0block docs
Dashboard & API Keys

Auth

How the dashboard signs you in, plus session logout and the current-user endpoint.

Beta — rolling out now. The dashboard and its control-plane API are in active rollout. The contract documented here is stable, but availability may vary by deployment.

All routes are under /api/v1. Requests and responses are JSON; timestamps are ISO-8601 UTC. Errors take the form { "error": { "code": "…", "message": "…" } } with a matching HTTP status.

Signing in

You create an account and sign in from the dashboard web UI — there is no public signup or login API to call yourself. When you sign in, the dashboard authenticates you (internally, via a rate-limited POST /auth/login) and manages the resulting session token on your behalf. That token is what authorizes the control-plane endpoints below, along with API Keys and Transactions & Stats.

To submit transactions you don't need a session token at all — you need an API key, which you mint in the dashboard and pass as X-API-Key. See Authentication.

POST /auth/logout

Revoke the current session. Requires Authorization: Bearer <token>.

Response — 204 No Content (empty body)

GET /me

Return the authenticated account. Requires Authorization: Bearer <token>.

Response — 200 OK

{ "id": "…", "email": "[email protected]", "created_at": "2026-07-05T18:00:00Z" }

A missing, invalid, or expired token returns 401 unauthorized.