Authentication

API Keys

API keys are required for all /api/v1/* data endpoints. Keys can also be managed from the Profile page.

  • Maximum 1 active key per wallet (upgradeable)
  • Keys are prefixed with bsk_
  • Keys are shown as masked hints via GET (e.g. bsk_****XXXX) — save the full key when it is first created
  • Rate limited to 60 requests/minute per key
  • Rate limit headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
POST
/api/v1/auth/keys
Creates a new API key. Returns the plain key.
Auth: Session required

Request Body

Response
{ "label": "My Bot" }  // optional

Response

Response
{
  "id": "clx...",
  "key": "bsk_a1b2c3d4...",
  "label": "My Bot",
  "createdAt": "2026-01-01T00:00:00.000Z"
}
201 Created400 Key limit reached401 Not signed in
GET
/api/v1/auth/keys
Lists all active API keys for the authenticated wallet. Returns masked key hints (not full keys).
Auth: Session required
Response
{
  "keys": [
    {
      "id": "clx...",
      "keyHint": "bsk_****c3d4",
      "label": "My Bot",
      "createdAt": "2026-01-01T00:00:00.000Z",
      "lastUsedAt": "2026-03-13T12:00:00.000Z"
    }
  ]
}
DELETE
/api/v1/auth/keys/{id}
Permanently deletes an API key. The key is immediately invalidated.
Auth: Session required
Response
{ "ok": true, "message": "API key deleted." }
200 Deleted401 Not signed in404 Key not found
Example Code
// Create an API key (requires active SIWE session)
const res = await fetch("https://launchonbasis.com/api/v1/auth/keys", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Cookie": sessionCookie,
  },
  body: JSON.stringify({ label: "My Bot" }),
});
const { key } = await res.json();
// key = "bsk_a1b2c3..."

// Or retrieve existing keys (returns masked hints only)
const listRes = await fetch("https://launchonbasis.com/api/v1/auth/keys", {
  headers: { "Cookie": sessionCookie },
});
const { keys } = await listRes.json();
// keys[0].keyHint = "bsk_****c3d4" — save the full key at creation time!

// Use the API key for v1 data endpoints
const tokens = await fetch("https://launchonbasis.com/api/v1/tokens?limit=10", {
  headers: { "X-API-Key": key },
});