As of May 21 2025, we’ve added new built-in tools to the Responses API—remote MCP servers, Image Generation, Code Interpreter, and an upgraded File Search—along with background mode and encrypted content, so you can build agents that pull richer context and run more reliably. For details, see our Responses API docs.
You can set permissions for each of your API when you create a new secret key or by editing an existing key.
To create a new secret key, select Create new secret key in API Keys page of the Developer Platform. Once created, you can edit a key by selecting the edit icon to the right of the key, as below.
Three levels of permissions are available: All, Restricted, and Read Only.
All ― Full permissions are set for the secret key. This is the default setting.
Restricted ― Enables the user to set None, Read, and Write permissions for each endpoint.
For example, you create an API key that specifically does not have permission to Read or Write to the /v1/assistants endpoint:
Read Only ― Read permissions are set for all endpoints.