# API keys

Use API keys to identify and authenticate applications and users.
Always keep your API keys private.
When creating API keys, you can restrict them to a given set of permissions.
For information on how to create and manage API keys, see [API keys](https://www.rebilly.com/docs/dev-docs/api-keys/).

## Retrieve API keys

 - [GET /api-keys](https://www.rebilly.com/static/_spec/catalog/all-3.0/api-keys/getapikeycollection.md): Retrieve a list of API keys.

## Create an API key

 - [POST /api-keys](https://www.rebilly.com/static/_spec/catalog/all-3.0/api-keys/postapikey.md): Create an API key.

## Retrieve API key

 - [GET /api-keys/{id}](https://www.rebilly.com/static/_spec/catalog/all-3.0/api-keys/getapikey.md): Retrieve API key with a specified ID.

## Upsert an API key

 - [PUT /api-keys/{id}](https://www.rebilly.com/static/_spec/catalog/all-3.0/api-keys/putapikey.md): Create or update (upsert) API key with a specified ID.

## Delete API key

 - [DELETE /api-keys/{id}](https://www.rebilly.com/static/_spec/catalog/all-3.0/api-keys/deleteapikey.md): Deletes an API key with a specified ID.