DataFast logoDataFast
"Best analytics tool I've used in 14 years"

Create website key

POST https://datafa.st/api/v1/admin/websites/{websiteId}/apikeys

Create a new df_ website API key. The full key is returned once — store it securely. Maximum 10 keys per website.

Use website keys for single-site integrations that should not manage the broader account.

Request

Path parameters

websiteId
string
Website ObjectId. From List websites (_id field). Example: 665f0b3c4d2e1a0012345678.

Body parameters

name
string
Label for the API key in the dashboard. Example: "Production backend". Omit for null.

Example request body

{
  "name": "Production backend"
}
The response includes key once — store it as df_... for Website API calls.

Response

Returns a JSON object with status: "success" and endpoint-specific fields in data.

Response fields

data[]._id
string
Website API key ObjectId.
data[].name
string|null
Human-readable name for the resource or event. The exact meaning depends on the endpoint.
data[].displayKey
string
Masked key shown in the dashboard.
data[].websiteId
string
Website ObjectId used by account tokens to choose which website to query or manage.
data[].lastUsedAt
string|null
Last usage timestamp.
data[].createdAt
string
Creation timestamp.
data[].key
string
Only returned when creating or rolling a key. Full raw key shown once.

Authentication

Use a dft_ account token with api-keys:write.
A df_ website API key for the same website can also call this route when the path websiteId matches the key's website. Write access with a df_ key is capped at member level — owner-only actions such as team management require a dft_ token and owner role.

Errors

400 — Key limit reached (max 10 per website).

See API errors for the standard error envelope, auth failures, validation errors, permission errors, and rate limits.

✍️ Something missing? Suggest features.

🤖 AI agent or LLM? Read this page as markdown

Example request
curl -X POST "https://datafa.st/api/v1/admin/websites/{websiteId}/apikeys" \
  -H "Authorization: Bearer dft_xxx" \
  -H "Content-Type: application/json" \
  -d '{"name":"Production key"}'
Success response
{
  "status": "success",
  "data": [{
    "_id": "665f0b3c4d2e1a0012345678",
    "name": "Production key",
    "displayKey": "df_ab12...xyz9",
    "websiteId": "665f0b3c4d2e1a0012345678",
    "key": "df_full_key_shown_once"
  }]
}
PreviousAPI reference / List website keysNextAPI reference / Roll website key