Skip to main content
POST
Create access key

gRPC method: CreateAccessKeyFromJWT

Generate an access key using a CoreWeave Cloud token. The key can be permanent or time-limited depending on the value of durationSeconds.
  • Set durationSeconds to 0 to create a permanent key.
  • Set durationSeconds to a positive integer to create a temporary key with that lifespan in seconds.
data.json (permanent)
data.json (temporary)
Example request

Authorizations

Authorization
string
header
default:Bearer {API_ACCESS_TOKEN}
required

CoreWeave API access token sent as a bearer token in the Authorization header (the value is prefixed with Bearer). Used by every operation except the SAML/OIDC token-exchange endpoints (anonymous) and the container credentials GET (which uses ContainerCredentialsAuth).

Body

application/json

Inputs for creating an access key from a CoreWeave Cloud token.

durationSeconds
integer<uint32>
required

Lifespan of the resulting access key in seconds. Set to 0 to create a permanent key; set to a positive integer to create a temporary key with that lifespan. Required.

Required range: x >= 0
attributes
object

Free-form caller-supplied attributes attached to the key (for example, name).

Response

OK

The newly-minted access key. The secretKey is the only opportunity to read the secret value.

accessKeyId
string

The access-key ID.

secretKey
string

The secret access key. Treat as a credential and store it securely on receipt.

principalName
string

The fully-qualified principal name that owns the access key.

expiry
string<date-time>

The expiration time of the access key. Permanent keys may report a sentinel value.

attributes
object

The attributes that were attached to the key on creation.

Last modified on July 13, 2026