Guides
Authentication
How to authenticate API requests using your Blockonomics API key.
Overview
The Blockonomics API uses Bearer token authentication. Your API key is passed in the Authorization header on every request that requires authentication.
Authorization: Bearer YOUR_API_KEY
Public endpoints (like /price) do not require authentication.
Getting Your API Key
- Log into blockonomics.co
- Go to Stores in the dashboard
- Copy the API key shown on that page
Keep your API key secret. Do not expose it in client-side code or public repositories.
Rotating Your API Key
Rotate your key regularly to reduce the risk of unauthorized access:
- In the dashboard, go to Stores
- Click the refresh icon button — a new API key is created automatically
- Update your application with the new key
- Verify your integration works before discarding the old key
Making Authenticated Requests
cURL
bash
curl -X GET "https://www.blockonomics.co/api/balance?addr=YOUR_ADDRESS" \
-H "Authorization: Bearer YOUR_API_KEY"JavaScript
javascript
const response = await fetch('https://www.blockonomics.co/api/balance?addr=YOUR_ADDRESS', {
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
})
const data = await response.json()Python
python
import requests
headers = {'Authorization': 'Bearer YOUR_API_KEY'}
response = requests.get(
'https://www.blockonomics.co/api/balance',
params={'addr': 'YOUR_ADDRESS'},
headers=headers
)
print(response.json())Error Responses
| Status | Meaning |
|---|---|
401 | Missing or invalid API key |
403 | Valid key but insufficient permissions |
A 401 response typically looks like:
json
{ "message": "This function requires you to login" }Security Best Practices
- Store your API key in environment variables, never in source code
- Use server-side code to make authenticated API calls
- Rotate your key from the dashboard if it is ever compromised
- Do not log raw API responses that may contain sensitive address data