API Services
The v2alpha API includes the following core services:Account Management
- Accounts - User account registration, activation, and identity management
- API Keys - Revocable authentication keys for API access
Security & Cryptography
- Certificates - X.509 certificate management and revocation
- Public Keys - Encryption public key management
Resource Patterns
The API follows resource-oriented design principles with standard resource name patterns:- Accounts:
accounts/{account} - API Keys:
measurementConsumers/{measurement_consumer}/apiKeys/{api_key} - Certificates:
{parent}/certificates/{certificate}where parent can be:dataProviders/{data_provider}duchies/{duchy}measurementConsumers/{measurement_consumer}modelProviders/{model_provider}
- Public Keys:
{parent}/publicKeywhere parent can be:dataProviders/{data_provider}measurementConsumers/{measurement_consumer}
Authentication
The API supports authentication through:- API Keys - Created via the API Keys service for programmatic access
- OpenID Connect - For user authentication with OIDC providers
Common Patterns
Pagination
List methods support pagination usingpage_size and page_token parameters:
Field Behavior
Fields are annotated with behavior constraints:REQUIRED- Must be provided in requestsOUTPUT_ONLY- Only returned in responses, ignored in requestsIMMUTABLE- Can only be set on creationIDENTIFIER- Resource name field
Error Handling
The API returns standard gRPC status codes:PERMISSION_DENIED- Caller lacks permission for the operationNOT_FOUND- Resource not foundALREADY_EXISTS- Resource already existsINVALID_ARGUMENT- Invalid request parametersFAILED_PRECONDITION- Operation rejected due to system state
Protocol Buffers
All API methods use Protocol Buffers (proto3) for request and response messages. The Java package isorg.wfanet.measurement.api.v2alpha.
Next Steps
- Review the Accounts API for user management
- Learn about API Keys for authentication
- Understand Certificate management
- Explore Public Key encryption