Ping

API Key Management

Create and manage API keys for programmatic access to the Ping API.

Key Format

API keys follow this format:

pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • Prefix: pk_live_ (8 characters)
  • Random: 32 cryptographically secure characters
  • Total: 40 characters

Create an API Key

Terminal
curl -X POST 'https://ping-api-production.up.railway.app/v1/keys' \
  -H 'Authorization: Bearer YOUR_SESSION_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{"name": "CI/CD Pipeline"}'

Response:

JSON
{
  "id": "key_xxxxxxxxxxxx",
  "name": "CI/CD Pipeline",
  "key": "pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "created_at": "2026-01-16T12:00:00Z"
}

Important: The full API key is only shown once at creation. Store it securely - you cannot retrieve it again.

List API Keys

Terminal
curl 'https://ping-api-production.up.railway.app/v1/keys' \
  -H 'Authorization: Bearer YOUR_SESSION_TOKEN'

Response:

JSON
{
  "keys": [
    {
      "id": "key_xxxxxxxxxxxx",
      "name": "CI/CD Pipeline",
      "prefix": "pk_live_xxxx",
      "created_at": "2026-01-16T12:00:00Z",
      "last_used_at": "2026-01-16T14:30:00Z"
    }
  ]
}

Note: Only the key prefix is shown - the full key is never returned after creation.

Revoke an API Key

Terminal
curl -X DELETE 'https://ping-api-production.up.railway.app/v1/keys/key_xxxxxxxxxxxx' \
  -H 'Authorization: Bearer YOUR_SESSION_TOKEN'

Response:

JSON
{
  "ok": true,
  "message": "API key revoked"
}

Limits and Security

LimitValue
Max active keys per user10
Key storageSHA-256 hashed
Usage trackinglast_used_at updated on use

Best Practices

  • Give keys descriptive names (e.g., "GitHub Actions", "n8n Workflows")
  • Revoke keys you no longer use
  • Create separate keys for different services
  • Never commit keys to version control
  • Rotate keys periodically for security
  • Use environment variables to store keys in production

Using an API Key

API keys work with all authenticated endpoints:

Terminal
# List channels
curl 'https://ping-api-production.up.railway.app/v1/channels' \
  -H 'Authorization: Bearer pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

# Get webhook secret
curl 'https://ping-api-production.up.railway.app/v1/channels/ch_xxx/secret' \
  -H 'Authorization: Bearer pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

# Update channel
curl -X PATCH 'https://ping-api-production.up.railway.app/v1/channels/ch_xxx' \
  -H 'Authorization: Bearer pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
  -H 'Content-Type: application/json' \
  -d '{"name": "New Name"}'

Previous

Authentication

Next

Endpoints