lighthouse/book/src/api_vc_auth_header.md

Validator Client API: Authorization Header

Overview

The validator client HTTP server requires that all requests have the following HTTP header:

• Name: Authorization
• Value: Bearer <api-token>

Where <api-token> is a string that can be obtained from the validator client host. Here is an example of the Authorization header:

Authorization: Bearer hGut6B8uEujufDXSmZsT0thnxvdvKFBvh

Obtaining the API token

The API token is stored as a file in the validators directory. For most users this is ~/.lighthouse/{network}/validators/api-token.txt, unless overridden using the --http-token-path CLI parameter. Here's an example using the cat command to print the token for mainnet to the terminal, but any text editor will suffice:

cat ~/.lighthouse/mainnet/validators/api-token.txt
hGut6B8uEujufDXSmZsT0thnxvdvKFBvh

When starting the validator client it will output a log message containing the path to the file containing the api token.

Sep 28 19:17:52.615 INFO HTTP API started                        api_token_file: "$HOME/hoodi/validators/api-token.txt", listen_address: 127.0.0.1:5062

The path to the API token may also be fetched from the HTTP API itself (this endpoint is the only one accessible without the token):

curl http://localhost:5062/lighthouse/auth

Response:

{
    "token_path": "/home/karlm/.lighthouse/hoodi/validators/api-token.txt"
}

Example

Here is an example curl command using the API token in the Authorization header:

curl localhost:5062/lighthouse/version -H "Authorization: Bearer hGut6B8uEujufDXSmZsT0thnxvdvKFBvh"

The server should respond with its version:

{"data":{"version":"Lighthouse/v0.2.11-fc0654fbe+/x86_64-linux"}}