API Key
Discover the scopes, account access, limits, and operations available to the current API key.
Call API key discovery before calling resource endpoints. Discovery tells your integration what this key can access, which account ids are visible, and which operations are currently available.
GET /v1/api-key
- Scope: any valid API key
- Parameters: none
- Authentication:
X-API-Key - Use before: accounts, transactions, holdings, and organization requests
Request
curl "https://api.tablewealth.com/v1/api-key" \
-H "X-API-Key: $TABLEWEALTH_API_KEY"const response = await fetch('https://api.tablewealth.com/v1/api-key', {
headers: {
'X-API-Key': process.env.TABLEWEALTH_API_KEY!
}
});
if (!response.ok) {
throw new Error(`Tablewealth API error: ${response.status}`);
}
const body = await response.json();import os
import requests
response = requests.get(
"https://api.tablewealth.com/v1/api-key",
headers={"X-API-Key": os.environ["TABLEWEALTH_API_KEY"]},
timeout=30,
)
response.raise_for_status()
body = response.json()Response fields
Access
scopes: scopes granted to the key.accountScope: whether the key can see all accounts or selected accounts.selectedAccountIds: account ids visible to a selected-account key.
Operations
Use availableOperations as the source of truth for what to call next. Do not infer endpoint access from dashboard permissions or from docs examples.
Discovery links
discovery.openapiUrl: machine-readable OpenAPI schema.discovery.agentGuideUrl: implementation guide for coding agents.conventions: API-wide conventions such as authentication, pagination, and error format.
Common usage
- Create the smallest useful API key in Tablewealth.
- Call
GET /v1/api-key. - Store
availableOperationsin memory for the current run. - Only call endpoints listed for that key.
- Treat empty resource lists as possible account-scope restrictions, not just no data.