Skip to main content
PATCH
/
project-keys
/
{project_key_id}
Update Project Key
curl --request PATCH \
  --url https://api.streamkap.com/project-keys/{project_key_id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "description": "<string>",
  "role_ids": [
    "<string>"
  ],
  "permission_ids": [
    "<string>"
  ],
  "kafka_acls": [
    {
      "topic_name": "<string>",
      "operation": "<string>",
      "resource_pattern_type": "<string>",
      "resource": "TOPIC"
    }
  ],
  "whitelist_ips": "<string>",
  "kafka_config": {
    "username": "<string>",
    "password": "<string>",
    "whitelist_ips": "<string>",
    "kafka_acls": [
      {
        "topic_name": "<string>",
        "operation": "<string>",
        "resource_pattern_type": "<string>",
        "resource": "TOPIC"
      }
    ],
    "is_create_schema_registry": false
  },
  "kafka_password": "<string>",
  "allowed_tools": [
    "<string>"
  ],
  "blocked_tools": [
    "<string>"
  ]
}
'
import requests

url = "https://api.streamkap.com/project-keys/{project_key_id}"

payload = {
"name": "<string>",
"description": "<string>",
"role_ids": ["<string>"],
"permission_ids": ["<string>"],
"kafka_acls": [
{
"topic_name": "<string>",
"operation": "<string>",
"resource_pattern_type": "<string>",
"resource": "TOPIC"
}
],
"whitelist_ips": "<string>",
"kafka_config": {
"username": "<string>",
"password": "<string>",
"whitelist_ips": "<string>",
"kafka_acls": [
{
"topic_name": "<string>",
"operation": "<string>",
"resource_pattern_type": "<string>",
"resource": "TOPIC"
}
],
"is_create_schema_registry": False
},
"kafka_password": "<string>",
"allowed_tools": ["<string>"],
"blocked_tools": ["<string>"]
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.patch(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'PATCH',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
name: '<string>',
description: '<string>',
role_ids: ['<string>'],
permission_ids: ['<string>'],
kafka_acls: [
{
topic_name: '<string>',
operation: '<string>',
resource_pattern_type: '<string>',
resource: 'TOPIC'
}
],
whitelist_ips: '<string>',
kafka_config: {
username: '<string>',
password: '<string>',
whitelist_ips: '<string>',
kafka_acls: [
{
topic_name: '<string>',
operation: '<string>',
resource_pattern_type: '<string>',
resource: 'TOPIC'
}
],
is_create_schema_registry: false
},
kafka_password: '<string>',
allowed_tools: ['<string>'],
blocked_tools: ['<string>']
})
};

fetch('https://api.streamkap.com/project-keys/{project_key_id}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.streamkap.com/project-keys/{project_key_id}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PATCH",
CURLOPT_POSTFIELDS => json_encode([
'name' => '<string>',
'description' => '<string>',
'role_ids' => [
'<string>'
],
'permission_ids' => [
'<string>'
],
'kafka_acls' => [
[
'topic_name' => '<string>',
'operation' => '<string>',
'resource_pattern_type' => '<string>',
'resource' => 'TOPIC'
]
],
'whitelist_ips' => '<string>',
'kafka_config' => [
'username' => '<string>',
'password' => '<string>',
'whitelist_ips' => '<string>',
'kafka_acls' => [
[
'topic_name' => '<string>',
'operation' => '<string>',
'resource_pattern_type' => '<string>',
'resource' => 'TOPIC'
]
],
'is_create_schema_registry' => false
],
'kafka_password' => '<string>',
'allowed_tools' => [
'<string>'
],
'blocked_tools' => [
'<string>'
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.streamkap.com/project-keys/{project_key_id}"

payload := strings.NewReader("{\n \"name\": \"<string>\",\n \"description\": \"<string>\",\n \"role_ids\": [\n \"<string>\"\n ],\n \"permission_ids\": [\n \"<string>\"\n ],\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"whitelist_ips\": \"<string>\",\n \"kafka_config\": {\n \"username\": \"<string>\",\n \"password\": \"<string>\",\n \"whitelist_ips\": \"<string>\",\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"is_create_schema_registry\": false\n },\n \"kafka_password\": \"<string>\",\n \"allowed_tools\": [\n \"<string>\"\n ],\n \"blocked_tools\": [\n \"<string>\"\n ]\n}")

req, _ := http.NewRequest("PATCH", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.patch("https://api.streamkap.com/project-keys/{project_key_id}")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"<string>\",\n \"description\": \"<string>\",\n \"role_ids\": [\n \"<string>\"\n ],\n \"permission_ids\": [\n \"<string>\"\n ],\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"whitelist_ips\": \"<string>\",\n \"kafka_config\": {\n \"username\": \"<string>\",\n \"password\": \"<string>\",\n \"whitelist_ips\": \"<string>\",\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"is_create_schema_registry\": false\n },\n \"kafka_password\": \"<string>\",\n \"allowed_tools\": [\n \"<string>\"\n ],\n \"blocked_tools\": [\n \"<string>\"\n ]\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.streamkap.com/project-keys/{project_key_id}")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Patch.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"<string>\",\n \"description\": \"<string>\",\n \"role_ids\": [\n \"<string>\"\n ],\n \"permission_ids\": [\n \"<string>\"\n ],\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"whitelist_ips\": \"<string>\",\n \"kafka_config\": {\n \"username\": \"<string>\",\n \"password\": \"<string>\",\n \"whitelist_ips\": \"<string>\",\n \"kafka_acls\": [\n {\n \"topic_name\": \"<string>\",\n \"operation\": \"<string>\",\n \"resource_pattern_type\": \"<string>\",\n \"resource\": \"TOPIC\"\n }\n ],\n \"is_create_schema_registry\": false\n },\n \"kafka_password\": \"<string>\",\n \"allowed_tools\": [\n \"<string>\"\n ],\n \"blocked_tools\": [\n \"<string>\"\n ]\n}"

response = http.request(request)
puts response.read_body
{
  "id": "<string>",
  "name": "<string>",
  "service_id": "<string>",
  "status": "<string>",
  "description": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "created_by_user": {
    "id": "<string>",
    "email": "<string>",
    "name": "<string>",
    "tenant_id": "<string>",
    "profile_picture_url": "<string>",
    "phone_number": "<string>",
    "created_at": "<string>",
    "last_login": "<string>"
  },
  "api_client_id": "<string>",
  "api_client_id_masked_secret": "<string>",
  "kafka_username": "<string>",
  "roles": [
    {
      "id": "<string>",
      "key": "<string>",
      "name": "<string>",
      "description": "<string>",
      "created_at": "<string>",
      "updated_at": "<string>",
      "permissions": [
        "<string>"
      ]
    }
  ],
  "last_used_at": "2023-11-07T05:31:56Z",
  "allowed_tools": [
    "<string>"
  ],
  "blocked_tools": [
    "<string>"
  ],
  "new_api_credentials": {
    "client_id": "<string>",
    "client_secret": "<string>",
    "token_endpoint": "<string>",
    "api_url": "<string>",
    "roles": [
      "<string>"
    ]
  },
  "new_kafka_credentials": {
    "username": "<string>",
    "password": "<string>",
    "bootstrap_servers": "<string>",
    "security_protocol": "SASL_SSL",
    "sasl_mechanism": "PLAIN",
    "schema_registry_url": "<string>"
  },
  "token_ttl_seconds": 123,
  "warnings": [
    "<string>"
  ]
}
{
"detail": [
{
"loc": [
"<string>"
],
"msg": "<string>",
"type": "<string>",
"input": "<unknown>",
"ctx": {}
}
]
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

project_key_id
string
required

Body

application/json

Request body for updating a Project Key.

name
string | null

Updated name

Required string length: 1 - 100
description
string | null

Updated description (HTML sanitized)

role_ids
string[] | null

Change the Frontegg roles for this PK, or assign roles when adding API access to a Kafka-only PK. Note: changing roles on an existing API credential only takes effect when the current JWT expires. See token_ttl_seconds in the detail response for the validity window.

Minimum array length: 1
permission_ids
string[] | null

Assign fine-grained permissions when ADDING API access to a Kafka-only PK. Changing permissions on an existing API credential is NOT supported — to change permissions on an existing PK, either switch to role_ids or delete and recreate the PK. This field is only accepted when the PK has no api_client_id yet.

Minimum array length: 1
kafka_acls
KafkaAclModel · object[] | null
whitelist_ips
string | null
kafka_config
ProjectKeyKafkaConfig · object | null

Add Kafka access to a PK that currently has none. Only valid when the PK has no Kafka user yet.

kafka_password
string | null

Rotate the Kafka SASL password for an existing Kafka user. PK must have kafka_username.

Required string length: 12 - 128
tool_profile
enum<string> | null
Available options:
full,
read-only,
agent-operator,
infra-admin
allowed_tools
string[] | null
blocked_tools
string[] | null

Response

Successful Response

Response for PATCH /project-keys/{id}.

Extends the summary with plaintext secrets when an additive capability transition occurred. For regular updates (no capability change), both new_api_credentials and new_kafka_credentials are None.

id
string
required
name
string
required
service_id
string
required
status
string
required
description
string | null
created_at
string<date-time> | null
created_by_user
User · object | null
api_client_id
string | null
api_client_id_masked_secret
string | null
kafka_username
string | null
roles
Role · object[]
last_used_at
string<date-time> | null
tool_profile
enum<string> | null
Available options:
full,
read-only,
agent-operator,
infra-admin
allowed_tools
string[] | null
blocked_tools
string[] | null
new_api_credentials
ProjectKeyApiCredentials · object | null

Present only when API credentials were ADDED to a Kafka-only PK. Contains the plaintext client_secret — shown only once.

new_kafka_credentials
ProjectKeyKafkaCredentials · object | null

Present only when Kafka access was ADDED to an API-only PK. Contains the plaintext Kafka password — shown only once.

token_ttl_seconds
integer

Current Frontegg JWT TTL in seconds (dynamic). Used by the frontend to compute how long role changes take to propagate.

warnings
string[]

Non-blocking informational messages the frontend should surface to the user after the update (e.g. 'role changes take effect within X hours'). Empty list when there is nothing to warn about.