How to Set an Expiry Date on an API Key
Give a key a built-in end date so it stops working automatically
Written by Erick Horn
June 27, 2026
How to set an expiry date on an API key
To set an expiry date, open the API Keys page in your APITube dashboard, click a key to open its detail page, and use the Expiration card to pick Never, in 7 / 30 / 90 days, or a custom date, then click Set expiration. Once that date passes, every request made with the key is rejected by the News API with a 401 response and the error code ER0230.
An expiry date is useful for time-boxed access: a contractor key, a trial integration, a demo, or a temporary script that should not keep working forever. Setting one means you do not have to remember to revoke the key later — it cuts itself off on schedule.
Where do you set a key’s expiry date?
Open the API Keys page in the dashboard, then click the key you want to change to open its detail page. The Expiration card has an Expires dropdown with these options:
- Never — the key has no end date (this is the default for new keys).
- In 7 days, in 30 days, in 90 days — the expiry is set relative to now.
- Custom — a date picker appears so you can choose any future calendar date.
Pick an option and click Set expiration. The expiry is stored on that single key only; it does not affect your other keys, your quota, or your subscription. You can come back and change it at any time.
Can you set an expiration when creating a key?
Yes. When you click Create key on the API Keys page, the create dialog includes the same Expiration control alongside the name, restrictions, and scopes. Choose Never, 7 / 30 / 90 days, or a custom date before you confirm, and the new key is born with that end date already attached. You can read more about the rest of the create flow in how to create, rename and revoke API keys.
The expiry date must be in the future. If you submit a date that has already passed, the dashboard rejects it with the message “Expiration must be in the future.” — a key cannot be created or saved as already dead.
What happens when an API key expires?
Once the expiry moment passes, the News API treats the key as expired on every request. The server checks the key right after confirming it is valid and before any IP or scope checks, so an expired key never reaches your data. The response is HTTP 401 with this body:
{
"status": "not_ok",
"request_id": "…",
"errors": [
{
"status": 401,
"code": "ER0230",
"message": "API key has expired.",
"links": { "about": "https://docs.apitube.io/platform/news-api/http-response-codes" },
"timestamp": "…"
}
]
}
Expiry applies to Test keys as well as Live keys — a api_test_ key with a past expires_at is rejected with ER0230 just like a Live one. To get a key working again, open its detail page and either move the expiry to a future date or set it back to Never; there is no way to revive an expired key from the request itself, because the date is enforced on each call. For the full debugging path on this and the other 401 codes, see how to fix authentication (401) errors.
How do you get warned before a key expires?
The dashboard surfaces expiry in two places so a key does not silently die on you:
- Status column. On the API Keys table, a key past its date shows a red Expired status. A key that is still valid but within seven days of expiring shows an Active badge with an “Expires in Nd” note next to it.
- Notifications. When one or more keys are within seven days of expiry you get an “API key expiring soon” notification (“{count} key(s) expire within {days} days”), and once a key has expired you get an “API key expired” notice (“{count} key(s) have expired and no longer work”).
Use these as a prompt to rotate the key or push out its expiry before downstream requests start failing.
Who can change a key’s expiry?
In a shared workspace, the owner, admins, and members can set or change a key’s expiry. Viewers have read-only access and cannot. The role check runs on the server, so a viewer is blocked from changing an expiry even outside the dashboard UI.
Common Questions
- How do I remove or extend an expiry?
- Does an expired key stop my whole account?
- Do expired keys still count toward my key limit?
- Can I expire a Test key?
How do I remove or extend an expiry?
Open the key’s detail page, set the Expires dropdown to Never (to remove the expiry entirely) or pick a new, later date, and click Set expiration. The change takes effect on the next request. Removing or extending the expiry keeps the same key secret, name, usage history, and restrictions — only the end date changes.
Does an expired key stop my whole account?
No. Expiry is per key, not per account. Only requests using that specific key get the 401 ER0230 response. Your other keys keep working, and your quota, balance, and subscription are unaffected. If you have several services, give each its own key so an expiry on one never disrupts the others.
Do expired keys still count toward my key limit?
Yes. The active-key limit (up to 20 per workspace, counted separately for Test and Live) counts every key that has not been revoked, so an expired-but-not-revoked key still occupies a slot. If you want to free that slot, revoke the expired key from its row menu. Revoked keys do not count toward the limit.
Can I expire a Test key?
Yes. The expiry setting works the same on Test and Live keys, and the API enforces it on both. A Test key whose date has passed returns the same 401 ER0230 as a Live key, so you can use a short expiry on throwaway Test keys for demos and sandboxes.