Quick Start - Documentation

This guide introduces the Lit Chipotle API and its web interface, the Lit Chipotle Dashboard which allows both web3 and non-web3 developers to quickly set up their Lit environment and start using Lit Actions.

Zero to LitAction

Create an account via the Dashboard, note down your API key
Run a LitAction
1. From the Dashboard
2. Programmatically via cURL/JavaScript
3. or build your own SDK from the OpenAPI spec

Overview

The Lit Chipotle Dashboard is the front end to the Lit Chipotle API server, designed to quickly and efficiently execute Lit Actions and to manage your user accounts, usage parameters, client wallet creation (PKPs), and IPFS based actions, through a simple set of groups.

Specifically it lets you:

Create accounts and obtain a master account API key.
Create usage API keys that can be scoped to specific lit-actions or used by dApps.
Create and manage wallets (PKPs) for signing and on-chain operations.
Register IPFS CIDs (immutable actions) and scope which wallets have access to them.
Organize all your resources into groups that combine PKPs, IPFS actions, and usage API keys in any combination.
Send lit-actions to the node for execution, authorized by a usage or account API key.

All of this can be done via the Dashboard (web GUI) or directly via the REST API, using a light-weight JS SDK, or even directly through CURL-ing commands. Data is secure and on-chain—all configuration within the Dashboard can be achieved by talking directly to our contracts located on BASE.

Using the Dashboard

The Dashboard is a web management GUI for Lit’s Chipotle offering. Open it from your browser at https://dashboard.dev.litprotocol.com It supports light/dark theme for your convenience and provides simple management tools. Dashboard workflow (recommended order):

Request a new account (or log in)
Request usage API keys
Request new PKPs (wallets)
Register IPFS CIDs (actions)
Create groups
Run lit-actions

1. Request a new account (or log in)

On the login page you have two tabs:

Existing User — Paste your account API key and click Log in. The server checks that the account exists and is mutable.
New User — Enter an account name and an optional description (and optional initial balance), then click Create account. The server creates the account and returns a new API key and wallet address. Store the API key securely; you’ll need it to manage the account.

After login, the dashboard shows Overview, Usage API Keys, Groups, IPFS Actions, Wallets, and Action Runner.
You’ll notice a single wallet in your account - it represents your master account API key, and can be used like a standard EVM wallet, or you can safely skip its web3 properties and use the APIs directly.

2. Request usage API keys

Usage API keys are scoped keys you can give to clients or dApps to run specific lit-actions or to deploy. They can be rotated or removed without changing the main account. In the Usage API Keys section, click Add. Set expiration and initial balance, then click Confirm. The server returns a new usage key once — copy and store it. You can optionally set a name and description after creation.

Use this key in the X-Api-Key (or Authorization: Bearer) header when calling the node so that usage is attributed to this key.

3. Request new PKPs (wallets)

PKPs (Programmable Key Pairs) are wallets the lit-nodes can use for signing. In the Wallets section, click Add to create a new wallet to assign to one of your users, or for use in running a lit-action. The server generates a new PKP and returns its address and public key. You can add existing PKPs to groups (see step 5) via Add PKP to group in the Groups section.

4. Register IPFS CIDs (actions)

To scope which usage API keys can run which code, you register IPFS CIDs as permitted actions. In the IPFS Actions section, pick a group from the dropdown, then Add an action: enter the IPFS CID of the lit-action and optional name/description. The server hashes the CID and stores it in the group. Only keys that are allowed to use that group can run that action.

5. Create groups

Groups logically combine PKPs, IPFS actions, and (indirectly) usage API keys. You can use any combination: e.g., a group with only permitted actions, or only permitted wallets, or both. In the Groups section, click Add to create a group (name, description, optional permitted actions and PKPs, and flags for “all wallets permitted” / “all actions permitted”). Then:

Use IPFS Actions to add CIDs to the group.
Use Add PKP to group / Remove PKP from group to allow which wallets can be used in that group.

Usage API keys (and the account key) are validated against the account’s groups and permitted actions/wallets when you run a lit-action.

6. Run lit-actions

In the Action Runner section, paste some Lit Action JavaScript code and optional JSON parameters. For example

    const message = "Hello from Lit Action";
    const sig = await LitActions.signEcdsa({ toSign: new TextEncoder().encode(message), publicKey, sigName });
    LitActions.setResponse({ response: JSON.stringify({ message, sig }) });

Choose the API key (account or usage key) to use for the request, then click Execute. The node runs the action and returns signatures, response, and logs. The key you use must be allowed to run that action (via the group and IPFS CID configuration).

Daily Usage

The dashboard is just your human-friendly configuration tool. Once your account and keys are set up to your liking, you can simply call the lit-action endpoint with your usage key each time you, your dApp or cron job needs to execute a lit action. So the only daily use step is

Call the API with your usage key, action-code ( or IPFS CID ) and any parameters that you need

Using the API directly

The same workflows can be done via the REST API. The API itself is under /core/v1/. All endpoints that require authentication expect the API key in a header:

X-Api-Key: your-api-key
or Authorization: Bearer your-api-key

Examples below use BASE=api.dev.litprotocol.com and KEY=your_account_or_usage_api_key. The JavaScript examples use the Core SDK (LitNodeSimpleApiClient) from core_sdk.js. API workflow:

New account or verify account (login)
Add usage API key
Create wallet (PKP)
Add group and register IPFS action
Add PKP to group (optional)
Run lit-action

Create a new account (returns API key and wallet address). Or verify an existing key with the account_exists function.

JavaScript (Core SDK)
cURL

import { createClient } from './core_sdk.js';

const client = createClient('https://api.dev.litprotocol.com');

// New account
const res = await client.newAccount({
  accountName: 'My App',
  accountDescription: 'Optional description',
  initialBalance: '0'  // optional
});
console.log('API key:', res.api_key);
console.log('Wallet:', res.wallet_address);
// Store res.api_key securely.

// Or verify existing key (login)
const exists = await client.accountExists(res.api_key);
console.log('Account exists:', exists);

# New account
curl -s -X POST "http://localhost:8000/core/v1/new_account" \
  -H "Content-Type: application/json" \
  -d '{"account_name":"My App","account_description":"Optional","initial_balance":"0"}'

# Verify account (replace KEY with your API key)
curl -s "http://localhost:8000/core/v1/account_exists" \
  -H "X-Api-Key: KEY"

2. Add usage API key

Create a usage API key with expiration and balance. The response includes the new key only once — store it.

JavaScript (Core SDK)
cURL

// Expiration: e.g., 1 year from now (Unix timestamp). Balance: e.g., "1000000"
const expiration = String(Math.floor(Date.now() / 1000) + 365 * 24 * 3600);
const balance = '1000000';

const res = await client.addUsageApiKey({
  apiKey: accountApiKey,
  expiration,
  balance
});
console.log('New usage API key (store it now):', res.usage_api_key);

# Replace KEY with account API key; set expiration (e.g., Unix ts) and balance
curl -s -X POST "http://localhost:8000/core/v1/add_usage_api_key" \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: KEY" \
  -d '{"expiration":"9999999999","balance":"1000000"}'

3. Create a wallet (PKP)

Request a new wallet (PKP) for the account. The server returns the wallet address and registers it.

JavaScript (Core SDK)
cURL

const res = await client.createWallet(accountApiKey);
console.log('Wallet address:', res.wallet_address);

curl -s "http://localhost:8000/core/v1/create_wallet" \
  -H "X-Api-Key: KEY"

4. Add group and register IPFS action

Create a group (with optional permitted actions and PKPs). Then add an action (IPFS CID) to the group to scope which keys can run it.

JavaScript (Core SDK)
cURL

// Create group (permitted_actions and pkps are keccak256 hashes; can be empty arrays)
await client.addGroup({
  apiKey: accountApiKey,
  groupName: 'My Group',
  groupDescription: 'Optional',
  permittedActions: [],
  pkps: [],
  allWalletsPermitted: true,
  allActionsPermitted: false
});

// List groups to get the new group ID
const groups = await client.listGroups({ apiKey: accountApiKey, pageNumber: '0', pageSize: '10' });
const groupId = groups[groups.length - 1].id;

// Add an IPFS action (CID) to the group
await client.addActionToGroup({
  apiKey: accountApiKey,
  groupId,
  actionIpfsCid: 'QmYourIpfsCidHere',
  name: 'My Action',
  description: 'Optional'
});

# Create group
curl -s -X POST "http://localhost:8000/core/v1/add_group" \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: KEY" \
  -d '{"group_name":"My Group","group_description":"","permitted_actions":[],"pkps":[],"all_wallets_permitted":true,"all_actions_permitted":false}'

# List groups to get group_id (use the "id" from the response)
curl -s "http://localhost:8000/core/v1/list_groups?page_number=0&page_size=10" \
  -H "X-Api-Key: KEY"

# Add action to group (replace GROUP_ID and IPFS_CID)
curl -s -X POST "http://localhost:8000/core/v1/add_action_to_group" \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: KEY" \
  -d '{"group_id":"GROUP_ID","action_ipfs_cid":"QmYourIpfsCidHere","name":"My Action","description":""}'

5. Add PKP to group (optional)

Restrict which wallets (PKPs) can be used in the group by adding their public keys (or wallet addresses) to the group.

JavaScript (Core SDK)
cURL

await client.addPkpToGroup({
  apiKey: accountApiKey,
  groupId,
  pkpPublicKey: walletPublicKeyHex  // from listWallets or createWallet flow
});

curl -s -X POST "http://localhost:8000/core/v1/add_pkp_to_group" \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: KEY" \
  -d '{"group_id":"GROUP_ID","pkp_public_key":"YOUR_PKP_PUBLIC_KEY_HEX"}'

6. Run lit-action

Execute a lit-action by sending JavaScript code and optional params. Use a usage API key in the header.

JavaScript (Core SDK)
cURL

const result = await client.litAction({
  apiKey: accountApiKey,  // or usageApiKey
  code: `
    const message = "Hello from Lit Action";
    const sig = await LitActions.signEcdsa({ toSign: new TextEncoder().encode(message), publicKey, sigName });
    LitActions.setResponse({ response: JSON.stringify({ message, sig }) });
  `,
  jsParams: { publicKey: '0x...', sigName: 'sig1' }
});
console.log(result.signatures, result.response, result.logs);

# Replace KEY with account or usage API key. Include the code and js_params in the request body.
curl -s -X POST "http://localhost:8000/core/v1/lit_action" \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: KEY" \
  -d '{"code":"const msg = \"hello\"; LitActions.setResponse({ response: msg });","js_params":null}'

Other useful endpoints

list_api_keys — List usage API keys (paginated).
list_groups — List groups.
list_wallets — List wallets.
list_actions — List actions in a group (by group_id).
list_wallets_in_group — List wallets in a group.
update_group — Update group name, description, and permission flags.
remove_action_from_group / remove_pkp_from_group — Remove action or PKP from a group.
get_node_chain_config — Get node chain config - a quick way to find the location of contracts within the system.

Both request/response shapes and OpenAPI spec are available directly in the dev system. For a Swagger UI implementation of the OpenAPI spec, please browse to:

https://api.dev.litprotocol.com/swagger-ui/

Open API Specification

The OpenAPI spec itself can be found at:

https://api.dev.litprotocol.com/core/v1/openapi.json Note that these specs are subject to minor changes and will always be available with the dev server endpoints.

Building on Lit Chipotle

​Zero to LitAction

​Overview

​Using the Dashboard

​1. Request a new account (or log in)

​2. Request usage API keys

​3. Request new PKPs (wallets)

​4. Register IPFS CIDs (actions)

​5. Create groups

​6. Run lit-actions

​Daily Usage

​Using the API directly

​1. New account or verify account (login)

​2. Add usage API key

​3. Create a wallet (PKP)

​4. Add group and register IPFS action

​5. Add PKP to group (optional)

​6. Run lit-action

​Other useful endpoints

​Open API Specification