Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.kataven.ai/llms.txt

Use this file to discover all available pages before exploring further.

WidgetKeysResource is reachable on every Kataven Node client as client.widgetKeys. Each method maps to one HTTP endpoint on the Hub API; links to the underlying spec entry are inline below. pk_live_ keys are the public identifiers you put in your website’s HTML widget bootstrap. They’re not credentials — domain allowlists keep them safe.

Methods at a glance

MethodHTTPSummary
listGET /api/v1/widget-keysList widget keys
createPOST /api/v1/widget-keysCreate a widget key (returns plaintext pk_live_ ONCE)
updatePATCH /api/v1/widget-keys/{id}Update or revoke a widget key
deleteDELETE /api/v1/widget-keys/{id}Delete or soft-disable a widget key

Reference

client.widgetKeys.list(...)

List widget keys HTTPGET /api/v1/widget-keys · API reference → 
list()
Returns metadata for every pk_live_ widget key in this account. The plaintext key value is never returned by this endpoint — only the last 8 characters and the row id. To recover a lost key, create a new one.

client.widgetKeys.create(...)

Create a widget key (returns plaintext pk_live_ ONCE) HTTPPOST /api/v1/widget-keys · API reference → 
create(input: { name: string; domain_allowlist?: string[]; agent_id?: string | null })
Mints a new pk_live_ public identifier scoped to the caller’s account. The plaintext value is returned in the response body and never again — paste it into the customer’s HTML <script data-client-key="..."> attribute.

client.widgetKeys.update(...)

Update or revoke a widget key HTTPPATCH /api/v1/widget-keys/{id} · API reference → 
update(id: string, patch: { name?: string; domain_allowlist?: string[]; agent_id?: string | null; disabled?: boolean })
Renames the key, replaces the domain allowlist, repins the agent, or revokes (disabled=true sets disabled_at=now() — idempotent).

client.widgetKeys.delete(...)

Delete or soft-disable a widget key HTTPDELETE /api/v1/widget-keys/{id} · API reference → 
delete(id: string)
Hard-deletes the row if the key was never used; otherwise sets disabled_at=now() to preserve the audit trail.