LogoLogo
  • Getting started
    • Overview
    • Quick start
    • Integration
  • Products
    • Fiat <> Crypto conversions
    • Third Party Payments
    • Segregated Accounts
  • Concepts
    • Authentication
    • Idempotency
    • Onboarding
    • Fees and Limits
    • Accounts
      • Client Accounts
      • Manager Accounts
    • Bank Accounts and Wallet Addresses
    • Supported Fiat Currencies, Blockchain Assets and Blockchain Networks
    • Webhooks
    • Document Management
  • Client API reference
    • Transactions
    • Preset fees
    • Deposit instructions
    • Bank accounts
    • Blockchain wallets
    • User
    • Uploads (temporary storage)
    • Documents (permanent storage)
    • Constants
    • Simulate
    • Models
  • Client Specification
  • Manager API reference
    • Clients
    • Clients onboarding
    • Client bank accounts
    • Client blockchain wallets
    • Client preset fees
    • Client deposit instructions
    • Client transactions
    • Transactions
    • Manager preset fees
    • Deposit instructions
    • Uploads (temporary storage)
    • Documents (permanent storage)
    • Webhooks
    • Constants
    • Simulate
    • Models
  • Manager Specification
Powered by GitBook
On this page
  • API Key Authentication
  • API Key Management
  1. Concepts

Authentication

API Key Authentication

Rialto uses simple API key authentication to secure API calls.

This means that users need to include their API key into they API calls headers, using an RIALTO_API_KEY field. Please find below an example of query including an API key usage.

curl --location 'https://staging.api.rialtobridge.xyz/api/client/v1/transactions' \
    -X GET \
    --header 'Content-Type: application/json' \
    --header 'RIALTO_API_KEY: ab3bcq9ynhJ2Om85fLSlEfn3YXiolngd4m3n0rDm8Sg='

API Key Management

API keys can be queried by verified accounts for which API access has been enabled. You can directly manage your API keys through Rialto's application, in the dedicated menu.

Please note the following:

  • API keys are only shown once when you request them. Rialto never stores plain API keys in database, so if you lose them there will be no way of getting them back.

  • API keys allow any user that has access to them to use the associated account. API keys should never be shared to an unintended audience. Please keep your API keys secret and secure.

  • You can have 3 active API keys at the same time. If you reached the limit, you need to disable an active key before creating a new one.

PreviousConceptsNextIdempotency

Last updated 4 months ago