Skip to main content
POST
/
v1
/
organizations
/
{organizationId}
/
keys
Create key
curl --request POST \
  --url https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "expireAt": "2023-11-07T05:31:56Z",
  "hashData": {
    "keyIdHash": "<string>",
    "keyIdSuffix": "<string>",
    "keySecretHash": "<string>"
  },
  "roles": [],
  "ipAccessList": [
    {
      "source": "<string>",
      "description": "<string>"
    }
  ]
}
'
import requests

url = "https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys"

payload = {
"name": "<string>",
"expireAt": "2023-11-07T05:31:56Z",
"hashData": {
"keyIdHash": "<string>",
"keyIdSuffix": "<string>",
"keySecretHash": "<string>"
},
"roles": [],
"ipAccessList": [
{
"source": "<string>",
"description": "<string>"
}
]
}
headers = {
"Authorization": "Basic <encoded-value>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Basic <encoded-value>', 'Content-Type': 'application/json'},
body: JSON.stringify({
name: '<string>',
expireAt: '2023-11-07T05:31:56Z',
hashData: {keyIdHash: '<string>', keyIdSuffix: '<string>', keySecretHash: '<string>'},
roles: [],
ipAccessList: [{source: '<string>', description: '<string>'}]
})
};

fetch('https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'name' => '<string>',
'expireAt' => '2023-11-07T05:31:56Z',
'hashData' => [
'keyIdHash' => '<string>',
'keyIdSuffix' => '<string>',
'keySecretHash' => '<string>'
],
'roles' => [

],
'ipAccessList' => [
[
'source' => '<string>',
'description' => '<string>'
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Basic <encoded-value>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys"

payload := strings.NewReader("{\n \"name\": \"<string>\",\n \"expireAt\": \"2023-11-07T05:31:56Z\",\n \"hashData\": {\n \"keyIdHash\": \"<string>\",\n \"keyIdSuffix\": \"<string>\",\n \"keySecretHash\": \"<string>\"\n },\n \"roles\": [],\n \"ipAccessList\": [\n {\n \"source\": \"<string>\",\n \"description\": \"<string>\"\n }\n ]\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Basic <encoded-value>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys")
.header("Authorization", "Basic <encoded-value>")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"<string>\",\n \"expireAt\": \"2023-11-07T05:31:56Z\",\n \"hashData\": {\n \"keyIdHash\": \"<string>\",\n \"keyIdSuffix\": \"<string>\",\n \"keySecretHash\": \"<string>\"\n },\n \"roles\": [],\n \"ipAccessList\": [\n {\n \"source\": \"<string>\",\n \"description\": \"<string>\"\n }\n ]\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.clickhouse.cloud/v1/organizations/{organizationId}/keys")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Basic <encoded-value>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"<string>\",\n \"expireAt\": \"2023-11-07T05:31:56Z\",\n \"hashData\": {\n \"keyIdHash\": \"<string>\",\n \"keyIdSuffix\": \"<string>\",\n \"keySecretHash\": \"<string>\"\n },\n \"roles\": [],\n \"ipAccessList\": [\n {\n \"source\": \"<string>\",\n \"description\": \"<string>\"\n }\n ]\n}"

response = http.request(request)
puts response.read_body
{
  "status": 200,
  "requestId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "result": {
    "key": {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "name": "<string>",
      "roles": [],
      "keySuffix": "<string>",
      "createdAt": "2023-11-07T05:31:56Z",
      "expireAt": "2023-11-07T05:31:56Z",
      "usedAt": "2023-11-07T05:31:56Z",
      "ipAccessList": [
        {
          "source": "<string>",
          "description": "<string>"
        }
      ]
    },
    "keyId": "<string>",
    "keySecret": "<string>"
  }
}
{
"status": 400,
"error": "<string>"
}

Authorizations

Authorization
string
header
required

Use key ID and key secret obtained in ClickHouse Cloud console: https://clickhouse.com/docs/cloud/manage/openapi

Path Parameters

organizationId
string<uuid>
required

ID of the organization that will own the key.

Body

application/json
name
string

Name of the key.

expireAt
string<date-time> | null

Timestamp the key expires. If not present, null or is empty the key never expires. ISO-8601.

state
enum<string>

Initial state of the key: 'enabled', 'disabled'. If not provided the new key will be 'enabled'.

Available options:
enabled,
disabled
hashData
object
roles
enum<string>[]

List of roles assigned to the key. Contains at least 1 element.

Available options:
admin,
developer,
query_endpoints
ipAccessList
object[]

List of IP addresses allowed to access the API using this key

Response

Successful response

status
number

HTTP status code.

Example:

200

requestId
string<uuid>

Unique id assigned to every request. UUIDv4

result
object
Last modified on July 2, 2026