diff --git a/specification/security/get_api_key/SecurityGetApiKeyRequest.ts b/specification/security/get_api_key/SecurityGetApiKeyRequest.ts
index 10fee95bda..84ef1f8ce3 100644
--- a/specification/security/get_api_key/SecurityGetApiKeyRequest.ts
+++ b/specification/security/get_api_key/SecurityGetApiKeyRequest.ts
@@ -68,5 +68,12 @@ export interface Request extends RequestBase {
      * @availability serverless
      */
     with_limited_by?: boolean
+    /**
+     * A boolean flag that can be used to query API keys that are currently active. An API key is considered active if it is neither invalidated, nor expired at query time. You can specify this together with other parameters such as `owner` or `name`. If `active_only` is false, the response will include both active and inactive (expired or invalidated) keys.
+     * @server_default false
+     * @availability stack since=8.10.0
+     * @availability serverless
+     */
+    active_only?: boolean
   }
 }