> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://platform.bctrl.ai/llms.txt.
> For full documentation content, see https://platform.bctrl.ai/llms-full.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://platform.bctrl.ai/_mcp/server.

# List Organization API Keys

GET https://api.bctrl.ai/v1/api-keys

List active API keys. Use subaccountId to filter tenant keys.

Reference: https://platform.bctrl.ai/api/api-reference/account/organization-api-keys

## OpenAPI Specification

```yaml
openapi: 3.1.0
info:
  title: bctrl API
  version: 1.0.0
paths:
  /v1/api-keys:
    get:
      operationId: api-keys-list
      summary: List API keys
      description: List active API keys. Use subaccountId to filter tenant keys.
      tags:
        - subpackage_account
      parameters:
        - name: cursor
          in: query
          required: false
          schema:
            type: string
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            default: 50
        - name: subaccountId
          in: query
          required: false
          schema:
            type: string
        - name: keyKind
          in: query
          required: false
          schema:
            $ref: '#/components/schemas/V1ApiKeysGetParametersKeyKind'
        - name: Authorization
          in: header
          description: Use Bearer <api-key>.
          required: true
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiKeyListResponse'
        '401':
          description: 'Authentication required: the API key is missing or invalid.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '403':
          description: 'Forbidden: the API key cannot access this resource.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
servers:
  - url: https://api.bctrl.ai
    description: Production
  - url: http://localhost:8787
    description: Local development gateway
components:
  schemas:
    V1ApiKeysGetParametersKeyKind:
      type: string
      enum:
        - organization
        - subaccount
      title: V1ApiKeysGetParametersKeyKind
    ApiKeyKeyKind:
      type: string
      enum:
        - organization
        - subaccount
      title: ApiKeyKeyKind
    ApiKey:
      type: object
      properties:
        createdAt:
          type: string
        expiresAt:
          type:
            - string
            - 'null'
        id:
          type: string
        keyKind:
          $ref: '#/components/schemas/ApiKeyKeyKind'
        keyPrefix:
          type: string
        lastUsedAt:
          type:
            - string
            - 'null'
        name:
          type:
            - string
            - 'null'
        scopes:
          type: array
          items:
            type: string
            enum:
              - '*'
        subaccountId:
          type:
            - string
            - 'null'
        updatedAt:
          type: string
        usageCount:
          type: integer
      required:
        - createdAt
        - expiresAt
        - id
        - keyKind
        - keyPrefix
        - lastUsedAt
        - name
        - scopes
        - subaccountId
        - updatedAt
        - usageCount
      title: ApiKey
    ApiKeyListResponse:
      type: object
      properties:
        data:
          type: array
          items:
            $ref: '#/components/schemas/ApiKey'
        nextCursor:
          type:
            - string
            - 'null'
      required:
        - data
        - nextCursor
      title: ApiKeyListResponse
    ErrorResponseReasonClass:
      type: string
      enum:
        - invalid_input
        - unauthorized
        - capability_denied
        - capability_limit_exceeded
        - rate_limited
        - not_found
        - conflict
        - upstream
        - server
      description: Stable public error category for programmatic branching.
      title: ErrorResponseReasonClass
    ErrorResponse:
      type: object
      properties:
        code:
          type: string
          description: >-
            Stable, dot-namespaced error code, e.g. "runtime.not_found" or
            "request.invalid".
        details:
          type: object
          additionalProperties:
            description: Any type
          description: >-
            Resource-specific structured context. Use `code` and `reasonClass`
            for branching.
        error:
          type: string
        hint:
          type: string
          description: Optional next action for recoverable errors, e.g. "retry after 2s".
        reasonClass:
          $ref: '#/components/schemas/ErrorResponseReasonClass'
          description: Stable public error category for programmatic branching.
        requestId:
          type: string
      required:
        - code
        - error
      title: ErrorResponse
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: Use Bearer <api-key>.

```

## Examples



**Request**

```json
{}
```

**Response**

```json
{
  "data": [
    {
      "createdAt": "2024-05-20T10:15:30Z",
      "expiresAt": "2025-05-20T10:15:30Z",
      "id": "api_1234567890abcdef",
      "keyKind": "organization",
      "keyPrefix": "org_abc123",
      "lastUsedAt": "2024-06-01T08:45:00Z",
      "name": "Primary Organization Key",
      "scopes": [
        "*"
      ],
      "subaccountId": null,
      "updatedAt": "2024-05-25T12:00:00Z",
      "usageCount": 1523
    }
  ],
  "nextCursor": null
}
```

**SDK Code**

```python
import requests

url = "https://api.bctrl.ai/v1/api-keys"

payload = {}
headers = {
    "Authorization": "Bearer <token>",
    "Content-Type": "application/json"
}

response = requests.get(url, json=payload, headers=headers)

print(response.json())
```

```javascript
const url = 'https://api.bctrl.ai/v1/api-keys';
const options = {
  method: 'GET',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: '{}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}
```

```go
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.bctrl.ai/v1/api-keys"

	payload := strings.NewReader("{}")

	req, _ := http.NewRequest("GET", url, payload)

	req.Header.Add("Authorization", "Bearer <token>")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
```

```ruby
require 'uri'
require 'net/http'

url = URI("https://api.bctrl.ai/v1/api-keys")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{}"

response = http.request(request)
puts response.read_body
```

```java
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;

HttpResponse<String> response = Unirest.get("https://api.bctrl.ai/v1/api-keys")
  .header("Authorization", "Bearer <token>")
  .header("Content-Type", "application/json")
  .body("{}")
  .asString();
```

```php
<?php
require_once('vendor/autoload.php');

$client = new \GuzzleHttp\Client();

$response = $client->request('GET', 'https://api.bctrl.ai/v1/api-keys', [
  'body' => '{}',
  'headers' => [
    'Authorization' => 'Bearer <token>',
    'Content-Type' => 'application/json',
  ],
]);

echo $response->getBody();
```

```csharp
using RestSharp;

var client = new RestClient("https://api.bctrl.ai/v1/api-keys");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "Bearer <token>");
request.AddHeader("Content-Type", "application/json");
request.AddParameter("application/json", "{}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
```

```swift
import Foundation

let headers = [
  "Authorization": "Bearer <token>",
  "Content-Type": "application/json"
]
let parameters = [] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://api.bctrl.ai/v1/api-keys")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error as Any)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
```