> ## Documentation Index > Fetch the complete documentation index at: https://docs.versori.com/llms.txt > Use this file to discover all available pages before exploring further. # Create Signing Key > CreateSigningKey creates a new Signing Key for the Organisation. This API creates a new RSA key pair, storing the public key and returning the private key. The private key must be kept secure and should not be shared publicly as it has the ability to sign JWTs which can be used to authenticate to Versori APIs on behalf of your Organisation (or scoped to a specific End User within Versori Embedded). If the private key is lost, it cannot be recovered and a new key pair must be generated. In this scenario, it is the Organisation's responsibility to delete the Signing Key from Versori so that any JWTs signed by the lost key are invalidated. ## OpenAPI ````yaml /openapi/organisations-api-v1.yaml post /organisations/{organisation_id}/keys openapi: 3.1.0 info: title: Organisations API description: >- The Organisations API provides users the ability to manage their organisations. version: v1 servers: - url: https://platform.versori.com/api/organisations/v1 description: Production server - url: http://localhost:8081/v1 description: Localhost security: [] tags: - name: organisations description: > Organisations is the root-level entity for the Versori platform. All resources are scoped under an Organisation, each Organisation has an owner and can have multiple members. - name: signing-keys description: > Signing keys are used to sign JWTs which can be used to authenticate requests to the Versori platform. paths: /organisations/{organisation_id}/keys: parameters: - $ref: '#/components/parameters/organisation_id' post: tags: - signing-keys summary: Create Signing Key description: > CreateSigningKey creates a new Signing Key for the Organisation. This API creates a new RSA key pair, storing the public key and returning the private key. The private key must be kept secure and should not be shared publicly as it has the ability to sign JWTs which can be used to authenticate to Versori APIs on behalf of your Organisation (or scoped to a specific End User within Versori Embedded). If the private key is lost, it cannot be recovered and a new key pair must be generated. In this scenario, it is the Organisation's responsibility to delete the Signing Key from Versori so that any JWTs signed by the lost key are invalidated. operationId: CreateSigningKey requestBody: content: application/json: schema: $ref: '#/components/schemas/CreatePublicKey' responses: '204': description: OK content: application/json: schema: $ref: '#/components/schemas/SigningKeySet' default: description: Error content: application/json: schema: $ref: '#/components/schemas/Error' components: parameters: organisation_id: name: organisation_id in: path x-go-name: OrganisationID required: true schema: type: string schemas: CreatePublicKey: type: object properties: name: type: string description: Name of the public key. required: - name SigningKeySet: type: object properties: id: description: Unique identifier for the public key. type: string format: ulid x-go-name: ID x-go-type: ulid.ULID x-go-type-import: path: versori.dev/vergo/ulid name: type: string description: Name of the public key. example: Organisation Public Key 1 publicKey: type: string description: The public key in PEM format. privateKey: type: string description: The private key in PEM format. createdAt: type: string format: date-time description: Timestamp when the public key was created. example: '2023-01-01T12:00:00Z' required: - createdAt - privateKey - publicKey - name - id Error: type: object properties: code: type: string description: Code is a machine-readable error code. message: type: string description: Message is a human-readable error message. cause: type: string x-go-type-skip-optional-pointer: true required: - code - message ````