Update API key
Update the name and description of an API key.
Updates are partial: only the fields you send are changed, and any fields not present in the payload remain unchanged.
Authorizations
An API key is a token that you provide when making API calls. Read more about how to secure your project.
Include the API key to the Authorization header, for instance:
-H 'Authorization: Bearer 6436fc5237b0d6e0d64253fbaac21d135012ecf1'
If you use a SDK, ensure you instantiate the client with the API key, for instance with JS SDK:
const client = new MeiliSearch({
host: 'MEILISEARCH_URL',
apiKey: '6436fc5237b0d6e0d64253fbaac21d135012ecf1'
});
Path Parameters
The uid or key field of an existing API key.
Body
Request body for updating an existing API key. Only the name and description can be modified - other properties like actions, indexes, and expiration are immutable after creation.
A new description for the API key. Pass null to remove the existing
description. Useful for documenting the purpose or usage of the key.
"This key is used to update documents in the products index"
A new human-readable name for the API key. Pass null to remove the
existing name. Use this to identify keys by purpose, such as
"Production Search Key" or "CI/CD Indexing Key".
"Indexing Products API key"
Response
The key has been updated.
Represents an API key used for authenticating requests to Meilisearch. Each key has specific permissions defined by its actions and can be scoped to particular indexes. Keys provide fine-grained access control for your Meilisearch instance.
The actual API key string to use in the Authorization: Bearer <key>
header when making requests to Meilisearch. Keep this value secret and
never expose it in client-side code.
The unique identifier (UUID) for this API key. Use this to update or delete the key. The UID remains constant even if the key's name or description changes.
The list of actions (permissions) this key is allowed to perform.
Examples include documents.add, search, indexes.create,
settings.update, etc. Use * to grant all permissions.
*, search, documents.*, documents.add, documents.get, documents.delete, indexes.*, indexes.create, indexes.get, indexes.update, indexes.delete, indexes.swap, tasks.*, tasks.cancel, tasks.delete, tasks.get, settings.*, settings.get, settings.update, stats.*, stats.get, metrics.*, metrics.get, dumps.*, dumps.create, snapshots.*, snapshots.create, version, keys.create, keys.get, keys.update, keys.delete, experimental.get, experimental.update, export, network.get, network.update, chatCompletions, chats.*, chats.get, chats.delete, chatsSettings.*, chatsSettings.get, chatsSettings.update, *.get, webhooks.get, webhooks.update, webhooks.delete, webhooks.create, webhooks.*, indexes.compact, fields.post The list of index UIDs this key can access. Use * to grant access to
all indexes, including future ones. Patterns are also supported, e.g.,
movies_* matches any index starting with "movies_".
The date and time when this API key was created, formatted as an RFC 3339 date-time string. This is automatically set by Meilisearch and cannot be modified.
The date and time when this API key was last modified, formatted as an RFC 3339 date-time string. This is automatically updated by Meilisearch when the key's name or description changes.
A human-readable name for the API key. Use this to identify the purpose
of each key, such as "Frontend Search Key" or "Admin Key for CI/CD".
This is optional and can be null.
A longer description explaining the purpose or usage of this API key.
Useful for documenting why the key was created and how it should be
used. This is optional and can be null.
The expiration date and time of the key in RFC 3339 format. After this
time, the key will no longer be valid for authentication. Set to null
for keys that never expire.