chore: standardize configuration, logging, and error handling across blockchain node and coordinator API
- Add infrastructure.md and workflow files to .gitignore to prevent sensitive info leaks - Change blockchain node mempool backend default from memory to database for persistence - Refactor blockchain node logger with StructuredLogFormatter and AuditLogger (consistent with coordinator) - Add structured logging fields: service, module, function, line number - Unify coordinator config with Database
This commit is contained in:
oib
85
docs/8_development/6_api-authentication.md
Normal file
85
docs/8_development/6_api-authentication.md
Normal file
@@ -0,0 +1,85 @@
|
||||
---
|
||||
title: API Authentication
|
||||
description: Understanding and implementing API authentication
|
||||
---
|
||||
|
||||
# API Authentication
|
||||
|
||||
All AITBC API endpoints require authentication using API keys.
|
||||
|
||||
## Getting API Keys
|
||||
|
||||
### Production
|
||||
1. Visit the [AITBC Dashboard](https://dashboard.aitbc.io)
|
||||
2. Create an account or sign in
|
||||
3. Navigate to API Keys section
|
||||
4. Generate a new API key
|
||||
|
||||
### Testing/Development
|
||||
For integration tests and development, these test keys are available:
|
||||
- `${CLIENT_API_KEY}` - For client API access
|
||||
- `${MINER_API_KEY}` - For miner registration
|
||||
- `test-tenant` - Default tenant ID for testing
|
||||
|
||||
## Using API Keys
|
||||
|
||||
### HTTP Header
|
||||
```http
|
||||
X-API-Key: your_api_key_here
|
||||
X-Tenant-ID: your_tenant_id # Optional for multi-tenant
|
||||
```
|
||||
|
||||
### Environment Variable
|
||||
```bash
|
||||
export AITBC_API_KEY="your_api_key_here"
|
||||
```
|
||||
|
||||
### SDK Configuration
|
||||
```python
|
||||
from aitbc import AITBCClient
|
||||
|
||||
client = AITBCClient(api_key="your_api_key")
|
||||
```
|
||||
|
||||
## Security Best Practices
|
||||
|
||||
- Never commit API keys to version control
|
||||
- Use environment variables in production
|
||||
- Rotate keys regularly
|
||||
- Use different keys for different environments
|
||||
- Monitor API key usage
|
||||
|
||||
## Rate Limits
|
||||
|
||||
API requests are rate-limited based on your plan:
|
||||
- Free: 60 requests/minute
|
||||
- Pro: 600 requests/minute
|
||||
- Enterprise: 6000 requests/minute
|
||||
|
||||
## Error Handling
|
||||
|
||||
```python
|
||||
from aitbc.exceptions import AuthenticationError
|
||||
|
||||
try:
|
||||
client.jobs.create({...})
|
||||
except AuthenticationError:
|
||||
print("Invalid API key")
|
||||
```
|
||||
|
||||
## Key Management
|
||||
|
||||
### View Your Keys
|
||||
```bash
|
||||
aitbc api-keys list
|
||||
```
|
||||
|
||||
### Revoke a Key
|
||||
```bash
|
||||
aitbc api-keys revoke <key_id>
|
||||
```
|
||||
|
||||
### Regenerate a Key
|
||||
```bash
|
||||
aitbc api-keys regenerate <key_id>
|
||||
```
|
||||
Reference in New Issue
Block a user