fix(api-keys): remove billed account check during api key generation (#2476)

waleedlatif1 · web-flow · commit 65787d7cc3b2 · 2025-12-19T11:33:00.000-08:00
diff --git a/apps/sim/app/api/workspaces/[id]/api-keys/route.ts b/apps/sim/app/api/workspaces/[id]/api-keys/route.ts
@@ -98,23 +98,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
       return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
     }
 
-    const workspaceRows = await db
-      .select({ billedAccountUserId: workspace.billedAccountUserId })
-      .from(workspace)
-      .where(eq(workspace.id, workspaceId))
-      .limit(1)
-
-    if (!workspaceRows.length) {
-      return NextResponse.json({ error: 'Workspace not found' }, { status: 404 })
-    }
-
-    if (workspaceRows[0].billedAccountUserId !== userId) {
-      return NextResponse.json(
-        { error: 'Only the workspace billing account can create workspace API keys' },
-        { status: 403 }
-      )
-    }
-
     const body = await request.json()
     const { name } = CreateKeySchema.parse(body)
 
@@ -202,23 +185,6 @@ export async function DELETE(
       return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
     }
 
-    const workspaceRows = await db
-      .select({ billedAccountUserId: workspace.billedAccountUserId })
-      .from(workspace)
-      .where(eq(workspace.id, workspaceId))
-      .limit(1)
-
-    if (!workspaceRows.length) {
-      return NextResponse.json({ error: 'Workspace not found' }, { status: 404 })
-    }
-
-    if (workspaceRows[0].billedAccountUserId !== userId) {
-      return NextResponse.json(
-        { error: 'Only the workspace billing account can delete workspace API keys' },
-        { status: 403 }
-      )
-    }
-
     const body = await request.json()
     const { keys } = DeleteKeysSchema.parse(body)
 
