> For the complete documentation index, see [llms.txt](https://docs.hyperlink.xyz/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.hyperlink.xyz/api/api-keys.md).

# Authentication & Keys

HyperLink authenticates every request with an **EIP-712 signature**, not bearer tokens or API secrets. An API key is an approved **agent wallet**: a keypair your master account authorizes to sign trading actions and read queries on its behalf.

HyperLink is a prime broker for Hyperliquid. It mirrors Hyperliquid's agent model and EIP-712 signing, so existing Hyperliquid tooling works against the HyperLink base URL. For a working signed-request example, see [API Quickstart](/api/setup.md).

## How it works

The agent private key signs each request; the enclave verifies the agent is approved by your master account, then executes. There are no shared secrets.

## Create an API key

### In the web app

1. Connect your master wallet to the [web app](https://app.hyperlink.xyz).
2. Go to **Settings → API** and click **Generate**.
3. Copy and securely store the private key. It is shown **once** and cannot be recovered.

### With the approveAgent action

Generate the agent keypair locally, then approve its address with an `approveAgent` action signed by your **master account** (agents cannot approve other agents). The full schema is in [Exchange Methods](/api/exchange-methods.md).

## Limits and permissions

| Limit                      | Value         |
| -------------------------- | ------------- |
| Named agents per account   | 5             |
| Unnamed agents per account | 1             |
| Agent name length          | 64 characters |

Agents **can** place and cancel orders, update leverage and margin, and run read queries. Agents **cannot** withdraw funds, approve or revoke other agents, or run master-account transfer actions such as `sendAsset` and `usdClassTransfer`. Those require your master account's own user-signed signature. A `readOnly` agent can query but not trade.

## Signing

Each request to `/exchange` (and each WebSocket subscription) carries an EIP-712 signature plus a millisecond `nonce`. There are two signing domains; an SDK selects the right one per action.

| Scheme            | EIP-712 domain               | `chainId` | Used for                                                                   | Signed by               |
| ----------------- | ---------------------------- | --------- | -------------------------------------------------------------------------- | ----------------------- |
| Agent (L1 action) | `Exchange`                   | `1337`    | Orders, cancels, margin, leverage, agent transfers, queries, subscriptions | Agent or master account |
| User-signed       | `HyperliquidSignTransaction` | `42161`   | `withdraw`, `approveAgent`, `usdClassTransfer`, `sendAsset`                | Master account only     |

Both domains use `version` `"1"` and `verifyingContract` `0x0000000000000000000000000000000000000000`.

{% hint style="warning" %}
These signing `chainId` values (`1337`, `42161`) are Hyperliquid-compatible EIP-712 domain values, **not** the HyperEVM network chainId (`999`). Use the network chainId only for direct on-chain contract calls, such as staking.
{% endhint %}

**Nonces:** set `nonce` to the current Unix time in milliseconds. Each is single-use per signer; a nonce older than 2 days or more than 1 day in the future is rejected.

{% hint style="info" %}
Sign with an SDK, not by hand. A bad signature recovers a different address and fails with an unhelpful `"User or API Wallet … does not exist"`. The Hyperliquid SDKs ([TypeScript](https://github.com/nktkas/hyperliquid), [Python](https://github.com/hyperliquid-dex/hyperliquid-python-sdk)) implement both schemes correctly, and the Hyperliquid [signing reference](https://hyperliquid.gitbook.io/hyperliquid-docs/for-developers/api/signing) applies unchanged.
{% endhint %}

Common causes of signing failures: wrong scheme for the action, field-order or encoding mismatches, trailing zeroes on numeric string fields, or upper-case address characters (lowercase addresses before signing).

## Revoke an API key

1. Open **Settings → API** in the [web app](https://app.hyperlink.xyz).
2. Find the agent by name or address.
3. Click **Revoke** and sign with your **master wallet**.

A revoked agent can no longer access your account.

## Next steps

* [API Quickstart](/api/setup.md): base URLs, envelope, and a working example.
* [Exchange Methods](/api/exchange-methods.md): actions, queries, and schemas.
* [WebSocket API](/api/websocket.md): real-time subscriptions.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.hyperlink.xyz/api/api-keys.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
