Skip to main content
Two endpoints manage the external API key registry. Both require the X-Admin-Key header.
These endpoints are protected by X-Admin-Key. If ADMIN_KEY is not set in your environment, they are unprotected. Always configure ADMIN_KEY in production.

GET /api/settings/api-keys

Returns the full API registry with obfuscated key values (first 4 characters shown, remainder masked).
Rate limit: 30 requests per minute per IP.

Headers

X-Admin-Key
string
required
Admin authentication key matching the ADMIN_KEY environment variable.

Response

An array of API registry entries:
id
string
Internal registry ID.
name
string
Human-readable service name.
description
string
Description of what the API provides.
category
string
Service category (e.g. "Aviation", "Maritime", "Space").
url
string
Service homepage URL.
required
boolean
Whether this key is required for core functionality.
has_key
boolean
Whether this service uses an API key (some are keyless).
env_key
string
The environment variable name for this key (e.g. "AIS_API_KEY").
value_obfuscated
string
Masked key value showing only the first 4 characters. null for keyless services.
is_set
boolean
Whether the key has a non-empty value in the current environment.

Example

curl -H "X-Admin-Key: your-secret-key" \
  http://localhost:8000/api/settings/api-keys

[
  {
    "id": "ais_api_key",
    "name": "AIS Stream",
    "description": "WebSocket API key for real-time AIS vessel tracking data worldwide.",
    "category": "Maritime",
    "url": "https://aisstream.io/",
    "required": true,
    "has_key": true,
    "env_key": "AIS_API_KEY",
    "value_obfuscated": "abcd••••••••",
    "is_set": true
  },
  {
    "id": "usgs_earthquakes",
    "name": "USGS Earthquake Hazards",
    "description": "Real-time earthquake data. No key required.",
    "category": "Geophysical",
    "url": "https://earthquake.usgs.gov/",
    "required": false,
    "has_key": false,
    "env_key": null,
    "value_obfuscated": null,
    "is_set": false
  }
]

PUT /api/settings/api-keys

Updates a single API key in the .env file and in the running process environment. Changes take effect immediately — no restart required. Call GET /api/refresh afterwards to re-fetch data with the new key.
Rate limit: 10 requests per minute per IP.

Headers

X-Admin-Key
string
required
Admin authentication key.

Request body

env_key
string
required
The environment variable to update. Must be one of the following values:
env_keyService
AIS_API_KEYAIS Stream (aisstream.io)
OPENSKY_CLIENT_IDOpenSky Network OAuth2 client ID
OPENSKY_CLIENT_SECRETOpenSky Network OAuth2 client secret
LTA_ACCOUNT_KEYLTA Singapore (traffic cameras)
value
string
required
New key value. Must not contain newline characters.

Response

status
string
required
"updated" on success, "error" on failure.
env_key
string
The key that was updated. Present on success.
message
string
Error description. Present only when status is "error".

Example

curl -X PUT http://localhost:8000/api/settings/api-keys \
  -H "X-Admin-Key: your-secret-key" \
  -H "Content-Type: application/json" \
  -d '{"env_key": "AIS_API_KEY", "value": "your-new-api-key"}'

{
  "status": "updated",
  "env_key": "AIS_API_KEY"
}

Build docs developers (and LLMs) love

Get started for freeTalk to us