# Get all tenant API keys (Admin)

Retrieve all valid API keys for the current tenant. Admin-only operation that returns keys based on tenant context from authentication. Supports optional filtering by API key type.

Endpoint: GET /api-keys
Version: 2.0.7
Security: tenantAdminJWT

## Query parameters:

  - `type` (string)
    Optional filter by integration API key type (database-stored tokens that can be revoked)
    Enum: "TENANT_SYSTEM_JWT"

  - `includeRevoked` (boolean)
    Include revoked API keys in results (default: false)

## Response 200 fields (application/json):

  - `id` (string, required)
    Unique identifier for the API key
    Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479"

  - `type` (string, required)
    Type of API key
    Enum: "TENANT_SYSTEM_JWT", "ADMIN_JWT_ACCESS_TOKEN", "ADMIN_JWT_REFRESH_TOKEN", "USER_JWT_ACCESS_TOKEN", "USER_JWT_REFRESH_TOKEN", "BLOCKCHAIN_WRITER_JWT", "BLOCKCHAIN_READER_JWT", "TENANT_ADMIN_JWT"

  - `name` (object,null)
    Human-readable name for the API key
    Example: "JWT Token (Mainnet) - 2025-11-22"

  - `createdAt` (string, required)
    Creation timestamp
    Example: "2025-11-22T10:30:00.000Z"

  - `shortenedPrivateKey` (string, required)
    Token preview for dashboard identification (first 8 + last 4 characters)
    Example: "eyJhbGci...xMjM"

  - `expiresAt` (object,null)
    Expiration timestamp (null = no expiry)
    Example: "2026-11-22T10:30:00.000Z"

  - `isRevoked` (boolean, required)
    Indicates if the API key has been revoked

  - `lastUsedAt` (object,null)
    Last time the API key was used for authentication
    Example: "2025-11-24T14:30:00.000Z"