ */
1427
+ meta?: {
1428
+ [key: string]: unknown;
1429
+ };
1430
+ /**
1431
+ * @description The unix timestamp in milliseconds when the key was created
1432
+ * @example 0
1433
+ */
1434
+ createdAt: number;
1435
+ /**
1436
+ * @description The unix timestamp in milliseconds when the key was deleted. We don't delete the key outright, you can restore it later.
1437
+ * @example 0
1438
+ */
1439
+ deletedAt?: number;
1440
+ /**
1441
+ * @description The unix timestamp in milliseconds when the key will expire. If this field is null or undefined, the key is not expiring.
1442
+ * @example 123
1443
+ */
1444
+ expires?: number;
1445
+ /**
1446
+ * @description The ratelimit configuration for this key. If this field is null or undefined, the key has no ratelimit.
1447
+ * @example {
1448
+ * "limit": 10,
1449
+ * "remaining": 9,
1450
+ * "reset": 3600000
1451
+ * }
1452
+ */
1453
+ ratelimit?: {
1454
+ /**
1455
+ * @description Maximum number of requests that can be made inside a window
1456
+ * @example 10
1457
+ */
1458
+ limit: number;
1459
+ /**
1460
+ * @description Remaining requests after this verification
1461
+ * @example 9
1462
+ */
1463
+ remaining: number;
1464
+ /**
1465
+ * @description Unix timestamp in milliseconds when the ratelimit will reset
1466
+ * @example 3600000
1467
+ */
1468
+ reset: number;
1469
+ };
1470
+ /**
1471
+ * @description The number of requests that can be made with this key before it becomes invalid. If this field is null or undefined, the key has no request limit.
1472
+ * @example 1000
1473
+ */
1474
+ remaining?: number;
1475
+ /**
1476
+ * @description If the key is invalid this field will be set to the reason why it is invalid.
1477
+ * Possible values are:
1478
+ * - NOT_FOUND: the key does not exist or has expired
1479
+ * - FORBIDDEN: the key is not allowed to access the api
1480
+ * - KEY_USAGE_EXCEEDED: the key has exceeded its request limit
1481
+ * - RATELIMITED: the key has been ratelimited,
1482
+ *
1483
+ * @example NOT_FOUND
1484
+ * @enum {string}
1485
+ */
1486
+ code?: "NOT_FOUND" | "FORBIDDEN" | "KEY_USAGE_EXCEEDED" | "RATELIMITED";
1487
+ };
1488
+ };
1489
+ };
1490
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1491
+ 400: {
1492
+ content: {
1493
+ "application/json": components["schemas"]["ErrBadRequest"];
1494
+ };
1495
+ };
1496
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1497
+ 401: {
1498
+ content: {
1499
+ "application/json": components["schemas"]["ErrUnauthorized"];
1500
+ };
1501
+ };
1502
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1503
+ 403: {
1504
+ content: {
1505
+ "application/json": components["schemas"]["ErrForbidden"];
1506
+ };
1507
+ };
1508
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1509
+ 404: {
1510
+ content: {
1511
+ "application/json": components["schemas"]["ErrNotFound"];
1512
+ };
1513
+ };
1514
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1515
+ 409: {
1516
+ content: {
1517
+ "application/json": components["schemas"]["ErrConflict"];
1518
+ };
1519
+ };
1520
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1521
+ 429: {
1522
+ content: {
1523
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1524
+ };
1525
+ };
1526
+ /** @description The server has encountered a situation it does not know how to handle. */
1527
+ 500: {
1528
+ content: {
1529
+ "application/json": components["schemas"]["ErrInternalServerError"];
1530
+ };
1531
+ };
1532
+ };
1533
+ };
1534
+ };
1535
+ "/v1/apis": {
1536
+ post: {
1537
+ requestBody: {
1538
+ content: {
1539
+ "application/json": {
388
1540
  /**
389
- * Used to create root keys from the frontend, please ignore
1541
+ * @description The name for your API. This is not customer facing.
1542
+ * @example my-api
390
1543
  */
391
- keyId: string;
392
- }) => Promise<Result<void>>;
1544
+ name: string;
1545
+ };
1546
+ };
1547
+ };
1548
+ responses: {
1549
+ /** @description The configuration for an api */
1550
+ 200: {
1551
+ content: {
1552
+ "application/json": {
1553
+ /**
1554
+ * @description The id of the api
1555
+ * @example api_134
1556
+ */
1557
+ apiId: string;
1558
+ };
1559
+ };
1560
+ };
1561
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1562
+ 400: {
1563
+ content: {
1564
+ "application/json": components["schemas"]["ErrBadRequest"];
1565
+ };
1566
+ };
1567
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1568
+ 401: {
1569
+ content: {
1570
+ "application/json": components["schemas"]["ErrUnauthorized"];
1571
+ };
1572
+ };
1573
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1574
+ 403: {
1575
+ content: {
1576
+ "application/json": components["schemas"]["ErrForbidden"];
1577
+ };
1578
+ };
1579
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1580
+ 404: {
1581
+ content: {
1582
+ "application/json": components["schemas"]["ErrNotFound"];
1583
+ };
1584
+ };
1585
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1586
+ 409: {
1587
+ content: {
1588
+ "application/json": components["schemas"]["ErrConflict"];
1589
+ };
1590
+ };
1591
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1592
+ 429: {
1593
+ content: {
1594
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1595
+ };
1596
+ };
1597
+ /** @description The server has encountered a situation it does not know how to handle. */
1598
+ 500: {
1599
+ content: {
1600
+ "application/json": components["schemas"]["ErrInternalServerError"];
1601
+ };
1602
+ };
1603
+ };
1604
+ };
1605
+ };
1606
+ "/v1/apis/{apiId}": {
1607
+ get: {
1608
+ parameters: {
1609
+ path: {
1610
+ apiId: string;
1611
+ };
1612
+ };
1613
+ responses: {
1614
+ /** @description The configuration for an api */
1615
+ 200: {
1616
+ content: {
1617
+ "application/json": {
1618
+ /**
1619
+ * @description The id of the key
1620
+ * @example key_1234
1621
+ */
1622
+ id: string;
1623
+ /**
1624
+ * @description The id of the workspace that owns the api
1625
+ * @example ws_1234
1626
+ */
1627
+ workspaceId: string;
1628
+ /**
1629
+ * @description The name of the api. This is internal and your users will not see this.
1630
+ * @example Unkey - Production
1631
+ */
1632
+ name?: string;
1633
+ };
1634
+ };
1635
+ };
1636
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1637
+ 400: {
1638
+ content: {
1639
+ "application/json": components["schemas"]["ErrBadRequest"];
1640
+ };
1641
+ };
1642
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1643
+ 401: {
1644
+ content: {
1645
+ "application/json": components["schemas"]["ErrUnauthorized"];
1646
+ };
1647
+ };
1648
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1649
+ 403: {
1650
+ content: {
1651
+ "application/json": components["schemas"]["ErrForbidden"];
1652
+ };
1653
+ };
1654
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1655
+ 404: {
1656
+ content: {
1657
+ "application/json": components["schemas"]["ErrNotFound"];
1658
+ };
1659
+ };
1660
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1661
+ 409: {
1662
+ content: {
1663
+ "application/json": components["schemas"]["ErrConflict"];
1664
+ };
1665
+ };
1666
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1667
+ 429: {
1668
+ content: {
1669
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1670
+ };
1671
+ };
1672
+ /** @description The server has encountered a situation it does not know how to handle. */
1673
+ 500: {
1674
+ content: {
1675
+ "application/json": components["schemas"]["ErrInternalServerError"];
1676
+ };
1677
+ };
1678
+ };
1679
+ };
1680
+ delete: {
1681
+ parameters: {
1682
+ header: {
1683
+ authorization: string;
1684
+ };
1685
+ path: {
1686
+ apiId: string;
1687
+ };
1688
+ };
1689
+ responses: {
1690
+ /** @description The api was successfully deleted, it may take up to 30s for this to take effect in all regions */
1691
+ 200: {
1692
+ content: {
1693
+ "application/json": Record<string, never>;
1694
+ };
1695
+ };
1696
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1697
+ 400: {
1698
+ content: {
1699
+ "application/json": components["schemas"]["ErrBadRequest"];
1700
+ };
1701
+ };
1702
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1703
+ 401: {
1704
+ content: {
1705
+ "application/json": components["schemas"]["ErrUnauthorized"];
1706
+ };
1707
+ };
1708
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1709
+ 403: {
1710
+ content: {
1711
+ "application/json": components["schemas"]["ErrForbidden"];
1712
+ };
1713
+ };
1714
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1715
+ 404: {
1716
+ content: {
1717
+ "application/json": components["schemas"]["ErrNotFound"];
1718
+ };
1719
+ };
1720
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1721
+ 409: {
1722
+ content: {
1723
+ "application/json": components["schemas"]["ErrConflict"];
1724
+ };
1725
+ };
1726
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1727
+ 429: {
1728
+ content: {
1729
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1730
+ };
1731
+ };
1732
+ /** @description The server has encountered a situation it does not know how to handle. */
1733
+ 500: {
1734
+ content: {
1735
+ "application/json": components["schemas"]["ErrInternalServerError"];
1736
+ };
1737
+ };
1738
+ };
1739
+ };
1740
+ };
1741
+ "/v1/apis/{apiId}/keys": {
1742
+ get: {
1743
+ parameters: {
1744
+ query?: {
1745
+ limit?: number;
1746
+ offset?: number | null;
1747
+ ownerId?: string;
1748
+ };
1749
+ path: {
1750
+ apiId: string;
1751
+ };
1752
+ };
1753
+ responses: {
1754
+ /** @description Keys belonging to the api */
1755
+ 200: {
1756
+ content: {
1757
+ "application/json": {
1758
+ keys: components["schemas"]["Key"][];
1759
+ /** @description The total number of keys for this api */
1760
+ total: number;
1761
+ };
1762
+ };
1763
+ };
1764
+ /** @description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). */
1765
+ 400: {
1766
+ content: {
1767
+ "application/json": components["schemas"]["ErrBadRequest"];
1768
+ };
1769
+ };
1770
+ /** @description Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. */
1771
+ 401: {
1772
+ content: {
1773
+ "application/json": components["schemas"]["ErrUnauthorized"];
1774
+ };
1775
+ };
1776
+ /** @description The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. */
1777
+ 403: {
1778
+ content: {
1779
+ "application/json": components["schemas"]["ErrForbidden"];
1780
+ };
1781
+ };
1782
+ /** @description The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. This response code is probably the most well known due to its frequent occurrence on the web. */
1783
+ 404: {
1784
+ content: {
1785
+ "application/json": components["schemas"]["ErrNotFound"];
1786
+ };
1787
+ };
1788
+ /** @description This response is sent when a request conflicts with the current state of the server. */
1789
+ 409: {
1790
+ content: {
1791
+ "application/json": components["schemas"]["ErrConflict"];
1792
+ };
1793
+ };
1794
+ /** @description The user has sent too many requests in a given amount of time ("rate limiting") */
1795
+ 429: {
1796
+ content: {
1797
+ "application/json": components["schemas"]["ErrTooManyRequests"];
1798
+ };
1799
+ };
1800
+ /** @description The server has encountered a situation it does not know how to handle. */
1801
+ 500: {
1802
+ content: {
1803
+ "application/json": components["schemas"]["ErrInternalServerError"];
1804
+ };
1805
+ };
1806
+ };
1807
+ };
1808
+ };
1809
+ }
1810
+
1811
+ interface components {
1812
+ schemas: {
1813
+ ErrBadRequest: {
1814
+ error: {
1815
+ /**
1816
+ * @description A machine readable error code.
1817
+ * @example BAD_REQUEST
1818
+ * @enum {string}
1819
+ */
1820
+ code: "BAD_REQUEST";
1821
+ /**
1822
+ * @description A link to our documentation with more details about this error code
1823
+ * @example https://docs.unkey.dev/api-reference/errors/code/BAD_REQUEST
1824
+ */
1825
+ docs: string;
1826
+ /** @description A human readable explanation of what went wrong */
1827
+ message: string;
1828
+ /**
1829
+ * @description Please always include the requestId in your error report
1830
+ * @example req_1234
1831
+ */
1832
+ requestId: string;
1833
+ };
1834
+ };
1835
+ ErrUnauthorized: {
1836
+ error: {
1837
+ /**
1838
+ * @description A machine readable error code.
1839
+ * @example UNAUTHORIZED
1840
+ * @enum {string}
1841
+ */
1842
+ code: "UNAUTHORIZED";
1843
+ /**
1844
+ * @description A link to our documentation with more details about this error code
1845
+ * @example https://docs.unkey.dev/api-reference/errors/code/UNAUTHORIZED
1846
+ */
1847
+ docs: string;
1848
+ /** @description A human readable explanation of what went wrong */
1849
+ message: string;
1850
+ /**
1851
+ * @description Please always include the requestId in your error report
1852
+ * @example req_1234
1853
+ */
1854
+ requestId: string;
1855
+ };
1856
+ };
1857
+ ErrForbidden: {
1858
+ error: {
1859
+ /**
1860
+ * @description A machine readable error code.
1861
+ * @example FORBIDDEN
1862
+ * @enum {string}
1863
+ */
1864
+ code: "FORBIDDEN";
1865
+ /**
1866
+ * @description A link to our documentation with more details about this error code
1867
+ * @example https://docs.unkey.dev/api-reference/errors/code/FORBIDDEN
1868
+ */
1869
+ docs: string;
1870
+ /** @description A human readable explanation of what went wrong */
1871
+ message: string;
1872
+ /**
1873
+ * @description Please always include the requestId in your error report
1874
+ * @example req_1234
1875
+ */
1876
+ requestId: string;
1877
+ };
1878
+ };
1879
+ ErrNotFound: {
1880
+ error: {
1881
+ /**
1882
+ * @description A machine readable error code.
1883
+ * @example NOT_FOUND
1884
+ * @enum {string}
1885
+ */
1886
+ code: "NOT_FOUND";
1887
+ /**
1888
+ * @description A link to our documentation with more details about this error code
1889
+ * @example https://docs.unkey.dev/api-reference/errors/code/NOT_FOUND
1890
+ */
1891
+ docs: string;
1892
+ /** @description A human readable explanation of what went wrong */
1893
+ message: string;
1894
+ /**
1895
+ * @description Please always include the requestId in your error report
1896
+ * @example req_1234
1897
+ */
1898
+ requestId: string;
1899
+ };
1900
+ };
1901
+ ErrConflict: {
1902
+ error: {
1903
+ /**
1904
+ * @description A machine readable error code.
1905
+ * @example CONFLICT
1906
+ * @enum {string}
1907
+ */
1908
+ code: "CONFLICT";
1909
+ /**
1910
+ * @description A link to our documentation with more details about this error code
1911
+ * @example https://docs.unkey.dev/api-reference/errors/code/CONFLICT
1912
+ */
1913
+ docs: string;
1914
+ /** @description A human readable explanation of what went wrong */
1915
+ message: string;
1916
+ /**
1917
+ * @description Please always include the requestId in your error report
1918
+ * @example req_1234
1919
+ */
1920
+ requestId: string;
1921
+ };
1922
+ };
1923
+ ErrTooManyRequests: {
1924
+ error: {
1925
+ /**
1926
+ * @description A machine readable error code.
1927
+ * @example TOO_MANY_REQUESTS
1928
+ * @enum {string}
1929
+ */
1930
+ code: "TOO_MANY_REQUESTS";
1931
+ /**
1932
+ * @description A link to our documentation with more details about this error code
1933
+ * @example https://docs.unkey.dev/api-reference/errors/code/TOO_MANY_REQUESTS
1934
+ */
1935
+ docs: string;
1936
+ /** @description A human readable explanation of what went wrong */
1937
+ message: string;
1938
+ /**
1939
+ * @description Please always include the requestId in your error report
1940
+ * @example req_1234
1941
+ */
1942
+ requestId: string;
1943
+ };
1944
+ };
1945
+ ErrInternalServerError: {
1946
+ error: {
1947
+ /**
1948
+ * @description A machine readable error code.
1949
+ * @example INTERNAL_SERVER_ERROR
1950
+ * @enum {string}
1951
+ */
1952
+ code: "INTERNAL_SERVER_ERROR";
1953
+ /**
1954
+ * @description A link to our documentation with more details about this error code
1955
+ * @example https://docs.unkey.dev/api-reference/errors/code/INTERNAL_SERVER_ERROR
1956
+ */
1957
+ docs: string;
1958
+ /** @description A human readable explanation of what went wrong */
1959
+ message: string;
1960
+ /**
1961
+ * @description Please always include the requestId in your error report
1962
+ * @example req_1234
1963
+ */
1964
+ requestId: string;
1965
+ };
1966
+ };
1967
+ Key: {
1968
+ /**
1969
+ * @description The id of the key
1970
+ * @example key_1234
1971
+ */
1972
+ id: string;
1973
+ /**
1974
+ * @description The first few characters of the key to visually identify it
1975
+ * @example sk_5j1
1976
+ */
1977
+ start: string;
1978
+ /**
1979
+ * @description The id of the workspace that owns the key
1980
+ * @example ws_1234
1981
+ */
1982
+ workspaceId: string;
1983
+ /**
1984
+ * @description The id of the api that this key is for
1985
+ * @example api_1234
1986
+ */
1987
+ apiId?: string;
1988
+ /**
1989
+ * @description The name of the key, give keys a name to easily identifiy their purpose
1990
+ * @example Customer X
1991
+ */
1992
+ name?: string;
1993
+ /**
1994
+ * @description The id of the tenant associated with this key. Use whatever reference you have in your system to identify the tenant. When verifying the key, we will send this field back to you, so you know who is accessing your API.
1995
+ * @example user_123
1996
+ */
1997
+ ownerId?: string;
1998
+ /**
1999
+ * @description Any additional metadata you want to store with the key
2000
+ * @example {
2001
+ * "roles": [
2002
+ * "admin",
2003
+ * "user"
2004
+ * ],
2005
+ * "stripeCustomerId": "cus_1234"
2006
+ * }
2007
+ */
2008
+ meta?: {
2009
+ [key: string]: unknown;
2010
+ };
2011
+ /**
2012
+ * @description The unix timestamp in milliseconds when the key was created
2013
+ * @example 0
2014
+ */
2015
+ createdAt: number;
2016
+ /**
2017
+ * @description The unix timestamp in milliseconds when the key was deleted. We don't delete the key outright, you can restore it later.
2018
+ * @example 0
2019
+ */
2020
+ deletedAt?: number;
2021
+ /**
2022
+ * @description The unix timestamp in milliseconds when the key will expire. If this field is null or undefined, the key is not expiring.
2023
+ * @example 0
2024
+ */
2025
+ expires?: number;
2026
+ /**
2027
+ * @description The number of requests that can be made with this key before it becomes invalid. If this field is null or undefined, the key has no request limit.
2028
+ * @example 1000
2029
+ */
2030
+ remaining?: number;
2031
+ /**
2032
+ * @description Unkey comes with per-key ratelimiting out of the box.
2033
+ * @example {
2034
+ * "type": "fast",
2035
+ * "limit": 10,
2036
+ * "refillRate": 1,
2037
+ * "refillInterval": 60
2038
+ * }
2039
+ */
2040
+ ratelimit?: {
2041
+ /**
2042
+ * @description Fast ratelimiting doesn't add latency, while consistent ratelimiting is more accurate.
2043
+ * @default fast
2044
+ * @enum {string}
2045
+ */
2046
+ type: "fast" | "consistent";
2047
+ /** @description The total amount of burstable requests. */
2048
+ limit: number;
2049
+ /** @description How many tokens to refill during each refillInterval. */
2050
+ refillRate: number;
2051
+ /** @description Determines the speed at which tokens are refilled, in milliseconds. */
2052
+ refillInterval: number;
2053
+ };
2054
+ };
2055
+ };
2056
+ responses: never;
2057
+ parameters: {
2058
+ };
2059
+ requestBodies: never;
2060
+ headers: never;
2061
+ pathItems: never;
2062
+ }
2063
+
2064
+ type ErrorResponse = paths["/v1/liveness"]["get"]["responses"]["500"]["content"]["application/json"];
2065
+
2066
+ type UnkeyOptions = ({
2067
+ token?: never;
2068
+ /**
2069
+ * The root key from unkey.dev.
2070
+ *
2071
+ * You can create/manage your root keys here:
2072
+ * https://unkey.dev/app/settings/root-keys
2073
+ */
2074
+ rootKey: string;
2075
+ } | {
2076
+ /**
2077
+ * The workspace key from unkey.dev
2078
+ *
2079
+ * @deprecated Use `rootKey`
2080
+ */
2081
+ token: string;
2082
+ rootKey?: never;
2083
+ }) & {
2084
+ /**
2085
+ * @default https://api.unkey.dev
2086
+ */
2087
+ baseUrl?: string;
2088
+ /**
2089
+ * Retry on network errors
2090
+ */
2091
+ retry?: {
2092
+ /**
2093
+ * How many attempts should be made
2094
+ * The maximum number of requests will be `attempts + 1`
2095
+ * `0` means no retries
2096
+ *
2097
+ * @default 5
2098
+ */
2099
+ attempts?: number;
2100
+ /**
2101
+ * Return how many milliseconds to wait until the next attempt is made
2102
+ *
2103
+ * @default `(retryCount) => Math.round(Math.exp(retryCount) * 10)),`
2104
+ */
2105
+ backoff?: (retryCount: number) => number;
2106
+ };
2107
+ /**
2108
+ * Customize the `fetch` cache behaviour
2109
+ */
2110
+ cache?: RequestCache;
2111
+ /**
2112
+ * The version of the SDK instantiating this client.
2113
+ *
2114
+ * This is used for internal metrics and is not covered by semver, and may change at any time.
2115
+ *
2116
+ * You can leave this blank unless you are building a wrapper around this SDK.
2117
+ */
2118
+ wrapperSdkVersion?: `v${string}`;
2119
+ };
2120
+ type Result<R> = {
2121
+ result: R;
2122
+ error?: never;
2123
+ } | {
2124
+ result?: never;
2125
+ error: ErrorResponse["error"];
2126
+ };
2127
+ declare class Unkey {
2128
+ readonly baseUrl: string;
2129
+ private readonly rootKey;
2130
+ private readonly cache?;
2131
+ private readonly sdkVersions;
2132
+ readonly retry: {
2133
+ attempts: number;
2134
+ backoff: (retryCount: number) => number;
2135
+ };
2136
+ constructor(opts: UnkeyOptions);
2137
+ private fetch;
2138
+ get keys(): {
2139
+ create: (req: paths["/v1/keys.createKey"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/keys.createKey"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2140
+ update: (req: paths["/v1/keys.updateKey"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/keys.updateKey"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2141
+ verify: (req: paths["/v1/keys.verifyKey"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/keys.verifyKey"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2142
+ delete: (req: paths["/v1/keys.deleteKey"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/keys.deleteKey"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2143
+ updateRemaining: (req: paths["/v1/keys.updateRemaining"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/keys.updateRemaining"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2144
+ get: (req: paths["/v1/keys.getKey"]["get"]["parameters"]["query"]) => Promise<Result<paths["/v1/keys.getKey"]["get"]["responses"]["200"]["content"]["application/json"]>>;
2145
+ };
2146
+ get apis(): {
2147
+ create: (req: paths["/v1/apis.createApi"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/apis.createApi"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2148
+ delete: (req: paths["/v1/apis.deleteApi"]["post"]["requestBody"]["content"]["application/json"]) => Promise<Result<paths["/v1/apis.deleteApi"]["post"]["responses"]["200"]["content"]["application/json"]>>;
2149
+ get: (req: paths["/v1/apis.getApi"]["get"]["parameters"]["query"]) => Promise<Result<paths["/v1/apis.getApi"]["get"]["responses"]["200"]["content"]["application/json"]>>;
2150
+ listKeys: (req: paths["/v1/apis.listKeys"]["get"]["parameters"]["query"]) => Promise<Result<paths["/v1/apis.listKeys"]["get"]["responses"]["200"]["content"]["application/json"]>>;
393
2151
  };
394
2152
  }
395
2153
 
@@ -419,22 +2177,31 @@ declare function verifyKey(req: string | {
419
2177
  apiId: string;
420
2178
  }): Promise<{
421
2179
  result?: undefined;
422
- error: UnkeyError;
2180
+ error: {
2181
+ code: "INTERNAL_SERVER_ERROR";
2182
+ docs: string;
2183
+ message: string;
2184
+ requestId: string;
2185
+ };
423
2186
  } | {
424
2187
  result: {
2188
+ keyId?: string | undefined;
425
2189
  valid: boolean;
2190
+ name?: string | undefined;
426
2191
  ownerId?: string | undefined;
427
- meta?: unknown;
2192
+ meta?: {
2193
+ [key: string]: unknown;
2194
+ } | undefined;
428
2195
  expires?: number | undefined;
429
- remaining?: number | undefined;
430
2196
  ratelimit?: {
431
2197
  limit: number;
432
2198
  remaining: number;
433
2199
  reset: number;
434
2200
  } | undefined;
435
- code?: "NOT_FOUND" | "RATELIMITED" | "FORBIDDEN" | "KEY_USAGE_EXCEEDED" | undefined;
2201
+ remaining?: number | undefined;
2202
+ code?: "NOT_FOUND" | "FORBIDDEN" | "KEY_USAGE_EXCEEDED" | "RATELIMITED" | undefined;
436
2203
  };
437
2204
  error?: undefined;
438
2205
  }>;
439
2206
 
440
- export { ErrorCode, ErrorResponse, Unkey, UnkeyError, UnkeyOptions, verifyKey };
2207
+ export { ErrorResponse, Unkey, UnkeyOptions, verifyKey };