Dashboard API
API Key Management
Create, list, rotate, and delete API keys for your PacSpace environments.
API keys are how your applications authenticate with PacSpace's verification API. Manage them through the dashboard endpoints below.
All routes require a valid JWT in the Authorization header:
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Base URL: https://balance-api.pacspace.io
Create an API Key
Generate a new API key for a specific environment.
curl -X POST https://balance-api.pacspace.io/dashboard/api-keys \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Production Backend",
"environment": "live"
}'
Response 201 Created
{
"statusCode": 201,
"data": {
"id": "key_abc123",
"name": "Production Backend",
"environment": "live",
"publicKey": "pk_live_abc123def456",
"secretKey": "sk_live_789ghi012jkl",
"fullKey": "pk_live_abc123def456.sk_live_789ghi012jkl",
"createdAt": "2025-06-01T12:00:00.000Z",
"active": true
}
}
Important: The
fullKeyandsecretKeyare only returned once at creation time. Store them securely — you will not be able to retrieve them again.
List API Keys
Retrieve all API keys for your tenant with pagination.
curl "https://balance-api.pacspace.io/dashboard/api-keys?page=1&limit=20" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Response 200 OK
{
"statusCode": 200,
"data": {
"items": [
{
"id": "key_abc123",
"name": "Production Backend",
"environment": "live",
"publicKey": "pk_live_abc123def456",
"active": true,
"createdAt": "2025-06-01T12:00:00.000Z",
"lastUsedAt": "2025-06-10T08:30:00.000Z"
}
],
"total": 1,
"page": 1,
"limit": 20
}
}
The
secretKeyis never returned in list responses.
Get a Single API Key
Retrieve details for a specific API key.
curl https://balance-api.pacspace.io/dashboard/api-keys/key_abc123 \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Response 200 OK
{
"statusCode": 200,
"data": {
"id": "key_abc123",
"name": "Production Backend",
"environment": "live",
"publicKey": "pk_live_abc123def456",
"active": true,
"createdAt": "2025-06-01T12:00:00.000Z",
"lastUsedAt": "2025-06-10T08:30:00.000Z"
}
}
Regenerate an API Key
Rotate the secret for an existing key. The old secret is immediately invalidated.
curl -X POST https://balance-api.pacspace.io/dashboard/api-keys/key_abc123/regenerate \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Response 200 OK
{
"statusCode": 200,
"data": {
"id": "key_abc123",
"publicKey": "pk_live_abc123def456",
"secretKey": "sk_live_new_secret_value",
"fullKey": "pk_live_abc123def456.sk_live_new_secret_value"
}
}
Important: The new
fullKeyandsecretKeyare shown only once. Update your application configuration immediately.
Toggle an API Key
Enable or disable an API key without deleting it.
curl -X POST https://balance-api.pacspace.io/dashboard/api-keys/key_abc123/toggle \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Response 200 OK
{
"statusCode": 200,
"data": {
"id": "key_abc123",
"active": false,
"message": "API key has been disabled."
}
}
Calling toggle again re-enables the key.
Delete an API Key
Permanently remove an API key. This action cannot be undone.
curl -X DELETE https://balance-api.pacspace.io/dashboard/api-keys/key_abc123 \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Response 200 OK
{
"statusCode": 200,
"message": "API key deleted successfully."
}
API Key Format
PacSpace API keys follow this format:
pk_{environment}_{publicId}.{secretKey}
| Part | Example | Description |
|---|---|---|
pk_ | pk_live_abc123 | Public key prefix with environment |
. | — | Separator |
| Secret | sk_live_789ghi | Secret portion (never logged or returned after creation) |
Use the full key in the X-Api-Key header when calling the verification API:
-H "X-Api-Key: pk_live_abc123def456.sk_live_789ghi012jkl"
Endpoints Summary
| Endpoint | Method | Description |
|---|---|---|
/dashboard/api-keys | POST | Create a new API key |
/dashboard/api-keys | GET | List all API keys |
/dashboard/api-keys/:id | GET | Get a single API key |
/dashboard/api-keys/:id/regenerate | POST | Rotate the secret |
/dashboard/api-keys/:id/toggle | POST | Enable or disable |
/dashboard/api-keys/:id | DELETE | Permanently delete |
Last updated February 11, 2026