All API requests require authentication via an API key passed in the X-API-Key header. Trusset uses two key systems depending on the API you are accessing.
Instance API keys authenticate requests to the core platform APIs (Customers, Tokenization, Trading, Lending, Custody). Each key is bound to a specific and grants access only to that instance’s data and services.The current key format is:
Copy
trusset_{instanceRef}_{secret}
instanceRef is an 8-character alphanumeric identifier for your instance. secret is a 64-character hex string. A complete key is 81 characters long.Instance API keys are managed through the API Key Management dashboard or via the key management API. Keys support rotation with a configurable overlap period: when you rotate a key, the old key enters a PENDING_ROTATION state and remains valid for 7 days, giving you time to update all consumers without downtime. Each instance supports up to 10 active keys.
Endpoints protected by instance auth also enforce service-level access. If your instance does not have a required service enabled (e.g., tokenization), the request returns 403 with code SERVICE_NOT_ENABLED.
The MiCA Register API uses its own key system with the prefix trusset_mica_. These keys are free and provide access exclusively to the MiCA Register endpoints.Register at trusset.org/mica-register to generate your key. After registration you receive two credentials:
API Key (trusset_mica_...) - used in X-API-Key for data requests
Management Token - used in Authorization: Bearer ... for key management operations (rotating, revoking)
Store both credentials securely. They cannot be retrieved after initial generation.
