API Key Validation

Endpoint

GET /v1/validation

Overview

Check whether your API key is valid, expired, or revoked. This is a shared endpoint available to all key types. It is recommended to call this endpoint during SDK/app initialization to verify key validity before making other API calls.

Request

curl https://api.ones1ght.com/v1/validation \
  -H "Authorization: Bearer $API_KEY"

Response

Active Key

{
  "success": true,
  "data": {
    "status": "active",
    "key_type": "client_sdk",
    "key_prefix": "osk_two_708f",
    "tenant_code": "two",
    "created_at": "2026-04-17T05:36:28.123Z",
    "expires_at": "2026-06-16T05:36:28.123Z"
  }
}

Expired Key

{
  "success": true,
  "data": {
    "status": "expired",
    "key_type": "client_sdk",
    "key_prefix": "osk_two_708f",
    "tenant_code": "two",
    "created_at": "2026-01-01T00:00:00Z",
    "expires_at": "2026-03-01T00:00:00Z"
  }
}

Invalid Key

If the key does not exist or is malformed, 401 is returned by the authentication filter:

{
  "success": false,
  "message": "Invalid or expired API key"
}

Response Fields

Field	Description
`status`	Key status: `active`, `expired`, `revoked`
`key_type`	Key type: `client_sdk` or `rest_api`
`key_prefix`	First 12 characters of the key (for identification)
`tenant_code`	Tenant code
`created_at`	Key creation time
`expires_at`	Expiration time (`null` if permanent)

Getting Started

Features

Workspace

Management

Support

Open API

API Key Validation

Endpoint

Overview

Request

Response

Active Key

Expired Key

Invalid Key

Response Fields

Getting Started

Features

Workspace

Management

Support

Open API

​Endpoint

​Overview

​Request

​Response

​Active Key

​Expired Key

​Invalid Key

​Response Fields

Endpoint

Overview

Request

Response

Active Key

Expired Key

Invalid Key

Response Fields