Skip to main content

Authentication

NexaLayer supports API key authentication. Agents, scripts, and automation jobs should send X-API-Key on each request.
curl "https://api.nexalayer.net/v1/account/info" \
  -H "X-API-Key: ak_your_key"

Request an API key by email

curl -X POST "https://api.nexalayer.net/v1/account/request-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "dev@example.com",
    "referral_code": "optional"
  }'
The response does not include the API key. NexaLayer sends it to the mailbox:
{
  "success": true,
  "data": {
    "status": "email_sent",
    "claim_status": "granted",
    "trial_balance": 1,
    "backend_ready": true,
    "message": "If the email address is valid, the API key has been sent."
  }
}
Trial credit can be claimed once per email address. Later requests resend the existing API key.

backend_ready

backend_ready is the real provisioning gate:
  • true: the account is synced and can list products, read balance, and create sessions
  • false: do not create sessions; surface or retry the backend sync problem

Idempotency

For write operations such as session creation, rotation, renewal, and recharge, send an Idempotency-Key:
Idempotency-Key: create-session-20260710-001
This lets agents retry safely without duplicating paid operations.