Authentication

Authentication can be handled in two layers, depending on the endpoint:

Some endpoints are protected through a user authentication token, with the frontend passing the user token to a Next.js API handler.

Relevant ledger endpoints also require an API key sent through the header:

x-api-key: YOUR_LEDGER_API_KEY

The API validates that the x-api-key matches the api_key stored on the target ledger.

If the header is missing or invalid, the API returns an authorization error instead of a generic server error.

Successful response example:

{
    "data": {
        "id": "ledger_123",
        "name": "Main Ledger"
    }
}

Error response example:

{
  "error": "Invalid API key"
}

Depending on the layer configuration, responses may also include standardized metadata such as trace IDs, status codes, or internal error codes.

Last updated 1 month ago