Authentication

All API endpoints (except /health) require authentication via a Bearer token.

Getting an API Key

Canon is currently in early access. To request a key, email team@canonprotocol.org with the subject "Canon API Early Access" and a brief description of your agent or use case.

Using Your Key

Include your API key in the Authorization header of every request:

Authorization: Bearer YOUR_API_KEY

Example

curl -X POST https://api.canon.trade/v1/validate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"asset": "BTC", "action": "long", "size": 50000, "leverage": 10, "wallet": "0x..."}'

Unauthenticated Endpoints

The following endpoints do not require authentication:

Endpoint	Description
`GET /health`	Service health and readiness status

Error Responses

Missing or invalid credentials return 401 Unauthorized:

{
  "error": "unauthorized",
  "message": "Missing or invalid API key"
}

Getting an API Key​

Using Your Key​

Example​

Unauthenticated Endpoints​

Error Responses​

Getting an API Key

Using Your Key

Example

Unauthenticated Endpoints

Error Responses