# dev.cocore.account.defs > Published by [cocore.dev](https://lexicon.garden/identity/did:plc:5quuhkmwe2q4k3azfsgg7kdz) ✓ This is the authoritative definition for this NSID. ## Description Shared type definitions for dev.cocore.account.* methods. ## Links - [View on Lexicon Garden](https://lexicon.garden/lexicon/did:plc:5quuhkmwe2q4k3azfsgg7kdz/dev.cocore.account.defs) - [Documentation](https://lexicon.garden/lexicon/did:plc:5quuhkmwe2q4k3azfsgg7kdz/dev.cocore.account.defs/docs) - [Examples](https://lexicon.garden/lexicon/did:plc:5quuhkmwe2q4k3azfsgg7kdz/dev.cocore.account.defs/examples) ## Definitions ### `dev.cocore.account.defs#apiKeyView` **Type**: `object` Public metadata for a single API key. Never contains the secret — the full key is returned exactly once, by createApiKey, and is unrecoverable afterwards. The server persists only a SHA-256 hash of the secret plus the displayable `prefix`. | Property | Type | Required | Description | |----------|------|----------|-------------| | `id` | `string` | Yes | Stable identifier for this key. Pass it to revokeApiKey / deleteApiKey. | | `did` | `string` (did) | Yes | DID of the account that owns this key. | | `name` | `string` | Yes | Human-readable label set at creation time. | | `prefix` | `string` | Yes | First characters of the key (e.g. `cocore-AbCd1234`), stored in plaintext so a key can be recognised in a list without revealing the secret. | | `createdAt` | `string` (datetime) | Yes | When the key was minted. | | `expiresAt` | `string` (datetime) | No | Optional expiry. Absent means the key never expires on its own. | | `revokedAt` | `string` (datetime) | No | Set when the key was revoked. A revoked key no longer authenticates but the row survives for audit until deleteApiKey removes it. | | `lastUsedAt` | `string` (datetime) | No | Last time the key successfully authenticated a request. Absent if never used. | ## Raw Schema ```json { "id": "dev.cocore.account.defs", "defs": { "apiKeyView": { "type": "object", "required": [ "id", "did", "name", "prefix", "createdAt" ], "properties": { "id": { "type": "string", "description": "Stable identifier for this key. Pass it to revokeApiKey / deleteApiKey." }, "did": { "type": "string", "format": "did", "description": "DID of the account that owns this key." }, "name": { "type": "string", "maxLength": 100, "description": "Human-readable label set at creation time." }, "prefix": { "type": "string", "description": "First characters of the key (e.g. `cocore-AbCd1234`), stored in plaintext so a key can be recognised in a list without revealing the secret." }, "createdAt": { "type": "string", "format": "datetime", "description": "When the key was minted." }, "expiresAt": { "type": "string", "format": "datetime", "description": "Optional expiry. Absent means the key never expires on its own." }, "revokedAt": { "type": "string", "format": "datetime", "description": "Set when the key was revoked. A revoked key no longer authenticates but the row survives for audit until deleteApiKey removes it." }, "lastUsedAt": { "type": "string", "format": "datetime", "description": "Last time the key successfully authenticated a request. Absent if never used." } }, "description": "Public metadata for a single API key. Never contains the secret — the full key is returned exactly once, by createApiKey, and is unrecoverable afterwards. The server persists only a SHA-256 hash of the secret plus the displayable `prefix`." } }, "$type": "com.atproto.lexicon.schema", "lexicon": 1, "description": "Shared type definitions for dev.cocore.account.* methods." } ```