POST
/
v1
/
api-keys
Create an API key
curl --request POST \
  --url https://api.wavix.com/v1/api-keys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "label": "Production API Key",
  "is_active": true,
  "is_restriction": true,
  "permitted_ips": [
    "192.168.1.1",
    "10.0.0.1"
  ],
  "is_scopes_enabled": true,
  "numbers": {
    "allow": "read"
  },
  "calls": {
    "allow": "read"
  },
  "messages": {
    "allow": "write"
  },
  "two_fa": {
    "allow": "write"
  },
  "billing": {
    "allow": "read"
  }
}
'
{
  "id": 123,
  "label": "Production API Key",
  "value": "abc123def456ghi789jkl012mno345pqr678stu901vwx234yz",
  "is_active": true,
  "is_restriction": true,
  "permitted_ips": [
    "192.168.1.1",
    "10.0.0.1"
  ],
  "is_scopes_enabled": true,
  "last_used_at": null,
  "numbers": {
    "allow": "read"
  },
  "trunks": {
    "allow": "none"
  },
  "calls": {
    "allow": "read"
  },
  "messages": {
    "allow": "write"
  },
  "recordings": {
    "allow": "none"
  },
  "campaigns": {
    "allow": "none"
  },
  "two_fa": {
    "allow": "write"
  },
  "validator": {
    "allow": "none"
  },
  "webhooks": {
    "allow": "none"
  },
  "embeddable": {
    "allow": "none"
  },
  "billing": {
    "allow": "read"
  },
  "account": {
    "allow": "none"
  },
  "subaccounts": {
    "allow": "none"
  },
  "created_at": "2024-01-15T10:30:00Z"
}

Authorizations

Authorization
string
header
required

Bearer token using appid (Authorization: Bearer )

Body

application/json
label
string
required

API key label.

Example:

"My API key"

is_active
boolean
default:true

Indicates whether the API key should be activated upon creation.

Example:

true

is_restriction
boolean
default:false

Indicates whether to restrict API key access by IP address. When enabled, only requests from IP addresses listed in permitted_ips are allowed.

Example:

true

permitted_ips
string[]

List of permitted IP addresses for this API key. Each must be a valid IPv4 address. Required when is_restriction is true.

Example:
["192.168.1.1", "10.0.0.1"]
is_scopes_enabled
boolean
default:false

When true, scope fields below are enforced. When false (default), the key has full access. Omitted scope fields default to { allow: none }, so with is_scopes_enabled: true and no scopes set the key has no access.

Example:

true

numbers
object

View, buy, release, and configure phone numbers, browse inventory, and manage the cart.

trunks
object

View, create, update, and delete SIP trunks and their settings.

calls
object

Access call records and active calls, and control live call actions such as starting, answering, ending, audio playback, DTMF, streaming, and transcription requests.

messages
object

Access message history and Sender IDs, send messages, manage opt-outs, and create or delete Sender IDs.

recordings
object

List, download, and delete call recordings.

campaigns
object

View campaign analytics and Sender ID or Brand status, schedule bulk voice or SMS campaigns, register Brands, and create short links.

two_fa
object

View 2FA service details and verification logs, trigger OTPs by voice or SMS, and validate verification codes.

validator
object

View number validation results and trigger single or bulk validation or HLR lookup requests.

webhooks
object

List, create, and delete webhooks.

embeddable
object

Manage widget tokens, including listing, viewing, creating, updating, and deleting them.

billing
object

Access invoices, balance, payment methods, usage reports, and billing settings, including payment method updates.

account
object

View and update account profile information and timezone.

subaccounts
object

Manage subaccounts: list and view them, create, update, and suspend them.

Response

API key created.

API key details including IP restrictions and scope permissions.

id
integer
required

API key ID.

Example:

123

label
string
required

API key label.

Example:

"Production API Key"

value
string
required

API key value.

Example:

"abc123def456ghi789jkl012mno345pqr678stu901vwx234yz"

is_active
boolean
required

Indicates whether the API key is active.

Example:

true

is_restriction
boolean
required

Indicates whether IP restrictions are enabled. When enabled, the API key works only from IP addresses in permitted_ips.

Example:

true

permitted_ips
string[]
required

List of permitted IP addresses. If is_restriction is false, an empty list means no IP restrictions. If is_restriction is true, an empty list prevents all requests.

Example:
["192.168.1.1", "10.0.0.1"]
is_scopes_enabled
boolean
required

When true, the key is restricted to the permissions defined in the scope fields below. When false, the key has full access.

Example:

true

last_used_at
string<date-time> | null
required

Timestamp of the most recent authenticated request made with this key.

Example:

"2026-04-20T15:42:11Z"

numbers
object
required

View, buy, release, and configure phone numbers, browse inventory, and manage the cart.

trunks
object
required

View, create, update, and delete SIP trunks and their settings.

calls
object
required

Access call records and active calls, and control live call actions such as starting, answering, ending, audio playback, DTMF, streaming, and transcription requests.

messages
object
required

Access message history and Sender IDs, send messages, manage opt-outs, and create or delete Sender IDs.

recordings
object
required

List, download, and delete call recordings.

campaigns
object
required

View campaign analytics and Sender ID or Brand status, schedule bulk voice or SMS campaigns, register Brands, and create short links.

two_fa
object
required

View 2FA service details and verification logs, trigger OTPs by voice or SMS, and validate verification codes.

validator
object
required

View number validation results and trigger single or bulk validation or HLR lookup requests.

webhooks
object
required

List, create, and delete webhooks.

embeddable
object
required

Manage widget tokens, including listing, viewing, creating, updating, and deleting them.

billing
object
required

Access invoices, balance, payment methods, usage reports, and billing settings, including payment method updates.

account
object
required

View and update account profile information and timezone.

subaccounts
object
required

Manage subaccounts: list and view them, create, update, and suspend them.

created_at
string<date-time>
required

Creation date and time in ISO 8601 format.

Example:

"2024-01-15T10:30:00Z"