API Keys
All interactions with the Havn Finance API require authentication via a Bearer token provided in the Authorization header. Our infrastructure uses high-entropy, cryptographically secure keys tied directly to your registered Web3 wallet address.
Authorization: Bearer havn_live_abc123def456
Obtaining API Keys
- Navigate to the Havn Dashboard.
- Connect your funding wallet (e.g., Phantom or MetaMask).
- Navigate to Developer Settings > API Keys.
- Generate a new key with appropriate permissions (Read-Only or Full Access).
- Store the key securely—it will only be shown once.
Never expose your API key in client-side code, public repositories, or frontend applications. The API is designed for server-to-server communication to protect your funding source.
Key Permissions (Scopes)
API access requires explicit scope grants to limit the blast radius if a key is compromised.
| Scope | Description |
|---|
read:wallet | View linked wallet balances and supported chains. |
read:cards | View issued card details (excluding full PAN) and transaction history. |
write:cards | Request the provisioning of a new virtual card. |
Rate Limits
To protect the liquidity routing engine and banking APIs, rate limits are strictly enforced at the edge.
| Tier | Requests/sec | Requests/day |
|---|
| Developer | 5 | 10,000 |
| Production | 50 | 500,000 |
| Enterprise | Custom | Unlimited |
Rate limit headers are included in every API response:
X-RateLimit-Limit: Your current tier’s request limit.X-RateLimit-Remaining: Number of requests left in the current window.X-RateLimit-Reset: Unix timestamp when the limit resets.
