Skip to main content

How auth works

Every request to the gateway must include an x-wallet-address header. When the gateway is not in free mode, requests also require a valid API key via the Authorization header. 
curl -H "x-wallet-address: 0xYourAddress" \
     -H "Authorization: Bearer mako_sk_abc123..." \
     https://gateway.deepmako.com/v1/chat/completions

Create an API key

POST /auth/api-keys
Generates a new API key tied to your wallet address.

Headers

x-wallet-address
string
required
Your EVM wallet address.

Request body

name
string
default:"default"
A label for the key (for your own reference).

Response

{
  "key": "mako_sk_abc123def456...",
  "name": "default",
  "address": "0x1234...abcd",
  "message": "Store this key securely. It won't be shown again."
}
The full API key is only returned once, at creation time. Store it securely — there is no way to retrieve it later.

Free mode

When the gateway is started with FREE_MODE=true, authentication is disabled. All requests are accepted with just the x-wallet-address header, no API key required, and no credits are deducted. This is useful for development and public demos.