Prerequisites

Extracting keys from your current system is likely the hardest part. It depends on how your keys are stored and how you can access them. Some providers have APIs to list all keys, while others require you to manually export them, some can provide the real key, and some only provide a hashed version.

Regardless of how you get your keys, you will need to provide the key hash and other settings to Unkey via the migrations.createKeys endpoint.

Example

Node.js

const { createHash } = require("node:crypto")

function hash(key) {
  return {
    value: createHash("sha256").update(key).digest("base64"),
    variant: "sha256_base64",
  }
}

const keys = [
  {
    hash: hash("my-secret-key"),
    ownerId: "hello",
    apiId: "<UNKEY_API_ID>", // the id of the API you created
    //... other settings
  },
  {
    hash: hash("my-other-secret-key"),
    name: "name",
    apiId: "<UNKEY_API_ID>", // the id of the API you created
    //... other settings
  },
]

fetch("https://api.unkey.dev/v1/migrations.createKeys", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    Authorization: "Bearer <UNKEY_ROOT_kEY>",
  },
  body: JSON.stringify(keys)
})
.then(res=>res.json())
.then(res=>{console.log(res)})

Was this page helpful?

Overview