apf_live_ prefix identifies these as AutoPrintFarm production keys. It
also lets GitHub’s secret scanning flag accidental commits.
Creating a key
Only owners and admins can mint API keys.- Open Settings → API Keys in the dashboard.
- Click Create API Key.
- Enter a descriptive name (e.g.
warehouse-dashboard-prod). - Choose the scopes you need:
printers:readjobs:readinventory:read
- Click Create key.
Using a key
Send the key in theAuthorization header on every request:
Terminal
JavaScript
Python
Scopes
Each request checks for the scope the endpoint requires. A key without the right scope gets403 INSUFFICIENT_SCOPE.
| Scope | Grants |
|---|---|
printers:read | GET /printers |
jobs:read | GET /jobs |
inventory:read | GET /inventory |
Revoking a key
Open Settings → API Keys and click the trash icon on a row. Revocation is immediate — the next request using that key returns401 TOKEN_REVOKED.
If you think a key may have leaked, revoke it and mint a new one. There is no
rotation flow — just create + revoke.
Error codes
| HTTP | Code | Meaning |
|---|---|---|
| 401 | UNAUTHORIZED | Missing Authorization header |
| 401 | TOKEN_INVALID | Bad prefix or unknown hash |
| 401 | TOKEN_REVOKED | Key was revoked |
| 401 | TOKEN_EXPIRED | Key expired (if expiration was set) |
| 403 | INSUFFICIENT_SCOPE | Key doesn’t have the scope the endpoint needs |
| 429 | RATE_LIMITED | You exceeded the per-key rate limit |