All Oura402 API requests require authentication using an API key.
API Key Authentication
Include your API key in the Authorization header of every request:
Authorization: Bearer YOUR_API_KEY
Example Request
curl -X GET https://api.oura402.dev/token/info/MINT_ADDRESS \
-H "Authorization: Bearer your_api_key_here"
Obtaining an API Key
Navigate to your dashboard
Go to the "API Keys" section
Copy and securely store your API key
Important: Your API key is sensitive. Never share it publicly or commit it to version control.
Security Best Practices
Use Environment Variables
Store your API key in environment variables:
Server-Side Only
Never expose your API key in:
Always make API calls from your backend server.
Rotate Keys Regularly
Periodically rotate your API keys:
Update your application with the new key
Delete the old key once migration is complete
Rate Limits by Plan
Different API keys have different rate limits based on your plan:
See Rate Limits for more information.
Testing Authentication
To verify your API key is working:
A successful response indicates your API key is valid.
Authentication Errors
401 Unauthorized
Your API key is missing or invalid:
Solution: Check that you're including the correct API key in the Authorization header.
Your API key doesn't have permission for the requested resource:
Solution: Ensure your plan includes access to the endpoint you're trying to use.
WebSocket Authentication
For WebSocket connections, authentication is handled differently. See WebSocket API for details.
Last updated
