API keys
API keys let you access the Blecon API programmatically — from scripts, server-side applications, or integrations — without using a browser login.
Creating an API key
- In the Blecon Console, go to Account Settings > API Tokens.
- Click Create Token and enter a name (e.g., "Production Integration").
- The system generates a secret key. Copy it immediately — it is only shown once.
If you need to rotate a key, generate a new secret for the same token. This invalidates the previous secret.
Using an API key
Include the key in the Authorization header of your API requests:
Authorization: APIKEY::<your-secret-key>
The key authenticates as the account that created it, with full access to that account's resources.
Key properties
| Property | Value |
|---|---|
| Permission level | Full account access (owner level) |
| Account scope | Locked to the account that created it |
| Lifetime | 365 days from creation |
| Max keys per account | 10 |
Security
- Store keys securely — treat them like passwords.
- API keys cannot access other accounts, even if the creating user is a member of multiple accounts.
- Deleting a token immediately revokes access for all secrets generated from it.
API keys vs browser authentication
| Method | Use case |
|---|---|
| Browser login | Interactive Console and Track access |
| API keys | Scripts, automations, server-to-server integrations |
Both methods access the same API endpoints. API keys are scoped to a single account; browser sessions can switch between accounts.
API reference
The full interactive API reference for the Blecon Network API is available at api.blecon.net/docs. The Tracker API reference is at api.blecon.net/tracker/docs.