Update API Key
developer/v1/keys/:idUpdates the configuration of an existing API key without regenerating the key value. Supports partial updates — only include fields you want to change. Modify name, permission scopes, rate limit override, IP allowlist, and expiration date. Changes take effect immediately for all subsequent API calls. The key value and its hash remain unchanged.
What It Does
Accepts a partial update payload and dynamically applies only the provided fields. Validates the key exists, belongs to the authenticated organization, and is not revoked before applying changes. Supports updating: name, permissions array, rate_limit_override, ip_allowlist array, and expires_at. Omitted fields retain their current values. Changes are atomic — either all updates apply or none do.
Why It's Useful
Adjust key configuration as requirements evolve without disrupting applications that use the key. OWASP recommends regular permission reviews with scope reduction where possible. This endpoint enables tightening permissions without key rotation and adding IP restrictions as networks change — all without downtime or key redistribution.
Use Cases
Permission Tightening
After a quarterly access review, reduce an application key from broad permissions to only the specific scopes it actually uses (e.g., remove domain:write that was never exercised).
Enforce least-privilege access continuously without disrupting applications or rotating keys.
IP Allowlist Updates
Update IP allowlists when migrating application infrastructure to new IP ranges or adding new deployment regions.
Maintain network-level key restrictions aligned with current infrastructure topology.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Key ID (path parameter) and partial update payload in JSON request body. Supported fields: name, permissions, rate_limit_override, ip_allowlist, expires_atExample: {"name": "Production App v2", "permissions": ["dns:read", "domain:read"]} |
Response Fields
| Field | Type | Description |
|---|---|---|
key_id | string | Updated key identifier |
name | string | Updated key name |
permissions | array | Updated permission scopes |
rate_limit_override | number|null | Updated rate limit |
ip_allowlist | array | Updated IP restrictions |
expires_at | string|null | Updated expiration date |
updated_at | string | Update timestamp (ISO 8601) |
Code Examples
curl "https://api.edgedns.dev/v1/keys/:id" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain={"name": "Production App v2", "permissions": ["dns:read", "domain:read"]}"const response = await fetch(
'https://api.edgedns.dev/v1/keys/:id?domain=%7B%22name%22%3A%20%22Production%20App%20v2%22%2C%20%22permissions%22%3A%20%5B%22dns%3Aread%22%2C%20%22domain%3Aread%22%5D%7D',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/keys/:id',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': '{"name": "Production App v2", "permissions": ["dns:read", "domain:read"]}'
}
)
data = response.json()
print(data)Read the full Update API Key guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
External References
Learn more about the standards and protocols behind this endpoint.
Try This Endpoint
Test the Update API Key endpoint live in the playground.