# API Keys

The API Keys surface manages self-service bearer credentials for the authenticated user.

All routes require a valid Abbotik bearer token. Sudo is not required.

## Endpoint Summary

| Method | Path | Description |
|--------|------|-------------|
| GET | [`/api/keys`](GET.md) | List the current user's own global API keys. |
| POST | [`/api/keys`](POST.md) | Create a new global API key for the current user. |
| DELETE | [`/api/keys/:key_id`](:key_id/DELETE.md) | Revoke one API key owned by the current user. |
| POST | [`/api/keys/revoke-all`](revoke-all/POST.md) | Revoke all of the current user's API keys. |

## LLM Navigation Notes

Use the exact router-shaped docs paths:

- `/docs/api/keys/GET`
- `/docs/api/keys/POST`
- `/docs/api/keys/key_id/DELETE`
- `/docs/api/keys/revoke-all/POST`