Skip to main content
PATCH
Update API-key restrictions

What this endpoint does

Changes supported restrictions on an existing API key.

When to use it

Use it to reduce or adjust access without issuing another key.

Before you call

Use API-key administration access and pass a key ID owned by the same tenant account.

Money and balance effect

This changes a resource or configuration but does not directly reserve, debit, credit, or settle wallet money.

States and completion

A successful response makes the new restrictions effective for later requests. Existing requests are not replayed.

Safe retries

PATCH does not use an Idempotency-Key. After an unknown response, list the key and compare its restrictions before retrying the identical update. Read API keys for the complete workflow.

Authorizations

Authorization
string
header
required

Send the same Wayex API key as Authorization: Bearer <key>.

Path Parameters

id
string
required

Body

application/json
scopes
enum<string>[] | null
Required array length: 1 - 19 elements
Available options:
customers:read,
customers:write,
routes:read,
routes:write,
transfers:read,
transfers:write,
treasury:read,
treasury:write,
rates:read,
webhooks:read,
webhooks:write,
fees:read,
fees:write,
keys:read,
keys:write,
settings:read,
settings:write,
admin:read,
admin:write
allowedIps
string[] | null
Required array length: 1 - 50 elements
Required string length: 1 - 49
Pattern: ^[0-9a-fA-F:.]+(\/\d{1,3})?$

Response

The updated key.

id
string
required
Minimum string length: 1
counterpartyId
string
required
Minimum string length: 1
kind
enum<string>
required
Available options:
secret,
publishable
name
string
required
Minimum string length: 1
maskedKey
string
required
Minimum string length: 1
lastFour
string
required
status
enum<string>
required
Available options:
active,
revoked
createdAt
string<date-time>
required
revokedAt
string<date-time>
rotatedToId
string
Minimum string length: 1
scopes
enum<string>[]
Available options:
customers:read,
customers:write,
routes:read,
routes:write,
transfers:read,
transfers:write,
treasury:read,
treasury:write,
rates:read,
webhooks:read,
webhooks:write,
fees:read,
fees:write,
keys:read,
keys:write,
settings:read,
settings:write,
admin:read,
admin:write
allowedIps
string[]
Required string length: 1 - 49
Pattern: ^[0-9a-fA-F:.]+(\/\d{1,3})?$