SENTINEL Docs

Authentication

API key authentication for the Sentinel API.

The Sentinel remote API (api.valeo.money) uses API key authentication. The SDK's ApiStorage backend sends the key with each request.

API Keys

Obtain an API key from app.valeo.money or your admin. Keys are prefixed with val_.

Bearer Token Format

The API expects the key in the Authorization header:

Authorization: Bearer val_xxxxxxxxxxxx

Usage in ApiStorage

import { ApiStorage } from "@valeo/x402";

const storage = new ApiStorage({
  apiKey: process.env.VALEO_API_KEY!,
  baseUrl: "https://api.valeo.money",
});

curl Examples

# List payments
curl -H "Authorization: Bearer val_xxx" \
  "https://api.valeo.money/v1/payments"

# Post events
curl -X POST -H "Authorization: Bearer val_xxx" \
  -H "Content-Type: application/json" \
  -d '{"events":[{"agent_id":"agent-1","endpoint":"https://api.example.com","method":"GET"}]}' \
  "https://api.valeo.money/v1/events"

Never commit API keys. Use environment variables or a secrets manager.

Key Rotation

  1. Create a new key in the dashboard
  2. Update your config/env with the new key
  3. Deploy
  4. Revoke the old key

There is no grace period — rotation is immediate.

Policies

Previous Page

Events Ingest

Next Page