Skip to main content

API Keys

All API requests are authenticated with an API key. Generate one from the mag3nt dashboard, then include it in every request:
Authorization: Bearer mag3nt_live_your_api_key_here

Using with the SDK

import { Mag3nt } from "@mag3nt/sdk";

const mag3nt = new Mag3nt({
  serverURL: "https://mag3nt.com",
  security: {
    bearerAuth: process.env.MAG3NT_API_KEY,
  },
});

Managing keys

// Generate a new key
const key = await mag3nt.keys.keysCreate();
console.log(key.apiKey);
// ⚠️ Store securely:shown only once

// List active keys
const keys = await mag3nt.keys.keysList();

// Revoke a compromised key
await mag3nt.keys.keysRevoke(keyHash);

// Validate a key is working
const check = await mag3nt.keys.keysValidate();
console.log(check.valid); // true

Best practices

Never expose API keys in client-side code. API keys grant full access to your treasury. Use them only in server-side code or secure agent environments.
  • Use environment variables:never hardcode keys in source
  • One key per agent:if an agent is compromised, revoke only its key
  • Rotate regularly:generate new keys and revoke old ones

Public endpoints

These endpoints require no authentication:
EndpointDescription
statusGetPlatform health
statusGetConfigTreasury addresses and configuration
fundingListTokensSupported tokens per network
payLinksGetPublic pay link details
payLinksResolveResolve pay link for payment
payLinksPreparePrepare payment for a pay link
payLinksSettleSubmit on-chain payment proof