---
title: "Create new credentials for a database"
description: "Create a new API key for a database.

Supports `read`, `write`, `read-write` privileges for CORE databases. Defaults to `read-write`.
"
---

# Create new credentials for a database

> For the complete documentation index see: [llms.txt](https://aerospike.com/docs/llms.txt)
> 
> All documentation pages available in markdown.

POST

/database/clusters/{clusterId}/credentials

-   

Create a new API key for a database.

Supports `read`, `write`, `read-write` privileges for CORE databases. Defaults to `read-write`.

## Authorizations

-   **[publicOauth2](https://aerospike.com/docs/cloud/reference/api/#publicoauth2)**
    
    update:database
    

## Parameters

### Path Parameters

**clusterId**

required

string

format: uuid

A cluster ID.

## Request Body

Create cluster credentials request

object

**name**

required

Allowed values:

null

acs-admin

admin

cluster-manager

aerospike-prometheus-exporter

aerospike-backup

aerospike-collectinfo

dataplane-agent

read

write

read-write

read-write-udf

truncate

data-admin

sindex-admin

sys-admin

udf-admin

user-admin

**roles**

required

A list of privileges granted to these credentials

Array<string>

default: read-write

\>= 1 items

unique items

Allowed values:

read

write

read-write

read-write-udf

truncate

data-admin

sindex-admin

udf-admin

**password**

required

Password to be used for these credentials

string

format: password

\>= 8 characters

<= 256 characters

## Responses

### 201

New cluster credentials. **Note:** This is the only time the password is returned. If the password is lost new credentials should be generated.

##### Response Headers

**X-Request-Id**

string

Example:

b0658b67-8ea3-46de-a3b8-18c3f5347def

ID uniquely identifying the request/response cycle.

##### Response Schema

object

**id**

required

Unique identifier for this resource within Aerospike Cloud

string

Example:

e2e81cba-446e-4ff9-9b92-9a9992af44c6

**name**

required

Allowed values:

null

acs-admin

admin

cluster-manager

aerospike-prometheus-exporter

aerospike-backup

aerospike-collectinfo

dataplane-agent

read

write

read-write

read-write-udf

truncate

data-admin

sindex-admin

sys-admin

udf-admin

user-admin

**roles**

required

A list of privileges granted to these credentials

Array<string>

default: read-write

\>= 1 items

unique items

Allowed values:

read

write

read-write

read-write-udf

truncate

data-admin

sindex-admin

udf-admin

**status**

required

The status of a user credential

string

Allowed values:

creating

active

failed

revoked

Example:

active

**createdAt**

required

Timestamp when the resource was created

string

format: date-time

**password**

required

Password to be used for these credentials

string

format: password

\>= 1 characters

<= 256 characters

##### Example

Content type: application/json

Copied!

{ 

{

"id": "e2e81cba-446e-4ff9-9b92-9a9992af44c6",

"name": "a-user-name",

"roles": \[ 

"read"

\],

"createdAt": "string",

"password": "string"

}

### 400

Invalid input

##### Response Headers

**X-Request-Id**

string

Example:

b0658b67-8ea3-46de-a3b8-18c3f5347def

ID uniquely identifying the request/response cycle.

##### Response Schema

RFC 9457 Problem Details for HTTP APIs. Provides a standardized format for conveying error details in HTTP responses.

object

**type**

required

URN-based error type identifiers following the pattern: urn:aerospike:errors:{category}:{specific}

Resource information (cluster, database, organization, etc.) is provided in the ProblemDetails context field, not in the URN.

string

Allowed values:

urn:aerospike:errors:auth:unauthorized

urn:aerospike:errors:auth:token-expired

urn:aerospike:errors:resource:not-found

urn:aerospike:errors:resource:already-exists

urn:aerospike:errors:validation:failed

urn:aerospike:errors:system:internal

urn:aerospike:errors:system:unavailable

urn:aerospike:errors:ratelimit:exceeded

**title**

required

A short, human-readable summary of the problem type

string

Example:

Resource Not Found

**status**

required

The HTTP status code

integer

Example:

404

**detail**

A human-readable explanation specific to this occurrence

string

Example:

The requested cluster could not be found.

**instance**

A URI reference that identifies the specific occurrence

string

format: uri

**context**

Any of:

-   [object](#tab-panel-288)
-   [object](#tab-panel-289)
-   [object](#tab-panel-290)

Context for resource-related errors (not-found, already-exists)

object

**resource**

Type of resource (e.g., cluster, database, organization)

string

Example:

cluster

**id**

Identifier of the resource

string

Example:

abc-123

Structured context for validation errors

object

**missing**

JSON Pointer paths to missing required fields

Array<string>

Example:

\[ "/user/email", "/user/password", "/user/firstName" \]

**invalid**

Details about invalid field values

Array<object>

object

**field**

required

JSON Pointer path to the invalid field

string

Example:

/user/phoneNumber

**type**

required

URN identifying the specific validation error type

string

format: uri

Allowed values:

urn:aerospike:errors:validation:failed

urn:aerospike:errors:validation:invalid-phone-format

urn:aerospike:errors:validation:invalid-email-format

urn:aerospike:errors:validation:invalid-date-format

urn:aerospike:errors:validation:invalid-url-format

urn:aerospike:errors:validation:out-of-range

urn:aerospike:errors:validation:too-long

urn:aerospike:errors:validation:too-short

Example:

urn:aerospike:errors:validation:failed

**description**

An optional human-readable description of the validation error

string

object

**_key_**

additional properties

any

**message**

Developer-friendly message explaining the error. Deprecated: Use ‘detail’ field instead.

string

Example:

The requested cluster could not be found.

##### Example

Example:

{ "type": "urn:aerospike:errors:validation:failed", "title": "Validation Error", "status": 400, "detail": "The provided information is not in the correct format.", "instance": "string", "context": { "invalid": \[ { "field": "/name", "type": "urn:aerospike:errors:validation:too-long" }, { "field": "/region", "type": "urn:aerospike:errors:validation:too-short" } \] }, "message": "The provided information is not in the correct format." }

### 401

Access token is missing or invalid

##### Response Headers

**X-Request-Id**

string

Example:

b0658b67-8ea3-46de-a3b8-18c3f5347def

ID uniquely identifying the request/response cycle.

##### Response Schema

RFC 9457 Problem Details for HTTP APIs. Provides a standardized format for conveying error details in HTTP responses.

object

**type**

required

URN-based error type identifiers following the pattern: urn:aerospike:errors:{category}:{specific}

Resource information (cluster, database, organization, etc.) is provided in the ProblemDetails context field, not in the URN.

string

Allowed values:

urn:aerospike:errors:auth:unauthorized

urn:aerospike:errors:auth:token-expired

urn:aerospike:errors:resource:not-found

urn:aerospike:errors:resource:already-exists

urn:aerospike:errors:validation:failed

urn:aerospike:errors:system:internal

urn:aerospike:errors:system:unavailable

urn:aerospike:errors:ratelimit:exceeded

**title**

required

A short, human-readable summary of the problem type

string

Example:

Resource Not Found

**status**

required

The HTTP status code

integer

Example:

404

**detail**

A human-readable explanation specific to this occurrence

string

Example:

The requested cluster could not be found.

**instance**

A URI reference that identifies the specific occurrence

string

format: uri

**context**

Any of:

-   [object](#tab-panel-291)
-   [object](#tab-panel-292)
-   [object](#tab-panel-293)

Context for resource-related errors (not-found, already-exists)

object

**resource**

Type of resource (e.g., cluster, database, organization)

string

Example:

cluster

**id**

Identifier of the resource

string

Example:

abc-123

Structured context for validation errors

object

**missing**

JSON Pointer paths to missing required fields

Array<string>

Example:

\[ "/user/email", "/user/password", "/user/firstName" \]

**invalid**

Details about invalid field values

Array<object>

object

**field**

required

JSON Pointer path to the invalid field

string

Example:

/user/phoneNumber

**type**

required

URN identifying the specific validation error type

string

format: uri

Allowed values:

urn:aerospike:errors:validation:failed

urn:aerospike:errors:validation:invalid-phone-format

urn:aerospike:errors:validation:invalid-email-format

urn:aerospike:errors:validation:invalid-date-format

urn:aerospike:errors:validation:invalid-url-format

urn:aerospike:errors:validation:out-of-range

urn:aerospike:errors:validation:too-long

urn:aerospike:errors:validation:too-short

Example:

urn:aerospike:errors:validation:failed

**description**

An optional human-readable description of the validation error

string

object

**_key_**

additional properties

any

**message**

Developer-friendly message explaining the error. Deprecated: Use ‘detail’ field instead.

string

Example:

The requested cluster could not be found.

##### Example

Example:

{ "type": "urn:aerospike:errors:auth:token-expired", "title": "Token Expired", "status": 401, "detail": "Your session has expired. Please log in again.", "instance": "string", "context": { "resource": "cluster", "id": "abc-123" }, "message": "Your session has expired. Please log in again." }

### 403

Permission denied

##### Response Headers

**X-Request-Id**

string

Example:

b0658b67-8ea3-46de-a3b8-18c3f5347def

ID uniquely identifying the request/response cycle.

##### Response Schema

RFC 9457 Problem Details for HTTP APIs. Provides a standardized format for conveying error details in HTTP responses.

object

**type**

required

URN-based error type identifiers following the pattern: urn:aerospike:errors:{category}:{specific}

Resource information (cluster, database, organization, etc.) is provided in the ProblemDetails context field, not in the URN.

string

Allowed values:

urn:aerospike:errors:auth:unauthorized

urn:aerospike:errors:auth:token-expired

urn:aerospike:errors:resource:not-found

urn:aerospike:errors:resource:already-exists

urn:aerospike:errors:validation:failed

urn:aerospike:errors:system:internal

urn:aerospike:errors:system:unavailable

urn:aerospike:errors:ratelimit:exceeded

**title**

required

A short, human-readable summary of the problem type

string

Example:

Resource Not Found

**status**

required

The HTTP status code

integer

Example:

404

**detail**

A human-readable explanation specific to this occurrence

string

Example:

The requested cluster could not be found.

**instance**

A URI reference that identifies the specific occurrence

string

format: uri

**context**

Any of:

-   [object](#tab-panel-294)
-   [object](#tab-panel-295)
-   [object](#tab-panel-296)

Context for resource-related errors (not-found, already-exists)

object

**resource**

Type of resource (e.g., cluster, database, organization)

string

Example:

cluster

**id**

Identifier of the resource

string

Example:

abc-123

Structured context for validation errors

object

**missing**

JSON Pointer paths to missing required fields

Array<string>

Example:

\[ "/user/email", "/user/password", "/user/firstName" \]

**invalid**

Details about invalid field values

Array<object>

object

**field**

required

JSON Pointer path to the invalid field

string

Example:

/user/phoneNumber

**type**

required

URN identifying the specific validation error type

string

format: uri

Allowed values:

urn:aerospike:errors:validation:failed

urn:aerospike:errors:validation:invalid-phone-format

urn:aerospike:errors:validation:invalid-email-format

urn:aerospike:errors:validation:invalid-date-format

urn:aerospike:errors:validation:invalid-url-format

urn:aerospike:errors:validation:out-of-range

urn:aerospike:errors:validation:too-long

urn:aerospike:errors:validation:too-short

Example:

urn:aerospike:errors:validation:failed

**description**

An optional human-readable description of the validation error

string

object

**_key_**

additional properties

any

**message**

Developer-friendly message explaining the error. Deprecated: Use ‘detail’ field instead.

string

Example:

The requested cluster could not be found.

##### Example

Example:

{ "type": "urn:aerospike:errors:auth:unauthorized", "title": "Unauthorized", "status": 403, "detail": "You don't have permission to access this resource.", "instance": "string", "context": { "resource": "cluster", "id": "abc-123" }, "message": "You don't have permission to access this resource." }

### 500

Internal Server Error

##### Response Headers

**X-Request-Id**

string

Example:

b0658b67-8ea3-46de-a3b8-18c3f5347def

ID uniquely identifying the request/response cycle.

##### Response Schema

RFC 9457 Problem Details for HTTP APIs. Provides a standardized format for conveying error details in HTTP responses.

object

**type**

required

URN-based error type identifiers following the pattern: urn:aerospike:errors:{category}:{specific}

Resource information (cluster, database, organization, etc.) is provided in the ProblemDetails context field, not in the URN.

string

Allowed values:

urn:aerospike:errors:auth:unauthorized

urn:aerospike:errors:auth:token-expired

urn:aerospike:errors:resource:not-found

urn:aerospike:errors:resource:already-exists

urn:aerospike:errors:validation:failed

urn:aerospike:errors:system:internal

urn:aerospike:errors:system:unavailable

urn:aerospike:errors:ratelimit:exceeded

**title**

required

A short, human-readable summary of the problem type

string

Example:

Resource Not Found

**status**

required

The HTTP status code

integer

Example:

404

**detail**

A human-readable explanation specific to this occurrence

string

Example:

The requested cluster could not be found.

**instance**

A URI reference that identifies the specific occurrence

string

format: uri

**context**

Any of:

-   [object](#tab-panel-297)
-   [object](#tab-panel-298)
-   [object](#tab-panel-299)

Context for resource-related errors (not-found, already-exists)

object

**resource**

Type of resource (e.g., cluster, database, organization)

string

Example:

cluster

**id**

Identifier of the resource

string

Example:

abc-123

Structured context for validation errors

object

**missing**

JSON Pointer paths to missing required fields

Array<string>

Example:

\[ "/user/email", "/user/password", "/user/firstName" \]

**invalid**

Details about invalid field values

Array<object>

object

**field**

required

JSON Pointer path to the invalid field

string

Example:

/user/phoneNumber

**type**

required

URN identifying the specific validation error type

string

format: uri

Allowed values:

urn:aerospike:errors:validation:failed

urn:aerospike:errors:validation:invalid-phone-format

urn:aerospike:errors:validation:invalid-email-format

urn:aerospike:errors:validation:invalid-date-format

urn:aerospike:errors:validation:invalid-url-format

urn:aerospike:errors:validation:out-of-range

urn:aerospike:errors:validation:too-long

urn:aerospike:errors:validation:too-short

Example:

urn:aerospike:errors:validation:failed

**description**

An optional human-readable description of the validation error

string

object

**_key_**

additional properties

any

**message**

Developer-friendly message explaining the error. Deprecated: Use ‘detail’ field instead.

string

Example:

The requested cluster could not be found.

##### Example

Example:

{ "type": "urn:aerospike:errors:system:internal", "title": "Internal Server Error", "status": 500, "detail": "An unexpected error occurred. Please try again later.", "instance": "string", "context": { "resource": "cluster", "id": "abc-123" }, "message": "An unexpected error occurred. Please try again later." }