LedgerCore
WelcomePortalsLedgerBrain AINewData CatalogAPI ReferenceLLMs.txtAIChangelog
Getting Started

Authentication

Learn how to authenticate your API requests with LedgerLink.

API Keys

LedgerLink uses Bearer token authentication. All API requests must include your API key in the Authorization header.

Getting Your API Key

Contact our team to get your API key:

Using Your API Key

Include your API key in the Authorization header with the Bearer prefix:

Authorization: Bearer YOUR_API_KEY

Example Requests

curl

curl -X GET "http://localhost:8090/api/v1/capabilities" \
  -H "Authorization: Bearer YOUR_API_KEY"

JavaScript/Node.js

const apiKey = process.env.LEDGERLINK_API_KEY;

const response = await fetch('http://localhost:8090/api/v1/capabilities', {
  headers: {
    'Authorization': `Bearer ${apiKey}`
  }
});

Python

import os
import requests

api_key = os.environ.get('LEDGERLINK_API_KEY')

headers = {
    'Authorization': f'Bearer {api_key}'
}

response = requests.get(
    'http://localhost:8090/api/v1/capabilities',
    headers=headers
)

Security Best Practices

✅ Do's

  • Store API keys securely - Use environment variables or secret management systems
  • Rotate keys regularly - Update your API keys periodically
  • Use HTTPS only - Always use secure connections
  • Limit key scope - Request keys with minimal required permissions
  • Monitor usage - Track API calls to detect anomalies

❌ Don'ts

  • Never commit keys to git - Keep API keys out of version control
  • Don't share keys - Each service should have its own key
  • Avoid client-side exposure - Don't use API keys in frontend code
  • Don't log keys - Exclude API keys from application logs

Environment Variables

Store your API key as an environment variable:

Linux/macOS

export LEDGERLINK_API_KEY="your_api_key_here"

Windows (PowerShell)

$env:LEDGERLINK_API_KEY="your_api_key_here"

.env File

LEDGERLINK_API_KEY=your_api_key_here

Error Responses

401 Unauthorized

Missing or invalid API key:

{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  }
}

403 Forbidden

Valid key but insufficient permissions:

{
  "error": {
    "code": "FORBIDDEN",
    "message": "API key does not have permission to access this resource"
  }
}

Testing Your Authentication

Verify your API key is working:

curl -X GET "http://localhost:8090/api/v1/capabilities" \
  -H "Authorization: Bearer YOUR_API_KEY"

Expected response:

{
  "data": {
    "connectors": [...],
    "features": [...],
    "version": "2.1.0"
  }
}

Next Steps

Was this page helpful?