Authentication

Every request to the Bankr Agent API requires an API key. Keys are passed via the X-API-Key header and always start with bk_.

Getting Your API Key

1. Sign up — Go to bankr.bot and sign in with your email.

2. Verify — Enter the one-time password (OTP) sent to your email.

3. Create API key — Navigate to bankr.bot/api, click Create new key, and enable Agent API access.

4. Copy your key — It starts with bk_. Store it somewhere secure immediately — you will not be able to see it again.

5. Use in requests — Pass the key via the X-API-Key header:

   curl -X POST https://api.bankr.bot/agent/prompt \
     -H "X-API-Key: bk_YOUR_KEY" \
     -H "Content-Type: application/json" \
     -d '{"prompt": "What is my balance?"}'

Security Best Practices

• Store keys in environment variables, never hard-coded in source files.
• Never commit API keys to version control. Add them to your .gitignore or use a secrets manager.
• Use different keys for development and production. If a dev key is exposed, your production agent stays safe.
• Rotate immediately if compromised. You can revoke and regenerate keys at bankr.bot/api.

Danger

Keep your API key secret. Anyone with your key can execute transactions on your wallet. If you suspect your key has been compromised, rotate it immediately at bankr.bot/api.

Coming Soon

• IP whitelist — Restrict API key usage to specific IP addresses for an additional layer of security.
• Customizable per-key permissions — Scope individual keys to read-only, trade-only, or full access.