API Credentials
API credentials are the keys your users use to authenticate with the Iagon Insight API. Each credential:
- Must belong to a user account (for usage tracking and access control)
- Has configurable rate limits and expiration
- Uses the
iiak_prefix format - Is hashed before storage (shown only once at creation)
Ownership Model
Credentials are scoped through user accounts:
Your Admin Key → Your User Accounts → Your CredentialsYou can only view, create, and revoke credentials for users that belong to your admin key.
Endpoints Overview
| Method | Endpoint | Description |
|---|---|---|
| GET | /v1/admin/credentials | List credentials |
| POST | /v1/admin/credentials | Create credential |
| GET | /v1/admin/credentials/:id | Get credential |
| PATCH | /v1/admin/credentials/:id | Update credential |
| DELETE | /v1/admin/credentials/:id | Revoke credential |
Credential Object
json
{
"id": "660e8400-e29b-41d4-a716-446655440001",
"name": "Acme Production Key",
"description": "Main production API key for Acme",
"api_key_prefix": "iiak_a1b2c3d4",
"created_at": "2026-01-26T12:00:00Z",
"user_account_id": "550e8400-e29b-41d4-a716-446655440000",
"user_account_name": "Acme Corporation",
"user_external_id": "cust_abc123",
"admin_key_id": "770e8400-e29b-41d4-a716-446655440002",
"admin_entity_name": "YourCompany",
"network_id": 0,
"last_used_at": "2026-01-26T15:30:00Z",
"expires_at": null,
"revoked": false,
"revoked_at": null,
"rate_limit_per_minute": 60,
"metadata": {}
}Fields
| Field | Type | Description |
|---|---|---|
id | UUID | Unique identifier |
name | string | Credential name (editable by admin or user) |
description | string | null | Optional description |
api_key_prefix | string | First 13 chars of the key (for identification) |
user_account_id | UUID | Linked user account (required) |
user_account_name | string | null | User's name (convenience field) |
user_external_id | string | null | User's external ID (convenience field) |
admin_key_id | UUID | Admin key that owns this credential (via user) |
admin_entity_name | string | null | Admin entity name (convenience field) |
network_id | integer | Cardano network: 0=Mainnet, 1=Preview, 2=Preprod |
expires_at | ISO 8601 | null | Expiration date (null = never) |
rate_limit_per_minute | integer | Max requests per minute (default: 60) |
revoked | boolean | Whether the key is revoked |
metadata | object | Custom key-value data |
API Key Format
iiak_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4
└─┬──┘└──────────────────────┬────────────────────────┘
prefix 48 hex characters (192-bit entropy)Permission Required
All credential endpoints require the manage_credentials permission.