<aside> ⚠️ Subaccounts are currently in limited access. Please contact [email protected] for more information.
</aside>
There are three ways to log in as a subaccount: through the main account, using a wallet login, or using an API key.
Wallet logins
There are endpoints to create and list wallet login invites. These will be created in a pending state, with an id and a secret attached. Given a wallet login invite and a wallet address, a user can request an auth challenge as normal, and pass it to a new endpoint along with the id and secret to complete the invite. The invite will then transition to the active state, and the wallet address will be linked to the subaccount. While in the pending state, these invites can be revoked.
API Keys
Subaccounts cannot create, edit, or delete their own API keys. A main account can list, create, and delete API keys for a subaccount. The ENCLAVE-SUBACCOUNT-ID header is not currently supported for requests authenticated with an API key from a main account.
Main-as-subaccount JWT authentication
When using JWT auth, you can authenticate as any subaccount of your main account by passing the ENCLAVE-SUBACCOUNT-ID header with a value of the subaccount’s ID. In this mode, you can access disabled subaccounts, but you are still subject to the subaccount’s restrictions on markets. This is implemented on the Enclave Markets frontend UI, but likely not relevant to external users.
The subaccounts API returns the following error codes:
subaccounts_not_enabled: Subaccounts are not enabled for this account.subaccounts_limit_reached: The maximum number of subaccounts for this account has been reached.subaccount_not_found: The subaccount could not be found.wallet_login_acceptance_invalid: The secret/id used to accept a wallet login invite were invalid.wallet_login_acceptance_expired: The wallet login invite has expired.address_already_in_use: The given address is already associated with an account.wallet_login_already_accepted: The given wallet login has already been accepted (when revoking an accepted invite).subaccount_invalid_state: The subaccount is in an invalid state.