Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.lyceum.technology/llms.txt

Use this file to discover all available pages before exploring further.

API keys are long-lived bearer tokens that authenticate requests to Lyceum Cloud. They’re prefixed lk_ and pass in the Authorization header on every request: 
curl https://api.lyceum.technology/api/v2/external/billing/credits \
  -H "Authorization: Bearer lk_your_api_key"
Every endpoint in the API Reference accepts the same header.

API keys vs JWT tokens

The platform supports two token types:
TokenLifetimeWhen to use
API key (lk_...)Long-lived, until revoked or expiredCLI in CI, scripts, integrations, anything non-interactive
JWTShort-lived, refreshableInteractive dashboard sessions, API playground, testing
The CLI uses JWT login by default (lyceum auth login exchanges email and password for a JWT). For non-interactive use — CI pipelines, scheduled jobs, deployed services — generate an API key and pass it as the bearer token instead. JWTs can be refreshed via POST /auth/refresh. API keys can be revoked or temporarily disabled without deleting them.

Lifecycle

API keys can be:
  • Created with a name and an optional expiration date
  • Revoked (deleted) at any time, effective immediately
  • Toggled active/inactive — useful for temporarily disabling a key without losing the audit trail
The full key value is returned exactly once, in the response to the create request. After that, only the prefix (first 8 characters) is visible. If you lose a key, revoke it and create a new one.
API keys grant the same access as your account. Store them in a password manager or secret store, and never commit them to source control.

REST API

MethodEndpointPurpose
GET/auth/api-keys/List your keys
POST/auth/api-keys/Create a new key — returns the full value once
DELETE/auth/api-keys/{api_key_id}Revoke a key
PATCH/auth/api-keys/{api_key_id}/toggleActivate or deactivate
POST/auth/api-keys/validateCheck whether a key is valid (without using it)

Validating a key

The /auth/api-keys/validate endpoint lets you check whether an API key is valid and what user it belongs to without making a real authenticated request. Useful for build-time sanity checks in CI: 
curl -X POST https://api.lyceum.technology/api/v2/external/auth/api-keys/validate \
  -H "Content-Type: application/json" \
  -d '{"api_key": "lk_..."}'
The response includes the user ID, email, key name, creation timestamp, and expiry, or an error if the key is invalid or revoked.