Skip to Content
SDKKeys

Keys

TL;DR

client.keys issues and revokes fleet access keys on the relay plane. issue mints a key and returns its raw token once — store it then; revoke invalidates one. Keys are fleet-scoped — pass fleet_id or rely on CMDOP_FLEET_ID.

keys uses your relay token (CMDOP_TOKEN). All methods are async.

Methods

MethodWhat
list(fleet_id=, page=, per_page=)List keys (offset-paginated; also iter / pages).
issue(name, expires_in_days=, fleet_id=)Mint a key; the raw token is returned only once.
revoke(key_id, fleet_id=)Revoke a key.

Issue and revoke

async with Client(token="...") as c: issued = await c.keys.issue("ci-runner", expires_in_days=90) print(issued.raw_token) # shown only this once — store it now page = await c.keys.list() for k in page.items: print(k.id, k.name) await c.keys.revoke(key_id)
const issued = await c.keys.issue("ci-runner", { expiresInDays: 90 }); console.log(issued.rawToken); // shown only this once — store it now await c.keys.revoke(keyId);

issue returns the raw token a single time. If you lose it, revoke the key and issue a new one.