OpenAPI exposes HTTP endpoints for programmatic tenant operations: API key management, usage queries, and more.
- Base URL:
https://www.51kik.com - Path prefix:
/openapi/*
Authentication
Every OpenAPI route requires an access token:
X-Access-Token: ot_your_access_token
Create tokens in the console (prefix ot_). They represent your tenant; tenant_id is resolved server-side — do not send it in requests.
See Access tokens.
Response envelope
Success:
{
"code": 0,
"message": "success",
"data": { }
}
Error responses
HTTP status matches the code field in the body. On failure, data is null.
| HTTP | code | When |
|---|---|---|
| 401 | 401 | Missing X-Access-Token, or token invalid / disabled / expired |
| 400 | 400 | Invalid query/body, or business rule violation (e.g. employee number not found, empty PATCH body, key not found on delete/plaintext) |
| 400 | 40001 | Trace usage filter is not exactly one of trace_id, user_id, agent_name |
| 404 | 404 | Resource not found on GET detail or PATCH (e.g. API key id does not exist) |
Missing token:
{
"code": 401,
"message": "X-Access-Token header is required for OpenAPI endpoints.",
"data": null
}
Invalid, disabled, or expired token:
{
"code": 401,
"message": "The access token is invalid, disabled, or expired.",
"data": null
}
Invalid trace usage filter (HTTP 400):
{
"code": 40001,
"message": "必须且只能提供 trace_id、user_id、agent_name 中的一个",
"data": null
}
Available endpoints
| Capability | Doc |
|---|---|
| API key CRUD | API key management |
| Usage by trace / user / agent | Trace usage |
Related
- Correlation headers: Request correlation