> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mesa.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# apiKeys.create()

> Create a scoped Mesa API key.

Create an API key. The secret key value is returned only once; store it immediately.

**Required scope: `admin`**

```ts theme={null}
const key = await mesa.apiKeys.create({
  name: 'agent-runner',
  scopes: ['read', 'write'],
  repo_ids: ['repo_123'],
  expires_in_seconds: 3600,
});

console.log(key.key);
```

## Options

<ParamField path="org" type="string | undefined">
  Organization override.
</ParamField>

<ParamField path="name" type="string | undefined">
  Human-readable key name.
</ParamField>

<ParamField path="scopes" type="Array<'read' | 'write' | 'admin'> | undefined">
  Scopes granted to the key.
</ParamField>

<ParamField path="repo_ids" type="string[] | undefined">
  Restrict the key to specific repository IDs. Omit for organization-wide access.
</ParamField>

<ParamField path="expires_in_seconds" type="number | undefined">
  Expiration between `100` seconds and `31536000` seconds.
</ParamField>

<ParamField path="tags" type="Record<string, string> | undefined">
  String key-value metadata.
</ParamField>

## Response

<ResponseField name="id" type="string">
  API key ID.
</ResponseField>

<ResponseField name="key" type="string">
  Plaintext API key. Store it immediately; it is shown only once.
</ResponseField>

<ResponseField name="name" type="string | null">
  API key name, or null when unnamed.
</ResponseField>

<ResponseField name="scopes" type="string[]">
  Scopes granted to this key.
</ResponseField>

<ResponseField name="repo_ids" type="string[] | null">
  Repository allowlist, or null when the key is not repo-scoped.
</ResponseField>

<ResponseField name="tags" type="Record<string, string>">
  User-defined API key tags.
</ResponseField>

<ResponseField name="created_at" type="string">
  Creation time.
</ResponseField>