> For the complete documentation index, see [llms.txt](https://docs.teranode.group/tng-identity-documentation/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.teranode.group/tng-identity-documentation/introduction/portal-api/getting-started.md).

# Getting Started

## Prepare base URL

Your Portal API environment is entirely managed by TNG's Product Suite Platform (PSP), so there is nothing to worry about setting up the technology stack. You will receive the **Portal API Base URL** for your environment. The Portal API uses a single base URL to standardize all endpoints.

```bash
$API_KEY=INSERT_YOUR_API_KEY_HERE # the API key assigned to you via Issuer or Verifier portal
$IDENTITY_ENV_ID=426f1ce15bf3df70 # the unique idenitifer for your env
$PORTAL_API_BASE_URL=https://identity.products.teranode.group/products/web/$IDENTITY_ENV_ID/portalbackend/api
```

Make sure to replace `$PORTAL_API_BASE_URL` with the Portal API base URL provided to you.&#x20;

{% hint style="info" %}
To check if your Portal API Base URL is valid, you can visit the Ping-Pong website at <mark style="color:blue;">GET</mark> <mark style="color:blue;"></mark><mark style="color:blue;">`$PORTAL_API_BASE_URL/api/v1/ping`</mark>
{% endhint %}

## API Key Authentication

The API supports API Key authentication providing the following header

```
X-API-KEY: <API_KEY>
```

The API key grants you access to the API documented at [API Documentation](/tng-identity-documentation/tng-identity-issuers/issuer-api/api-documentation.md)

If the API returns 403 means the API key privileges does not suffice to access the action you want to perform. Ask an Admin or Owner of the environment to review your access.

If the API returns 401 means the API key is not authorised or invalid. Ask an Admin or Owner to review access.

## Authorization

The Portal API uses role-based access control (RBAC) to manage permissions. Authorization is enforced using the `cognito:groups` claim in the JWT access token, which specifies the user’s assigned claims. These permissions determine what actions the user can perform within the API.

### Supported Roles

* **Issuer Admin -** can view and issue verifiable credentials, can view the history of issued credentials, can revoke credentials & more
* **Issuer User** - can view and issue verifiable credentials, can view the history of its own issued credentials, can revoke its own credentials and more.
* **Issuer Auditor -** can view the history of issued credentials, can revoke credentials & more
* **Verifier Admin - c**an verify verifiable credentials, can view all the verifiable credentials that have been verified based on the pre-defined list of schemas & more
* **Verifier User** - can verify verifiable credentials, can view its own verified credentials ,can view its own verifiable credentials that have been verified based on the pre-defined list of schemas & more
* **Verifier Auditor -** can view the history verified credentials & more


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.teranode.group/tng-identity-documentation/introduction/portal-api/getting-started.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.