> ## Documentation Index
> Fetch the complete documentation index at: https://docs-alpha.pepay.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Commerce API keys

> Create, list, and revoke commerce API keys.

## Overview

Commerce API keys (`ck_...`) authorize commerce operations (search, merchant carts, checkout, orders, payments).

## Authentication

* Key management uses `Authorization: Bearer <jwt>`.
* Commerce operations use `x-commerce-api-key`.

## Request

### List commerce API keys

```ts theme={null}
const keys = await pepay.withAuth({ bearerToken: process.env.PEPAY_DASHBOARD_JWT! }).commerce.apiKeys.list();
```

### Create a commerce API key

```ts theme={null}
const created = await pepay.withAuth({ bearerToken: process.env.PEPAY_DASHBOARD_JWT! }).commerce.apiKeys.create({
  name: 'Commerce Server Key',
  expiresAt: null
});
```

### Revoke a commerce API key

```ts theme={null}
await pepay.withAuth({ bearerToken: process.env.PEPAY_DASHBOARD_JWT! }).commerce.apiKeys.revoke(
  '550e8400-e29b-41d4-a716-446655440000'
);
```

## Response

Example list response (truncated):

```json theme={null}
[
  {
    "key_id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "Commerce Server Key",
    "scope": "commerce",
    "status": "active",
    "expires_at": null,
    "last_used_at": 1766318400,
    "created_at": 1764590400,
    "revoked_at": null,
    "revoked_reason": null
  }
]
```

Example create response (save `api_key` now; it is only returned once):

```json theme={null}
{
  "key_id": "550e8400-e29b-41d4-a716-446655440000",
  "name": "Commerce Server Key",
  "scope": "commerce",
  "api_key": "ck_0123456789abcdef...",
  "expires_at": null
}
```

Example revoke response:

```json theme={null}
{ "message": "API key revoked successfully" }
```

## Errors

* `401` missing/invalid auth
* `403` key suspended/expired

## Examples

* Save newly created keys securely; full key material is typically returned once.
  Next: [Payment sessions](/sdk/payors/payment-session)
