search

Authentication

hashtag
Authentication

Otonix supports two auth modes.

  • Web app sessions: SIWE with Privy embedded wallets.

  • API access: Otonix API keys via X-API-Key.

hashtag
Privy wallets (web app)

  • Each user gets an embedded EVM wallet.

  • The app uses SIWE for wallet-based sessions.

  • Use this when a human is driving the UI.

hashtag
Otonix API keys (server-to-server)

API keys are used by agents and infrastructure.

hashtag
Key format

  • Prefix: otonix_

  • Body: 48 hex characters (random)

  • Example header:

X-API-Key: otonix_a1b2c3d4e5f6...

hashtag
Generate API key

POST /api/keys/generate

triangle-exclamation

The full key is only returned once. Store it securely.

hashtag
List API keys

GET /api/keys

hashtag
Revoke API key

Revocation deactivates all agents linked to the key.

DELETE /api/keys/:id

hashtag
Common auth errors

  • 401 if X-API-Key is missing or invalid.

  • 403 if the key is valid but not authorized for the resource.

PreviousWeb4 conceptsNextAutonomous agents

Last updated