POST
/
projects
/
{projectIdOrName}
/
jwt-keys
Create a new JWT key
curl --request POST \
  --url https://api.withampersand.com/v1/projects/{projectIdOrName}/jwt-keys \
  --header 'Content-Type: application/json' \
  --header 'X-Api-Key: <api-key>' \
  --data '{
  "name": "production-key-1",
  "algorithm": "RSA",
  "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f5wg5l2hKsTeNem/V41\nfGnJm6gOdrj8ym3rFkEjWT2btf2QisEgQG5WQwTfEUvUNR8JW5FQ0mKJ5I4LhXq6\nV5gN6kSKs2cUdD8Ky7Lj7kqn6I3l3r3F2fK9MFjZ8tU5z4z4yHdF6W2C3k5vf3f\n-----END PUBLIC KEY-----\n"
}'
{
"kid": "550e8400-e29b-41d4-a716-446655440000"
}

Authorizations

X-Api-Key
string
header
required

Path Parameters

projectIdOrName
string
required

Ampersand Project ID or name.

Body

application/json
label
string
required

Human-readable label for the JWT key

Required string length: 1 - 255
Example:

"production-key-1"

algorithm
enum<string>
required

The cryptographic JWT signing algorithm (currently only RS256 is supported)

Available options:
RS256
Example:

"RS256"

publicKeyPem
string<pem>
required

RSA public key in PEM format for JWT signature verification

Example:

"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f5wg5l2hKsTeNem/V41\nfGnJm6gOdrj8ym3rFkEjWT2btf2QisEgQG5WQwTfEUvUNR8JW5FQ0mKJ5I4LhXq6\nV5gN6kSKs2cUdD8Ky7Lj7kqn6I3l3r3F2fK9MFjZ8tU5z4z4yHdF6W2C3k5vf3f\n-----END PUBLIC KEY-----\n"

Response

JWT key created successfully

kid
string<uuid>
required

The unique key identifier (key ID) for the created JWT key

Example:

"550e8400-e29b-41d4-a716-446655440000"