API keys
API keys let you access the Blecon API programmatically — from scripts, server-side applications, or integrations — without using a browser login.
Creating an API key
You can create API keys from either the Blecon Console or from within Blecon Track.
From the Blecon Console:
- Go to Account Settings > API Tokens.
- Click Create Token and enter a name (e.g., "Production Integration").
- The system generates a secret key. Copy it immediately — it is only shown once.
From Blecon Track:
- Open Workspace Settings and go to the Track API tab.
- Enter a name and click Create.
- The secret key is shown immediately. Copy it now — it cannot be shown again.
If you need to rotate a key, generate a new secret for the same token. This invalidates the previous secret.
What a key can access
A single API key gives access to both Blecon APIs:
| API | What it covers | Reference |
|---|---|---|
| Blecon Network API | Networks, devices, hotspots, data routing, integrations | api.blecon.net/docs |
| Tracker API | Assets, zones, rules, alerts, webhooks, workspace members | api.blecon.net/tracker/docs |
The key is scoped to the Blecon Network account it was created in. Because Blecon Track workspaces sit on top of a Network account, a key also gives access to all Track workspaces linked to that Network account. It cannot access other Network accounts or their workspaces.
Using an API key
Include the key in the Authorization header of your API requests:
Authorization: APIKEY::<your-secret-key>
Key properties
| Property | Value |
|---|---|
| Permission level | Full account access (owner level) |
| Account scope | Locked to the account that created it |
| Lifetime | 365 days from creation |
| Max keys per account | 10 |
Security
- Store keys securely — treat them like passwords.
- API keys cannot access other accounts, even if the creating user is a member of multiple accounts.
- Deleting a token immediately revokes access for all secrets generated from it.
API keys vs browser authentication
| Method | Use case |
|---|---|
| Browser login | Interactive Console and Track access |
| API keys | Scripts, automations, server-to-server integrations |
Both methods access the same API endpoints. API keys are scoped to a single account; browser sessions can switch between accounts.
API reference
The full interactive API reference for the Blecon Network API is available at api.blecon.net/docs. The Tracker API reference is at api.blecon.net/tracker/docs.