LVNGDocs
API ReferenceSDKslvng.ai

API Keys

Per-user API keys enable programmatic access to the LVNG platform. Keys are scoped to your workspace and support fine-grained permission scopes. Use them with Claude Code, the TypeScript SDK, or any HTTP client.

Base path: /api/v2/api-keys

Key Format

Keys follow a Stripe-style format. The prefix indicates the environment and the first 8 hex characters identify the key for management purposes. The full key is shown only once at creation time.

Key Format
lvng_sk_live_7e8949d627f560d298f310ceeadb492c
│       │    │
│       │    └── 32 random hex characters
│       └── Environment (live / test)
└── Prefix (identifies as LVNG per-user key)

Permission Scopes

Each key is assigned one or more scopes that control what operations it can perform. JWT-authenticated users have full access regardless of scopes.

ScopeAllowsExample
readGET requestsList workflows, get agent details
writePOST, PUT, PATCH, DELETECreate agents, update workflows
executeExecution endpointsRun workflows, message agents
adminAll operationsManage workspace settings, members
knowledge:readKnowledge graph readsSearch knowledge, list entities
knowledge:writeKnowledge graph writesIngest documents, upload files

Endpoints

All endpoints require JWT authentication. API keys cannot manage other API keys.

POST/api/v2/api-keysAuthenticated

Generate a new API key. The raw key value is returned only in this response — store it securely.

Body Parameters

namestringrequired

Display name for the key (e.g. "claude-code", "ci-pipeline").

scopesstring[]

Permission scopes. Defaults to ["read", "write", "execute"].

expires_in_daysnumber

Optional expiration in days. Null means no expiration.

Request

cURL
400">curl -X 400">POST https:400">class="text-zinc-500">//api.lvng.ai/api/v2/api-keys \
  -H 400">class="text-emerald-400">"Authorization: Bearer YOUR_JWT_TOKEN" \
  -H 400">class="text-emerald-400">"Content-Type: application/json" \
  -d '{
    400">class="text-emerald-400">"name": 400">class="text-emerald-400">"claude-code",
    400">class="text-emerald-400">"scopes": [400">class="text-emerald-400">"read", 400">class="text-emerald-400">"write", 400">class="text-emerald-400">"execute"]
  }'

Response 200

{
  400">class="text-emerald-400">"success": true,
  400">class="text-emerald-400">"data": {
    400">class="text-emerald-400">"id": 400">class="text-emerald-400">"4a1c5a97-99ae-4a57-9e44-f03e540d25ab",
    400">class="text-emerald-400">"name": 400">class="text-emerald-400">"claude-code",
    400">class="text-emerald-400">"key_prefix": 400">class="text-emerald-400">"lvng_sk_live_7e8949d6",
    400">class="text-emerald-400">"scopes": [400">class="text-emerald-400">"read", 400">class="text-emerald-400">"write", 400">class="text-emerald-400">"execute"],
    400">class="text-emerald-400">"plan": 400">class="text-emerald-400">"free",
    400">class="text-emerald-400">"created_at": 400">class="text-emerald-400">"2026-03-30T15:49:01.068Z",
    400">class="text-emerald-400">"key": 400">class="text-emerald-400">"lvng_sk_live_7e8949d627f560d298f310ceeadb492c"
  },
  400">class="text-emerald-400">"message": 400">class="text-emerald-400">"Store this key securely. It will not be shown again."
}
GET/api/v2/api-keysAuthenticated

List all API keys for the authenticated user. Returns metadata only — never the raw key.

Request

cURL
400">curl https:400">class="text-zinc-500">//api.lvng.ai/api/v2/api-keys \
  -H 400">class="text-emerald-400">"Authorization: Bearer YOUR_JWT_TOKEN"

Response 200

{
  400">class="text-emerald-400">"success": true,
  400">class="text-emerald-400">"data": [
    {
      400">class="text-emerald-400">"id": 400">class="text-emerald-400">"4a1c5a97-...",
      400">class="text-emerald-400">"name": 400">class="text-emerald-400">"claude-code",
      400">class="text-emerald-400">"key_prefix": 400">class="text-emerald-400">"lvng_sk_live_7e8949d6",
      400">class="text-emerald-400">"scopes": [400">class="text-emerald-400">"read", 400">class="text-emerald-400">"write", 400">class="text-emerald-400">"execute"],
      400">class="text-emerald-400">"plan": 400">class="text-emerald-400">"free",
      400">class="text-emerald-400">"created_at": 400">class="text-emerald-400">"2026-03-30T15:49:01.068Z",
      400">class="text-emerald-400">"last_used_at": 400">class="text-emerald-400">"2026-03-30T16:12:33.000Z",
      400">class="text-emerald-400">"is_revoked": false
    }
  ],
  400">class="text-emerald-400">"total": 1
}
GET/api/v2/api-keys/:idAuthenticated

Get details of a single API key.

DELETE/api/v2/api-keys/:idAuthenticated

Revoke an API key. Takes effect immediately — all requests using this key will return 401.

Request

cURL
400">curl -X 400">DELETE https:400">class="text-zinc-500">//api.lvng.ai/api/v2/api-keys/4a1c5a97-... \
  -H 400">class="text-emerald-400">"Authorization: Bearer YOUR_JWT_TOKEN"

Response 200

{
  400">class="text-emerald-400">"success": true,
  400">class="text-emerald-400">"message": 400">class="text-emerald-400">"API key revoked"
}
POST/api/v2/api-keys/:id/rotateAuthenticated

Rotate a key — revokes the current key and generates a new one with the same name and scopes. Returns the new raw key.

Request

cURL
400">curl -X 400">POST https:400">class="text-zinc-500">//api.lvng.ai/api/v2/api-keys/4a1c5a97-.../rotate \
  -H 400">class="text-emerald-400">"Authorization: Bearer YOUR_JWT_TOKEN"

Response 200

{
  400">class="text-emerald-400">"success": true,
  400">class="text-emerald-400">"data": {
    400">class="text-emerald-400">"id": 400">class="text-emerald-400">"400">new-key-uuid",
    400">class="text-emerald-400">"name": 400">class="text-emerald-400">"claude-code",
    400">class="text-emerald-400">"key_prefix": 400">class="text-emerald-400">"lvng_sk_live_a3b2c1d0",
    400">class="text-emerald-400">"key": 400">class="text-emerald-400">"lvng_sk_live_a3b2c1d0..."
  },
  400">class="text-emerald-400">"message": 400">class="text-emerald-400">"Store this key securely. It will not be shown again."
}

Using API Keys

Pass your API key via the Authorization: Bearer header. The x-api-key header is also supported as an alternative.

Authentication
# Via Authorization header (recommended)
400">curl https:400">class="text-zinc-500">//api.lvng.ai/api/v2/workflows \
  -H 400">class="text-emerald-400">"Authorization: Bearer lvng_sk_live_7e8949d627f560d298f310ceeadb492c"

# Via x-api-key header (also supported)
400">curl https:400">class="text-zinc-500">//api.lvng.ai/api/v2/workflows \
  -H 400">class="text-emerald-400">"x-api-key: lvng_sk_live_7e8949d627f560d298f310ceeadb492c"

Claude Code Integration

Connect Claude Code to your LVNG workspace using the MCP server. This gives Claude direct access to your workflows, agents, and knowledge graph.

Install
# 1. Install the MCP server
npm install -g https:400">class="text-zinc-500">//api.lvng.ai/packages/lvng-mcp-server-1.0.0.tgz
Claude Code Setup
400">class="text-zinc-500">// 2. Add to ~/.claude/settings.json
{
  400">class="text-emerald-400">"mcpServers": {
    400">class="text-emerald-400">"lvng": {
      400">class="text-emerald-400">"command": 400">class="text-emerald-400">"lvng-mcp-server",
      400">class="text-emerald-400">"env": {
        400">class="text-emerald-400">"LVNG_API_KEY": 400">class="text-emerald-400">"lvng_sk_live_..."
      }
    }
  }
}

Once configured, you can ask Claude to list workflows, create agents, search knowledge, and more — all scoped to your workspace.

Limits

LimitValue
Max active keys per user10
Key name max length100 characters
Key formatlvng_sk_{env}_{32 hex}
StorageSHA-256 hash (never plaintext)
Audit loggingAll operations logged