Enable secure mode, manage secret keys, and follow best practices for a secure environment.
blnk.json
configuration file to enable secure mode. Set server.secure
to true and provide a strong server.secret_key
.
server.secret_key
) provides full access to all API endpoints. Use it only for administrative tasks and initial setup.
Parameter | Description |
---|---|
name | The name of the API key or service account. |
owner | Unique identifier of the owner or service associated with the API key. |
scopes | A list of permissions granted to the API key (e.g., ledgers:read , balances:write ). |
expires_at | The expiration date and time for the API key in ISO 8601 format. |
resource:action
.
Resources | Description |
---|---|
* | All resources |
ledgers | Ledger management |
balances | Balance operations |
identities | Identity management |
transactions | Transaction processing |
balance-monitors | Balance monitoring |
hooks | Webhook management |
api-keys | API key management |
search | Search operations |
reconciliation | Reconciliation tasks |
metadata | Metadata management |
backup | Backup operations |
Actions | Description |
---|---|
* | All actions |
read | View operations — GET/HEAD |
write | Modify operations — POST/PUT/PATCH |
delete | Delete operations — DELETE |
ledgers:read
: Can only view ledgerstransactions:write
: Can create/modify transactions*:*
: Full access to all resources and actionsblnk.json
from version control (.gitignore
)Status Code | Message |
---|---|
401 Unauthorized | ”Authentication required. Use X-Blnk-Key header” “Invalid API key” “API key is expired or revoked” |
403 Forbidden | ”Insufficient permissions for resource:action” “Unknown resource type” |