Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Profiles

Returns the authenticated user's account info.

get

Returns account information for the currently authenticated user (Bearer token). The username path segment is not used to choose whose profile is returned; authorization alone determines the subject. Clients often pass their own username in the path for URL compatibility. For users with the Standard Registry role the response also includes address book and VC document information.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

Present for URL compatibility with existing clients. The server does not use this value when resolving the resource—the response is always the profile of the user identified by the Bearer token.

Example: username
Responses
200

Successful operation.

application/json
usernamestringRequiredExample: username
rolestring · enumRequiredExample: USERPossible values:
permissionsGroupstring[]OptionalExample: [{}]
permissionsstring[]RequiredExample: ["POLICIES_POLICY_READ"]
didstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
parentstringOptionalExample: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
hederaAccountIdstringOptionalExample: 0.0.6046379
confirmedbooleanOptionalExample: true
failedbooleanOptionalExample: true
topicIdstringOptionalExample: 0.0.6046379
parentTopicIdstringOptionalExample: 0.0.6046379
locationstring · enumOptional

Whether the user account is local, remote, or custom.

Example: localPossible values:
get
/profiles/{username}

Sets Hedera credentials for the authenticated user.

put

Applies to the currently authenticated user (Bearer token). The username path segment is not used to choose whose profile is updated; authorization alone determines the subject. Clients often pass their own username in the path for URL compatibility. Sets Hedera credentials and related DID/VC data. For users with the Standard Registry role it also creates an address book.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

Present for URL compatibility with existing clients. The server does not use this value when applying the update—the request always targets the user identified by the Bearer token.

Example: username
Body
entitystringOptional

Schema entity label; often inferred from the user role when omitted.

topicIdstringOptional

Hedera topic id (e.g. restore / profile flows).

Example: 0.0.7813042
hederaAccountIdstringRequired
hederaAccountKeystring · nullableOptional

Hedera private key (local signing). May be omitted for some remote flows.

parentstring · nullableOptional
useFireblocksSigningbooleanOptionalExample: false
Responses
put
/profiles/{username}
No content

Sets Hedera credentials asynchronously for the authenticated user.

put

Applies to the currently authenticated user (Bearer token). The username path segment is not used to choose whose profile is updated; authorization alone determines the subject. Clients often pass their own username in the path for URL compatibility. Starts a background task to connect Hedera credentials, publish DID/VC documents as required, and for Standard Registry users create an address book. Returns immediately with 202 Accepted and a task identifier—use the worker-tasks API or your client notifications to track completion or errors.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

Present for URL compatibility with existing clients. The server does not use this value when applying the update—the request always targets the user identified by the Bearer token.

Example: username
Body
entitystringOptional

Schema entity label; often inferred from the user role when omitted.

topicIdstringOptional

Hedera topic id (e.g. restore / profile flows).

Example: 0.0.7813042
hederaAccountIdstringRequired
hederaAccountKeystring · nullableOptional

Hedera private key (local signing). May be omitted for some remote flows.

parentstring · nullableOptional
useFireblocksSigningbooleanOptionalExample: false
Responses
put
/profiles/push/{username}

Returns user's Hedera account balance.

get

Requests Hedera account balance.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

The name of the user for whom to fetch the balance.

Example: username
Responses
200

Successful operation.

application/json
stringOptionalExample: 833.88244301 ℏ
get
/profiles/{username}/balance

Restore user data (policy, DID documents, VC documents).

put

Applies to the currently authenticated user (Bearer token). The username path segment is not used to choose whose data is restored; authorization alone determines the subject. Clients often pass their own username in the path for URL compatibility. Starts a background task to restore user data (policy, DID documents, VC documents). Returns immediately with 202 Accepted and a task identifier.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

Present for URL compatibility with existing clients. The server does not use this value when applying the update—the request always targets the user identified by the Bearer token.

Example: username
Body
entitystringOptional

Schema entity label; often inferred from the user role when omitted.

topicIdstringOptional

Hedera topic id (e.g. restore / profile flows).

Example: 0.0.7813042
hederaAccountIdstringRequired
hederaAccountKeystring · nullableOptional

Hedera private key (local signing). May be omitted for some remote flows.

parentstring · nullableOptional
useFireblocksSigningbooleanOptionalExample: false
Responses
put
/profiles/restore/{username}

List of available recovery topics.

put

Applies to the currently authenticated user (Bearer token). The username path segment is not used to choose whose recovery topics are listed; authorization alone determines the subject. Clients often pass their own username in the path for URL compatibility. Starts a background task to list available recovery topics. Returns immediately with 202 Accepted and a task identifier.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
usernamestringRequired

Present for URL compatibility with existing clients. The server does not use this value when applying the update—the request always targets the user identified by the Bearer token.

Example: username
Body
entitystringOptional

Schema entity label; often inferred from the user role when omitted.

topicIdstringOptional

Hedera topic id (e.g. restore / profile flows).

Example: 0.0.7813042
hederaAccountIdstringRequired
hederaAccountKeystring · nullableOptional

Hedera private key (local signing). May be omitted for some remote flows.

parentstring · nullableOptional
useFireblocksSigningbooleanOptionalExample: false
Responses
put
/profiles/restore/topics/{username}

Validate DID document format.

post

Checks the DID document and returns whether required Hedera verification methods (Ed25519 + BLS) are present. Response includes keys grouped by verification method type.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
idstringRequired
@contextstring[] · nullableRequired
alsoKnownAsstring[] · nullableRequired
controllerstring[] · nullableRequired
verificationMethodobject[] · nullableRequired
authenticationobject[] · nullableRequired
assertionMethodobject[] · nullableRequired
keyAgreementobject[] · nullableRequired
capabilityInvocationobject[] · nullableRequired
capabilityDelegationobject[] · nullableRequired
serviceobject[] · nullableRequired
Responses
200

HTTP 200 for both valid and invalid documents; inspect valid and error.

application/json
validbooleanRequired
errorstring · nullableRequired

Error message when valid is false; empty string when valid.

post
/profiles/did-document/validate

Validate DID document keys.

post

For each entry in keys, checks that id matches a verification method in document and that key validates against it. Returns the same array with a valid flag per entry (HTTP 200 even when some keys fail).

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
Responses
200

Array of results in the same order as request keys.

application/json
idstringRequired
keystringRequired
validbooleanRequired
post
/profiles/did-keys/validate

Returns the list of existing keys.

get

Returns the list of existing keys.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
pageIndexnumberOptional

The number of pages to skip before starting to collect the result set

Example: 0
pageSizenumberOptional

The numbers of items to return

Example: 20
Responses
200

Successful operation.

application/json
get
/profiles/keys

Create or import a policy signing key.

post

Registers a policy message key for the authenticated user's DID. Generate: send only messageId—the server creates a private key for that policy. The owner can copy the messageId and returned key from the response and pass them out of band to another person. Import: the recipient calls this endpoint with the same messageId plus the DER-encoded private key they received, so their account can use the policy like the original owner.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
messageIdstringRequired

Policy Message ID

Example: 1773670900.819264517
keystringRequired

DER-encoded private key when importing on the remote user account. Omit when generating for user flow (only messageId).

Example: Key
Responses
200

Successful operation.

application/json
idstringRequired

Key ID

Example: 69aeb71ef8c5b278e3bab4e5
createDatestringRequiredExample: 2026-03-03T17:25:53.312Z
updateDatestringRequiredExample: 2026-03-03T17:25:53.312Z
messageIdstringRequired

Policy Message ID

Example: 1773670900.819264517
ownerstringRequired

Key owner

Example: did:hedera:testnet:Cvzp5kKVUuipBCQjcF54fBjdicvaKsB8zHeQ6Qq22U2Z_0.0.8200599
policyNamestringRequiredExample: Policy name
keystringRequired

New key

Example: Key
post
/profiles/keys

Deletes the key.

delete

Deletes the key with the specified ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Key Identifier

Example: 69aeb71ef8c5b278e3bab4e5
Responses
200

Successful operation.

application/json
booleanOptional
delete
/profiles/keys/{id}

Last updated