Authentication
How to authenticate with the Trunx API using API keys.
API Key Authentication
All Trunx API requests require authentication using an API key. Include your key in the Authorization header as a Bearer token:
curl -H "Authorization: Bearer tk_live_abc123..." \
https://api.trunx.io/didsKey Format
Trunx API keys use the prefix tk_live_ for production keys and tk_test_ for test keys. Keys are hashed using SHA-256 before storage — Trunx never stores your raw API key.
Key Scopes
API keys can be scoped to limit access to specific resources:
| Scope | Description |
|---|---|
sms:send | Send SMS messages |
sms:read | Read SMS messages |
voice:call | Initiate voice calls |
voice:read | Read call records |
campaigns:write | Create and manage campaigns |
campaigns:read | Read campaign data |
dids:manage | Provision and manage DIDs |
webhooks:manage | Create and delete webhooks |
* | Full access (default) |
Caching
Authentication results are cached in Redis with a 60-second TTL for performance. Key revocation takes effect within 60 seconds.
MCP Authentication
The MCP endpoint at /mcp uses the same API key authentication. Pass your key in the Authorization header when establishing the MCP connection.
Rate Limiting
Rate limits are enforced per API key using an atomic Lua-based rate limiter. When you exceed the rate limit, you will receive a 429 Too Many Requests response with a Retry-After header.