getApiKey

Returns the API key for Basic Authentication, or an empty string when a valid Bearer access token is already available.

Returning an empty string when a token exists prevents io.rekast.sdk.network.interceptor.auth.BasicAuthenticationInterceptor from attaching a Basic Auth header to Bearer-protected requests. Once the access token expires, CredentialStorage.getAccessToken returns an empty string, which causes this method to return the stored API key — the next request then goes out without a Bearer header, the server responds with 401, and TokenAuthenticator fires to refresh the token.