Create API Credential
Generate a new API key for a user account.
Request
http
POST /v1/admin/credentials
Authorization: Bearer {admin_key}
Content-Type: application/jsonBody Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Credential name (max 255 chars) |
user_account_id | UUID | Yes | User account this credential belongs to |
network_id | integer | Yes | Cardano network: 0=Mainnet, 1=Preview, 2=Preprod |
description | string | No | Optional description |
expires_at | ISO 8601 | No | Expiration date (must be in future) |
rate_limit_per_minute | integer | No | Rate limit (1-10000, default: 60) |
metadata | object | No | Custom key-value data |
Example Request
bash
curl -X POST "https://api.insight.iagon.com/v1/admin/credentials" \
-H "Authorization: Bearer YOUR_ADMIN_KEY" \
-H "Content-Type: application/json" \
-d '{"name": "Acme Production Key", "user_account_id": "550e8400-e29b-41d4-a716-446655440000", "network_id": 0, "description": "Main production API key", "expires_at": "2027-01-26T00:00:00Z", "rate_limit_per_minute": 120, "metadata": {"environment": "production"}}'Response
Success (201 Created)
json
{
"success": true,
"data": {
"credential": {
"id": "660e8400-e29b-41d4-a716-446655440001",
"name": "Acme Production Key",
"description": "Main production API key",
"api_key_prefix": "iiak_a1b2c3d4",
"created_at": "2026-01-26T12:00:00Z",
"user_account_id": "550e8400-e29b-41d4-a716-446655440000",
"user_account_name": "Acme Corporation",
"user_external_id": "cust_abc123",
"admin_key_id": "770e8400-e29b-41d4-a716-446655440002",
"admin_entity_name": "YourCompany",
"network_id": 0,
"last_used_at": null,
"expires_at": "2027-01-26T00:00:00Z",
"revoked": false,
"revoked_at": null,
"rate_limit_per_minute": 120,
"metadata": {
"environment": "production"
}
},
"api_key": "iiak_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4"
},
"message": "API key created. Store the api_key securely - it will not be shown again."
}Important
The full api_key is only shown once at creation time. It cannot be retrieved later. Store it securely and provide it to your user immediately.
Error Responses
400 Bad Request - Missing user account:
json
{
"success": false,
"error": "user_account_id is required"
}400 Bad Request - Missing or invalid network ID:
json
{
"success": false,
"error": "network_id is required (0=Mainnet, 1=Preview, 2=Preprod)"
}404 Not Found - User account doesn't exist or doesn't belong to you:
json
{
"success": false,
"error": "User account not found"
}400 Bad Request - Invalid expiration:
json
{
"success": false,
"error": "expires_at must be in the future"
}User Account Requirement
Every credential must belong to a user account. This ensures:
- Clear ownership chain: Admin → User → Credential
- Usage tracking aggregated by user for billing
- Access control - you can only manage credentials for your users
Create a user account first, then create credentials for that user.
Notes
- The API key is hashed (SHA-256) before storage - we never store the plain key
- Use
api_key_prefixto identify keys in logs and support requests - Keys are 53 characters:
iiak_prefix + 48 hex chars (192-bit entropy)