Skip to main content
Every endpoint accepts an optional API key: 
Authorization: Bearer aura_live_<your-key>
Reads work without a key (lower IP-based rate limit). Write endpoints under /v1/tx/* require a key with the write:tx scope.

Minting a key

Two-step wallet-signature flow — no email or password.
1

Get a one-time challenge

curl -X POST https://api.aurabets.io/v1/auth/challenge \
  -H 'content-type: application/json' \
  -d '{"address": "1Cef...your-wallet"}'
Response:
{
  "challenge": "Sign this message...",
  "expiresAt": "2026-05-08T19:00:00Z"
}
2

Sign with your wallet

Use your wallet’s signMessage helper with hasher: "alephium" to sign the challenge string. Most Alephium wallets and SDKs support this natively.
3

Submit signature + public key

curl -X POST https://api.aurabets.io/v1/auth/keys \
  -H 'content-type: application/json' \
  -d '{
    "address":   "1Cef...your-wallet",
    "publicKey": "0233...your-pubkey",
    "signature": "abcd...sig",
    "name":      "my-trading-bot"
  }'
Response:
{
  "key": "aura_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "id":  "8d3e...",
  "name": "my-trading-bot",
  "scopes": ["read", "write:tx"],
  "createdAt": "2026-05-08T18:30:00Z"
}
The key value is shown once. Store it securely — it cannot be retrieved later.

Using the key

Pass it as a Bearer token on every request: 
curl https://api.aurabets.io/v1/markets \
  -H 'authorization: Bearer aura_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

Listing & revoking keys

Once authenticated, you can list and revoke your own keys: 
# List
curl https://api.aurabets.io/v1/auth/keys \
  -H 'authorization: Bearer aura_live_xxx'

# Revoke a specific key by id
curl -X DELETE https://api.aurabets.io/v1/auth/keys/<key-id> \
  -H 'authorization: Bearer aura_live_xxx'
See the full schema for these endpoints under the Auth group of the API Reference.

Scopes

ScopeGrants
readAll read endpoints (default for newly minted keys).
write:txBuild-tx endpoints under /v1/tx/*.
Keys are issued with both scopes by default. You can request a read-only key by passing "scopes": ["read"] in the mint request.