Create a new API key
Create a new CometAPI API key for the authenticated account.
Authorization header value. Do not prefix it with Bearer.Request body
| Field | Type | Description |
|---|---|---|
name | string | User-readable display name for the key. Must be 50 characters or fewer. |
expired_time | integer | Unix timestamp in seconds when the key expires. Use -1 for no expiration. |
remain_quota | integer | Starting quota in CometAPI internal quota units. If this reaches 0 and unlimited_quota is false, model requests with this key are rejected as quota exhausted. |
unlimited_quota | boolean | Whether the key bypasses remaining-quota checks. Set true only when the key should keep working even if remain_quota is 0. |
model_limits_enabled | boolean | Whether to restrict this key to specific models. When false, model_limits is ignored. |
model_limits | string | Comma-separated model IDs allowed by this key when model_limits_enabled is true. Use model IDs returned by /v1/models; use an empty string for no model restriction. |
allow_ips | string or null | Optional IP allowlist. Provide one JSON string with entries separated by newline characters (\n). Each entry can be a single IPv4 address, single IPv6 address, IPv4 CIDR, or IPv6 CIDR. Use null or "" to disable IP restrictions. |
group | string | Optional account group restriction. Use an empty string for no explicit group. Non-empty values must be available to the account, or the API returns success: false. |
cross_group_retry | boolean | Whether cross-group retry is enabled for automatic group routing. This is only meaningful when the key uses an auto-routed group. |
Allowlist format
To allow multiple IPs or CIDR ranges, send them as one JSON string with\n between entries:
Authorizations
Personal access token copied from CometAPI Console > Personal Settings. Send the raw token value; do not prefix it with Bearer.
Body
User-readable display name for the API key. The backend accepts up to 50 Unicode characters; longer names return success: false with token name is too long.
50"production"
Unix timestamp in seconds when the key expires. Use -1 for no expiration. A past timestamp blocks model requests with this key.
-1
Starting quota for the new key in CometAPI internal quota units. If this reaches 0 while unlimited_quota is false, model requests with this key are rejected as quota exhausted.
100000
Whether the key bypasses remaining-quota checks. Set true only when the key should keep working even if remain_quota is 0.
false
Whether to restrict this key to specific models. When true, only model IDs listed in model_limits are allowed. When false, model_limits is ignored.
false
Comma-separated model IDs allowed by this key when model_limits_enabled is true. Use model IDs returned by /v1/models, for example <model-id-1>,<model-id-2>. Use an empty string for no model restriction.
""
Optional IP allowlist. Provide one JSON string with entries separated by newline characters (\n). Each entry can be a single IPv4 address, single IPv6 address, IPv4 CIDR, or IPv6 CIDR. Example for three allowlist entries: 198.51.100.10\n203.0.113.0/24\n2001:db8::/32. CometAPI compares the model request client IP to this list. Use null or "" to disable IP restrictions.
"198.51.100.10\n203.0.113.0/24\n2001:db8::/32"
Optional account group restriction. Use an empty string for no explicit group restriction. Non-empty values must be available to the account, or the API returns success: false with a no access to group message.
""
Whether cross-group retry is enabled for automatic group routing. This is only meaningful when the key uses an auto-routed group such as auto.
false