- Print
- DarkLight
b2_create_key
- Print
- DarkLight
Creates a new application key
There is a limit of 100 million key creations per account.
PLEASE NOTE:
This API endpoint can be called using a GET
request by converting the parameters in the request body to query parameters.
An account authorization token, obtained from b2_authorize_account.
The token must have the writeKeys
capability.
Your account ID.
A list of strings, each one naming a capability the new key should have.
The name for this key. There is no requirement for the key name to be unique. Key names are limited to 100 characters and can contain letters, numbers, and "-", but not I18N characters, such as é, à , and ü.
Please note: The key name cannot be used to look up the key.
When provided, the key will expire after the given number of seconds, and will have expirationTimestamp
set. Value must be a positive integer, and must be less than 1000 days (in seconds).
When provided, the new key can only access the specified bucket. Only the following capabilities can be specified: listAllBucketNames
, listBuckets
, readBuckets
, readBucketEncryption
, writeBucketNotifications
, readBucketNotifications
, writeBucketEncryption
, readBucketRetentions
, writeBucketRetentions
, listFiles
, readFiles
, shareFiles
, writeFiles
, deleteFiles
, readFileLegalHolds
, writeFileLegalHolds
, readFileRetentions
, writeFileRetentions
, and bypassGovernance
.
For all buckets, this field can either be left empty or set to null
.
When provided, this parameter limits access to files with names starting with the specified prefix. By default, the restriction is applied to all buckets unless a bucketId
is included in the request.
Successful operation
The name assigned when the key was created.
The ID of the newly created key
The secret part of the key. This is the only time it will be returned, so you need to keep it. This is not returned when you list the keys in your account.
list of strings, each one naming a capability the key has. This list could include: listKeys
, writeKeys
, deleteKeys
, listAllBucketNames
, listBuckets
, readBuckets
, writeBuckets
, deleteBuckets
, readBucketRetentions
, writeBucketNotifications
, writeBucketRetentions
, readBucketEncryption
, writeBucketEncryption
, listFiles
, readFiles,
shareFiles
, writeFiles
, deleteFiles
, readFileLegalHolds
, writeFileLegalHolds
, readFileRetentions
, writeFileRetentions
, bypassGovernance
, readBucketNotifications
, readBucketReplications
, and writeBucketReplications
.
The account that this application key is for.
When present, says when this key will expire, in milliseconds since 1970.
When present, restricts access to one bucket.
When present, restricts access to files whose names start with the prefix
When present, contains a set of strings. Reserved for future use.
status | code | description |
---|---|---|
400 | bad_bucket_id | The requested bucket ID does not match an existing bucket. |
400 | bad_request | The request had the wrong fields or illegal values. The message returned with the error will describe the problem. |
The numeric HTTP status code. Always matches the status in the HTTP response.
A single-identifier code that identifies the error.
A human-readable message, in English, saying what went wrong.
status | code | description |
---|---|---|
401 | bad_auth_token | The auth token used is not valid. Call b2_authorize_account again to either get a new one, or an error message describing the problem. |
401 | expired_auth_token | The auth token used has expired. Call b2_authorize_account again to get a new one. |
401 | unauthorized | The auth token used is valid, but does not authorize this call with these parameters. The capabilities of an auth token are determined by the application key used with b2_authorize_account. |
The numeric HTTP status code. Always matches the status in the HTTP response.
A single-identifier code that identifies the error.
A human-readable message, in English, saying what went wrong.
status | code | description |
---|---|---|
403 | transaction_cap_exceeded | Transaction cap exceeded. To increase your cap, sign in to your B2 Cloud Storage account online. Then select the Caps & Alerts link in the B2 Cloud Storage section of the sidebar. |
The numeric HTTP status code. Always matches the status in the HTTP response.
A single-identifier code that identifies the error.
A human-readable message, in English, saying what went wrong.