Skip to main content
API keys are required for user-level and admin-level endpoints. Public endpoints (e.g. token list, plans, chain list) do not require a key.

Ways to get an API key

1. Admin portal (Google sign-in)

If you are an allowed admin:
  1. Open the Alphscan admin portal (URL provided by your deployment).
  2. Sign in with Google (your email must be in the allowed-admins list).
  3. After sign-in, the portal stores an admin API key in the browser (e.g. in local storage). You can copy it from the portal’s API key setting for use in scripts or the SDK.
This key has admin level and can call all endpoints, including system and management APIs.

2. Telegram bot

The Alphscan Telegram bot can issue or manage API keys for users. Interact with the bot in Telegram; it may provide a key after authentication or payment (depending on your setup). See Telegram bot for webhook and admin management.

3. Programmatic (admin only)

Admins can create keys via the API:
  • POST /system/keys with body { "userId", "planId", "level?" } (see Swagger in the API reference tab).
The response includes the secret key; store it securely. The SDK’s client.keys.create() method calls this endpoint when the client is configured with an admin API key.

Using the key

Send the key on every request:
  • Header X-API-Key: your_key
  • Header Authorization: Bearer your_key
The API Gateway expects both. The SDK does this automatically when you set apiKey in settings or in AlphscanProvider (sdk-react).

Key levels

  • user — can call user-level endpoints (e.g. transaction normalized events, payment history).
  • admin — can call all endpoints including system keys, plans, payments, telegram admins, etc.
See the API reference tab (Swagger) for which endpoints require which level.