> ## Documentation Index
> Fetch the complete documentation index at: https://docs.oneclickdz.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Valider le Token d'Accès

> Valider votre clé API et obtenir des informations sur le compte

## Vue d'Ensemble

L'endpoint de validation vous permet de vérifier que votre clé API est valide et de récupérer les informations sur le compte associé ainsi que les permissions de la clé.

<Info>
  Cet endpoint est utile pour vérifier la validité de la clé API lors du
  démarrage de l'application ou après la rotation de la clé.
</Info>

## Réponse

<ResponseField name="success" type="boolean" required>
  `true` si la validation a réussi
</ResponseField>

<ResponseField name="data" type="object" required>
  <Expandable title="properties">
    <ResponseField name="username" type="string">
      Nom d'utilisateur associé à la clé API
    </ResponseField>

    <ResponseField name="apiKey" type="object">
      Détails de la clé API

      <Expandable title="properties">
        <ResponseField name="key" type="string">
          Votre clé API
        </ResponseField>

        <ResponseField name="isEnabled" type="boolean">
          Indique si la clé est actuellement active
        </ResponseField>

        <ResponseField name="type" type="string">
          Type de clé : `"SANDBOX"` ou `"PRODUCTION"`
        </ResponseField>

        <ResponseField name="allowedips" type="array">
          Tableau des adresses IP autorisées,
          un tableau vide `[]` signifie que toutes les IP sont autorisées.
        </ResponseField>

        <ResponseField name="scope" type="string">
          Niveau d'accès : `"READ-WRITE"` ou `"READ-ONLY"`
        </ResponseField>
      </Expandable>
    </ResponseField>
  </Expandable>
</ResponseField>

## Exemple de Requête

<CodeGroup>
  ```bash cURL theme={null}
  curl --request GET \
    --url https://api.oneclickdz.com/v3/validate \
    --header 'X-Access-Token: YOUR_API_KEY'
  ```

  ```javascript Node.js theme={null}
  const response = await fetch("https://api.oneclickdz.com/v3/validate", {
    headers: {
      "X-Access-Token": process.env.ONECLICKDZ_API_KEY,
    },
  });

  const data = await response.json();

  if (data.success) {
    console.log("✓ API key is valid");
    console.log("Account:", data.data.username);
    console.log("Type:", data.data.apiKey.type);
  } else {
    console.error("✗ API key validation failed");
  }
  ```

  ```python Python theme={null}
  import requests
  import os

  response = requests.get(
      'https://api.oneclickdz.com/v3/validate',
      headers={'X-Access-Token': os.getenv('ONECLICKDZ_API_KEY')}
  )

  data = response.json()

  if data['success']:
      print('✓ API key is valid')
      print(f"Account: {data['data']['username']}")
      print(f"Type: {data['data']['apiKey']['type']}")
  else:
      print('✗ API key validation failed')
  ```

  ```php PHP theme={null}
  <?php
  $ch = curl_init();

  curl_setopt($ch, CURLOPT_URL, 'https://api.oneclickdz.com/v3/validate');
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_HTTPHEADER, [
      'X-Access-Token: ' . getenv('ONECLICKDZ_API_KEY')
  ]);

  $response = curl_exec($ch);
  curl_close($ch);

  $data = json_decode($response, true);

  if ($data['success']) {
      echo "✓ API key is valid\n";
      echo "Account: " . $data['data']['username'] . "\n";
      echo "Type: " . $data['data']['apiKey']['type'] . "\n";
  } else {
      echo "✗ API key validation failed\n";
  }
  ?>
  ```
</CodeGroup>

## Exemple de Réponse

```json theme={null}
{
  "success": true,
  "data": {
    "username": "+213665983439",
    "apiKey": {
      "key": "ea27b376-9f5c-4b09-883f-1b96cd7b541c",
      "isEnabled": true,
      "type": "SANDBOX",
      "allowedips": [],
      "scope": "READ-WRITE"
    }
  }
}
```

## Réponses d'Erreur

<AccordionGroup>
  <Accordion title="400 - Token d'Accès Manquant">
    ```json theme={null}
    {
      "success": false,
      "error": {
        "code": "MISSING_ACCESS_TOKEN",
        "message": "Access token is required"
      },
      "requestId": "req_abc123"
    }
    ```
  </Accordion>

  <Accordion title="401 - Token d'Accès Invalide">
    ```json theme={null}
    {
      "success": false,
      "error": {
        "code": "INVALID_ACCESS_TOKEN",
        "message": "The provided access token is invalid",
        "details": {
          "attemptsLeft": 3
        }
      },
      "requestId": "req_abc123"
    }
    ```

    <Warning>
      Après 5 tentatives échouées, votre IP sera temporairement bloquée pendant 15 minutes.
    </Warning>
  </Accordion>

  <Accordion title="403 - IP Bloquée">
    ```json theme={null}
    {
      "success": false,
      "error": {
        "code": "IP_BLOCKED",
        "message": "Your IP has been temporarily blocked due to too many invalid attempts"
      },
      "requestId": "req_abc123"
    }
    ```
  </Accordion>
</AccordionGroup>

## Cas d'Utilisation

<CardGroup cols={2}>
  <Card title="Validation au Démarrage" icon="rocket">
    Vérifiez la clé API lors de l'initialisation de l'application
  </Card>

  {" "}

  <Card title="Vérifications de Santé" icon="heart-pulse">
    Incluez dans les routines de vérification de santé de l'application
  </Card>

  {" "}

  <Card title="Vérification de l'Environnement" icon="check-circle">
    Confirmez que vous utilisez la bonne clé (sandbox ou production)
  </Card>

  <Card title="Vérification des Permissions" icon="shield-check">
    Vérifiez la portée et les permissions de la clé avant les opérations
  </Card>
</CardGroup>

## Exemple d'Intégration

```javascript theme={null}
class OneClickDzClient {
  constructor(apiKey) {
    this.apiKey = apiKey;
    this.baseUrl = "https://api.oneclickdz.com";
    this.validated = false;
  }

  async validate() {
    const response = await fetch(`${this.baseUrl}/v3/validate`, {
      headers: { "X-Access-Token": this.apiKey },
    });

    const data = await response.json();

    if (!data.success) {
      throw new Error(`API key validation failed: ${data.error.message}`);
    }

    this.username = data.data.username;
    this.keyType = data.data.apiKey.type;
    this.scope = data.data.apiKey.scope;
    this.validated = true;

    console.log(`✓ Authenticated as ${this.username} (${this.keyType})`);

    return data.data;
  }

  async request(endpoint, options = {}) {
    if (!this.validated) {
      await this.validate();
    }

    // Check if operation requires write access
    if (
      options.method &&
      options.method !== "GET" &&
      this.scope === "READ-ONLY"
    ) {
      throw new Error("This operation requires READ-WRITE access");
    }

    return fetch(`${this.baseUrl}${endpoint}`, {
      ...options,
      headers: {
        ...options.headers,
        "X-Access-Token": this.apiKey,
      },
    });
  }
}

// Usage
const client = new OneClickDzClient(process.env.ONECLICKDZ_API_KEY);
await client.validate();

// Now make requests
const response = await client.request("/v3/account/balance");
```

## Bonnes Pratiques

<AccordionGroup>
  <Accordion title="Valider au Démarrage" icon="play">
    Validez toujours votre clé API lors du démarrage de l'application

    ```javascript theme={null}
    // During app initialization
    async function initializeApp() {
      try {
        await client.validate();
        console.log('✓ API client initialized');
      } catch (error) {
        console.error('✗ Failed to initialize API client:', error);
        process.exit(1);
      }
    }
    ```
  </Accordion>

  <Accordion title="Mettre en Cache le Résultat de Validation" icon="database">
    Ne validez pas à chaque requête - mettez en cache le résultat

    ```javascript theme={null}
    let validationCache = {
      validated: false,
      timestamp: 0,
      data: null
    };

    async function getValidatedClient() {
      const now = Date.now();
      const cacheExpiry = 5 * 60 * 1000; // 5 minutes
      
      if (validationCache.validated && (now - validationCache.timestamp) < cacheExpiry) {
        return validationCache.data;
      }
      
      const response = await fetch('https://api.oneclickdz.com/v3/validate', {
        headers: { 'X-Access-Token': API_KEY }
      });
      
      const data = await response.json();
      
      if (data.success) {
        validationCache = {
          validated: true,
          timestamp: now,
          data: data.data
        };
      }
      
      return data.data;
    }
    ```
  </Accordion>

  <Accordion title="Vérifier l'Environnement" icon="flask">
    Vérifiez que vous utilisez le bon environnement

    ```javascript theme={null}
    const data = await validateApiKey();

    const isProduction = process.env.NODE_ENV === 'production';
    const keyType = data.apiKey.type;

    if (isProduction && keyType === 'SANDBOX') {
      throw new Error('⚠️ Using SANDBOX key in production environment!');
    }

    if (!isProduction && keyType === 'PRODUCTION') {
      console.warn('⚠️ Using PRODUCTION key in development environment!');
    }
    ```
  </Accordion>

  <Accordion title="Gérer Gracieusement" icon="shield-check">
    Implémentez une gestion d'erreur appropriée

    ```javascript theme={null}
    async function validateWithRetry(maxRetries = 3) {
      for (let i = 0; i < maxRetries; i++) {
        try {
          const response = await fetch('https://api.oneclickdz.com/v3/validate', {
            headers: { 'X-Access-Token': API_KEY }
          });
          
          const data = await response.json();
          
          if (data.success) {
            return data.data;
          }
          
          if (data.error.code === 'INVALID_ACCESS_TOKEN') {
            throw new Error('Invalid API key - check your configuration');
          }
          
          if (data.error.code === 'IP_BLOCKED') {
            throw new Error('IP blocked - too many failed attempts');
          }
          
        } catch (error) {
          if (i === maxRetries - 1) throw error;
          await new Promise(resolve => setTimeout(resolve, 1000 * (i + 1)));
        }
      }
    }
    ```
  </Accordion>
</AccordionGroup>

## Endpoints Connexes

<CardGroup cols={2}>
  <Card title="Vérification de Santé" icon="heart-pulse" href="/fr/api-reference/core/health-check">
    Vérifier l'état du service API
  </Card>

  <Card title="Obtenir le Solde" icon="wallet" href="/fr/api-reference/account/get-balance">
    Vérifier le solde de votre compte
  </Card>
</CardGroup>
