Skip to main content

Obtaining API Keys

  1. Log in to the Admina dashboard
  2. Select Settings from the top-right user settings menu
  3. Choose API Keys in the left navigation menu
  4. Click the Create New API Key button
  5. Enter a name for the API key and set an expiration date if necessary
  6. Click the Create button to generate the API key
  7. Copy and save the displayed API key in a secure location
Issued API keys begin with the mb_live_ prefix and are about 47 characters long (e.g. mb_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx).
The API key is displayed only once. Be sure to save it in a secure location.

Adding Authentication to Requests

All API requests must include the API key in the X-API-Key header.

Header Format

X-API-Key: YOUR_API_KEY

Example with cURL

curl -H "X-API-Key: YOUR_API_KEY" \
  https://assist.i.moneyforward.com/api/v1/sessions

Example with JavaScript

const response = await fetch('https://assist.i.moneyforward.com/api/v1/sessions', {
  headers: {
    'X-API-Key': 'YOUR_API_KEY'
  }
});

Security Best Practices

  • Do not embed API keys in source code or client-side code
  • Use environment variables or secret management systems to manage API keys
  • Delete API keys that are no longer needed
  • Consider rotating API keys regularly
  • Monitor for API access from unexpected locations

Authentication Errors

When the X-API-Key header is missing or invalid, the API returns HTTP 401 with the following body:
{
  "ok": false,
  "error": "Missing or invalid API key"
}
If you see this error, verify the X-API-Key header value and whether the key has expired.
Last modified on May 18, 2026