POST
/
security
/
apiKeys
/
add
cURL
curl -X POST "https://api.onekhusa.com/sandbox/v1/security/apiKeys/add" \
  --header "Authorization: Bearer your-jwt-token" \
  --header "Content-Type: application/json" \
  --header "X-Organisation-Id: FYH0NTVW0DXK" \
  --header "X-Merchant-Account-Number: 35253486" \
  --header "Accept-Language: en" \
  -d '{
    "organisationId": "FYH0NTVW0DXK",
    "merchantAccountNumber": 35253486,
    "clientKey": "abcdefghijklmnopqrstuvwxyz1234",
    "clientSecret": "ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789012345",
    "createdBy": "admin@example.com"
  }'
"API key has been created successfully"

Authorizations

ā€‹
Authorization
string
header
required

Bearer authentication header of the form Bearer <Token>, where <Token> is your access token.

Headers

ā€‹
X-Organisation-Id
string
required

The organization identifier

ā€‹
X-Merchant-Account-Number
string
required

The merchant account number

ā€‹
Accept-Language
string
default:en

Preferred language for the response

Body

application/json

Request payload for creating a new client API key

ā€‹
organisationId
string
required

The unique identifier of the organisation

Example:

"FYH0NTVW0DXK"

ā€‹
merchantAccountNumber
integer
required

The unique identifier of the merchant account

Example:

35253486

ā€‹
clientKey
string
required

The client API key (typically 30 characters)

Example:

"abcdefghijklmnopqrstuvwxyz1234"

ā€‹
clientSecret
string
required

The client API secret (typically 45 characters)

Example:

"ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789012345"

ā€‹
capturedBy
string
required

The username or identifier of the user creating the API key

Example:

"string"

ā€‹
expiryDate
string<date-time>
required

The expiration date and time for the API key in UTC format (ISO 8601)

Example:

"2025-11-04T13:30:35.581Z"

Response

201 - application/json

API key has been created successfully

The response is of type string.

Example:

"API key has been created successfully"