Skip to main content
Every request to the Pioneer API requires an API key passed in the X-API-Key header. You can manage your keys programmatically using these endpoints — useful for rotating keys in CI/CD pipelines, issuing scoped keys for different services, or automating key lifecycle management.
Store API keys in environment variables rather than hardcoding them in source code. For example, set PIONEER_API_KEY in your environment and read it at runtime. Never commit API keys to version control.

Create an API key

POST /create-api-key Generates a new API key associated with your account. The full key value is returned only once at creation time — store it securely immediately. Request body
name
string
required
A descriptive name to identify this key. Use names that reflect the key’s purpose or the service it belongs to, for example "ci-pipeline" or "production-inference".
curl -X POST https://api.pioneer.ai/create-api-key \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "my-integration-key"}'
Response
key
string
The full API key value. This is the only time it is returned in plaintext — copy it immediately and store it somewhere secure such as a secrets manager or environment variable.
name
string
The name you assigned to the key.
created_at
string
ISO 8601 timestamp of when the key was created.
The full key value is only returned at creation time. If you lose it, you must revoke the key and create a new one.

List API keys

GET /list-api-keys Returns all API keys associated with your account. Key values are masked in the response — only metadata such as name and creation date are returned. 
curl https://api.pioneer.ai/list-api-keys \
  -H "X-API-Key: YOUR_API_KEY"
Response
keys
object[]
Array of API key metadata objects.

Revoke an API key

DELETE /delete-api-key Permanently revokes an API key. Any requests using the revoked key will immediately receive 401 Unauthorized responses. Request body
key_id
string
required
The unique ID of the key to revoke, as returned by GET /list-api-keys.
curl -X DELETE https://api.pioneer.ai/delete-api-key \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"key_id": "YOUR_KEY_ID"}'
Revoking a key is immediate and irreversible. Ensure any services using the key are updated to use a replacement key before revoking the old one to avoid service interruptions.
Returns 204 No Content on success.