Website keys

Try on Playground

Website API keys start with df_ and are scoped to one website. Use them for analytics reads, visitor lookup, server-side goals, payments, identify, and selected website-scoped admin actions.

These are the keys you usually give to backend integrations that only need one site. They are also useful when an AI agent should inspect one website without being able to manage the entire account.

Base path: https://datafa.st/api/v1/admin

Endpoint	Method	Path	Permission	Purpose
List website keys	GET	`/websites/{websiteId}/apikeys`	`api-keys:read`	List website API keys
Create website key	POST	`/websites/{websiteId}/apikeys`	`api-keys:write`	Create a `df_` key. The raw key is returned once
Roll website key	PUT	`/websites/{websiteId}/apikeys/{apiKeyId}`	`api-keys:write`	Roll an API key and return the new raw key once
Delete website key	DELETE	`/websites/{websiteId}/apikeys/{apiKeyId}`	`api-keys:write`	Revoke an API key

Create a website key

curl -X POST "https://datafa.st/api/v1/admin/websites/YOUR_WEBSITE_ID/apikeys" \
  -H "Authorization: Bearer dft_xxx" \
  -H "Content-Type: application/json" \
  -d '{"name":"Production key"}'

The raw key is returned only once in data[0].key. Store it immediately.

✍️ Something missing? Suggest features.

🤖 AI agent or LLM? Read this page as markdown

{ "status": "success", "data": [ { "id": "665f0b3c4d2e1a0012345678", "name": "Production key", "displayKey": "df_ab12...xyz9", "key": "df_full_key_shown_once" } ] }