Skip to main content
Andres-test only. The partner portal is separate from this docs site and from Idunox staff admin (admin-test.idunox.com). You need portal credentials from Idunox before you can sign in.

What it is

The partner portal lets your IT team create, rotate, and revoke API keys for https://api-test.idunox.com without waiting for Idunox staff to hand off secrets.
ItemValue
Portal URLhttps://partner-test.idunox.com (opens sign-in at /partner)
LoginEmail + password (provided by Idunox during onboarding)
Data APIhttps://api-test.idunox.com/v1/ with X-Api-Key
Docshttps://developers-test.idunox.com
The portal uses Idunox branding with a light/dark theme toggle. Staff manage the same keys from admin-test.idunox.com if needed.

Getting access

  1. Idunox provisions a portal user for your organization (secure channel — not email with API keys).
  2. Open https://partner-test.idunox.com — you are redirected to the sign-in page.
  3. Create your first API key — copy the plaintext key immediately; it is shown once.
Contact partner@idunox.com if you do not have portal access.

Key lifecycle

ActionBehaviour
CreateNew key, default validity 365 days; plaintext shown once
RotateNew key issued; old key stays valid for 24, 48, or 72 hours (overlap window)
RevokeKey stops working immediately
In the portal you always see masked prefix + status (active, expiring, grace, revoked). Full keys are never shown again after create/rotate.

After you have a key

Validate and integrate using the main API: 
curl -H "X-Api-Key: <your-api-key>" \
  https://api-test.idunox.com/v1/partner-auth-probe
Then follow the Integration flow.

API reference (portal)

Authenticated endpoints use JWT after login (Authorization: Bearer <token>).
MethodPathPurpose
POST/v1/partner/auth/loginEmail + password → JWT
GET/v1/partner/meCurrent user + tenant
GET/v1/partner/configPublic config (no auth)
GET/v1/partner/credentialsList keys (masked)
POST/v1/partner/credentialsCreate key (plaintext once)
POST/v1/partner/credentials/:id/rotateRotate with grace period
POST/v1/partner/credentials/:id/revokeRevoke immediately
Full guide (staff): docs/andres-test/PARTNER_PORTAL_API.md in the andres-test repo.

Security

  • Store API keys in a secrets manager — not source control or chat.
  • Use rotation before expiry; the portal shows expires in N days when applicable.
  • Andres-test keys and URLs must not be registered in production partner systems.