search

Authentication

hashtag
API Key Authentication

Rialto uses simple API key authentication to secure API calls.

This means that users need to include their API key into they API calls headers, using an RIALTO_API_KEY field. Please find below an example of query including an API key usage.

curl --location 'https://staging.api.rialtobridge.xyz/api/client/v1/transactions' \
    -X GET \
    --header 'Content-Type: application/json' \
    --header 'RIALTO_API_KEY: ab3bcq9ynhJ2Om85fLSlEfn3YXiolngd4m3n0rDm8Sg='

hashtag
API Key Management

API keys can be queried by verified accounts for which API access has been enabled. You can directly manage your API keys through Rialto's application, in the dedicated menu.

Please note the following:

  • API keys are only shown once when you request them. Rialto never stores plain API keys in database, so if you lose them there will be no way of getting them back.

  • API keys allow any user that has access to them to use the associated account. API keys should never be shared to an unintended audience. Please keep your API keys secret and secure.

  • You can have 3 active API keys at the same time. If you reached the limit, you need to disable an active key before creating a new one.

PreviousConceptsNextIdempotency

Last updated