> ## Documentation Index
> Fetch the complete documentation index at: https://docs.verifyyou.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Test an API key

> Check that an API key works and see what it is: publishable or secret, test or live, and which company it belongs to. Send the key as the bearer token, like any other call. Always returns `200`: a bad key comes back as `valid: false` rather than an error, so it's safe to wire into a healthcheck or setup step.



## OpenAPI

````yaml /v3/openapi.json post /v3/keys/test
openapi: 3.1.0
info:
  title: VerifyYou API
  description: >-
    The VerifyYou developer API. Start a verification from the browser with your
    publishable key, then confirm the result server-side with your secret key.
    Authenticate every request with `Authorization: Bearer <key>`.
  version: 0.1.0
servers:
  - url: https://trust.verifyyou.com
    description: Production
security: []
tags:
  - name: Verification Flow
    description: Start a hosted verification and get the URL to redirect the user to.
  - name: Confirmations
    description: Confirm a verification token, and lock it against replay (secret key).
  - name: API Keys
    description: Check whether a publishable or secret key is valid.
paths:
  /v3/keys/test:
    post:
      tags:
        - API Keys
      summary: Test an API key
      description: >-
        Check that an API key works and see what it is: publishable or secret,
        test or live, and which company it belongs to. Send the key as the
        bearer token, like any other call. Always returns `200`: a bad key comes
        back as `valid: false` rather than an error, so it's safe to wire into a
        healthcheck or setup step.
      operationId: external-test_key
      responses:
        '200':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/KeyTestResponse'
      security:
        - HTTPBearer: []
components:
  schemas:
    KeyTestResponse:
      properties:
        valid:
          type: boolean
          title: Valid
          description: >-
            Whether the key resolved to an active account. An unknown or revoked
            key comes back as `false`, not an error.
        key_type:
          type: string
          title: Key Type
          description: >-
            Prefix of the key you sent: `pk_live`, `pk_test`, `sk_live`,
            `sk_test`, or `unknown` if it matched none of them.
          examples:
            - sk_test
        is_test:
          anyOf:
            - type: boolean
            - type: 'null'
          title: Is Test
          description: Whether the key is a test key. `null` when the key didn't resolve.
        customer_id:
          anyOf:
            - type: string
              format: uuid
            - type: 'null'
          title: Customer Id
          description: The company the key belongs to. `null` when the key didn't resolve.
      type: object
      required:
        - valid
        - key_type
      title: KeyTestResponse
  securitySchemes:
    HTTPBearer:
      type: http
      scheme: bearer

````