Skip to main content

Publishable Keys API

Publishable keys are client-safe keys used by SDK/browser ingestion flows.

Endpoints

  • GET /api/publishable-keys
  • POST /api/publishable-keys
  • PATCH /api/publishable-keys/:keyId
  • DELETE /api/publishable-keys/:keyId

Feature and permissions

  • Feature gate: pixelSdk
  • workspace:read: list
  • workspace:update: create/update/delete

List filtering

GET /api/publishable-keys?campaignId=<id> When campaignId is supplied, response includes:
  • campaign-scoped keys targeting that campaign
  • workspace-wide keys (no campaign restrictions)

Create payload

{
  "name": "Web SDK key",
  "campaignIds": ["campaign_123"],
  "allowedOrigins": ["https://app.example.com"]
}
Create response returns full key once:
  • key (full secret, one-time)
  • keyPrefix

Update payload

Supports partial updates for:
  • name
  • enabled
  • campaignIds
  • allowedOrigins

Delete behavior

Deletes key and invalidates key cache.

Common errors

  • 404: key not found in workspace scope
  • 403: permission or feature not available