Skip to main content
Manage your API tokens for authenticating API requests. All token management endpoints require Supabase session authentication (browser-based).

Create Token

POST /api/tokens
Creates a new API token. Each user can have up to 5 active tokens.

Request Body

name
string
required
A descriptive name for the token (e.g., “My App”, “CI/CD Pipeline”).

Response

{
  "id": "token-uuid",
  "token": "meigen_sk_aBcDeFgHiJkLmNoPqRsTuVwXyZ012345",
  "name": "My App",
  "created_at": "2025-03-01T12:00:00Z"
}
The full token value is only returned once at creation time. Copy and store it securely — you won’t be able to see it again.

List Tokens

GET /api/tokens
Returns all tokens for the authenticated user.

Response

[
  {
    "id": "token-uuid",
    "name": "My App",
    "token_value": "meigen_sk_aBcD...****",
    "is_active": true,
    "last_used_at": "2025-03-01T15:30:00Z",
    "created_at": "2025-03-01T12:00:00Z"
  }
]

Revoke Token

DELETE /api/tokens/:id
Revokes (soft-deletes) a token. The token will immediately stop working for API authentication.

Path Parameters

id
string
required
The token ID to revoke.

Response

{
  "success": true
}

Token Usage

GET /api/tokens/:id/usage
Returns the usage history for a specific token.

Path Parameters

id
string
required
The token ID to check usage for.

Response

{
  "generations": [
    {
      "id": "generation-uuid",
      "model": "nanobanana-2",
      "credits_used": 5,
      "status": "completed",
      "created_at": "2025-03-01T15:30:00Z"
    }
  ]
}