Method: projects.locations.keys.clone

Clones the existing key's restriction and display name to a new API key. The service account must have the apikeys.keys.get and apikeys.keys.create permissions in the project. NOTE: Key is a global resource; hence the only supported value for location is global.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



Required. The resource name of the API key to be cloned in the same project.

Authorization requires one or more of the following IAM permissions on the specified resource name:

  • apikeys.keys.get
  • apikeys.keys.create

Request body

The request body contains data with the following structure:

JSON representation
  "keyId": string


User specified key id (optional). If specified, it will become the final component of the key resource name.

The id must be unique within the project, must conform with RFC-1034, is restricted to lower-cased letters, and has a maximum length of 63 characters. In another word, the id must match the regular expression: [a-z]([a-z0-9-]{0,61}[a-z0-9])?.

The id must NOT be a UUID-like string.

Response body

If successful, the response body contains an instance of Operation.

Authorization Scopes

Requires the following OAuth scope:


For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permissions on the name resource:

  • apikeys.keys.get
  • apikeys.keys.create

For more information, see the IAM documentation.