API Reference
Authentication
How to authenticate with the Integration API using API keys.
Overview
The Integration API uses API keys for authentication. Every request to a protected endpoint must include a valid key in the x-api-key header. Keys are scoped to a single tenant and evaluated per-request against the tenant's active entitlements.
API key header
| Header | Value |
|---|---|
x-api-key | Your API key (e.g. ak_live_...) |
Example request
Authenticated request
curl -X GET https://api.anankelabs.net/v1/trust/issuances \
-H "x-api-key: ak_live_xxxxxxxxxxxxxxxxxxxx"SDK (automatic)
import { AnankeClient } from "@ananke/sdk";
// The SDK includes the header automatically
const client = new AnankeClient({
apiKey: process.env.ANANKE_API_KEY!,
});
const docs = await client.trust.documents.list();Response on failure
| Status | Code | Cause |
|---|---|---|
401 | UNAUTHORIZED | Missing header, malformed key, or key does not exist. |
403 | FORBIDDEN | Key is valid but the tenant's quota or entitlement check failed, or the tenant is suspended. |
401 response
{
"status": 401,
"code": "UNAUTHORIZED",
"message": "Missing or invalid API key."
}Public endpoints
Verification endpoints (/v1/trust/verify/* and /v1/tcode/verify/*) and reference data endpoints (/v1/reference-data/*) do not require an API key. They are publicly accessible by design.
Next steps
- Ananke Trust endpoints — Issuance, verification, and templates.
- Ananke TCode endpoints — Stamps, verification, and templates.
- Authentication guide — Deeper overview of auth model.