Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.pam.ai/llms.txt

Use this file to discover all available pages before exploring further.

All /v1 requests require an API key in the Authorization header. 
Authorization: Bearer $PAM_API_KEY
API keys are scoped to a client organization. Requests can only access campaigns, keys, and webhooks that belong to that organization.

Creating Keys

The first API key is provisioned outside the public API during onboarding. Once you have a valid key, you can create additional keys through the API: 
curl https://api.pamhq.com/v1/api-keys \
  -X POST \
  -H "Authorization: Bearer $PAM_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production integration",
    "expires_at": "2027-01-01T00:00:00Z"
  }'
The raw key is returned only once. Store it immediately. 
{
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "Production integration",
    "key": "pk_live_aBcDeFgHiJkLmNoPqRsTuVwXyZ012345678901",
    "key_prefix": "pk_live_aBcD",
    "expires_at": "2027-01-01T00:00:00Z",
    "created_at": "2026-04-10T14:00:00Z"
  },
  "meta": {
    "request_id": "req_abc123"
  }
}

Rotating Keys

Use short, descriptive names for keys so they are easy to rotate later. To rotate a production key:
  1. Create a replacement key.
  2. Deploy the replacement key to your integration.
  3. Confirm traffic succeeds with the new key.
  4. Revoke the old key with POST /api-keys/{id}/revoke.
Revoked or expired keys receive 401 Unauthorized.