Manage API credentials
Create API credentials
- Navigate to ‘API Credentials’ in 'Settings' and select ‘Create credentials’
- Select the permission set type
This governs which actions your API credentials will be permitted to carry out.
Set types include:- Wallets - to manage wallets and vaults
- Transactions - to manage transactions
- Controls - to manage policies and addresses
- Monitoring - to manage auditing tools e.g. webhooks
- Enter the name of the credentials
This name should help identify the credentials. - Enter the description of the credentials
This description should make the purpose of the credentials clear. - Select which IP addresses the credentials can be used from
Option 1 - all IP addresses
Option 2 - specified IP addresses. If more than 1 address, separate them with a comma. - Set a permission for the credentials
Select a type, action, scope and resource for the credentials.
This is the most important part of the process as it sets the parameters for which actions the set of credentials can perform.
Example
If I wanted my API credentials to only be able to read asset balances in a particular vault, I would select the following options:
Permission set type: wallets
Permission type: balances
Permission action: read
Permission scope: vault
Permission resource: specific vault
- If you wish to add another permission to this set of credentials, select ‘Add another permission’
However, as per the principle of least privilege, we recommend limiting the scope of individual API credentials for security reasons. - Once you have added your desired number of permissions, select ‘Generate credentials’.
- You will receive a
clientIDandclientSecret. These are essential for authenticating your requests.
The
clientSecretwill only be revealed once. Please copy and store it securely. If lost, new credentials will need to be created.
Use API credentials
- Ensure that the credentials are enabled.
Upon creation, credentials will be automatically enabled. - Swap the
clientIDandclientSecretfor an access token
This is done using the OAuth flow via the API.
curl --location 'http://api.palisade.co/v2/credentials/oauth/token' \
--header 'Content-Type: application/json' \
--data '{
"clientId": "cIUkXkZBBx3zukqr6LJ3th2CVaYrgotH",
"clientSecret": "MXDAtUtaoU7WzuhbtY76DHTH_2lvqNg7FEMnUFAFRDVV0UUGGkkOwTJJrnTnywpF"
}'
- You will receive a response containing the access token and other details
{
"accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImxBMmpQWDd5NWZTR0tMWDFtMkpucyJ9.eyJodHRwczovL3BhbGlzYWRlLmNvIjp7ImRldmljZUlkIjpudWxsLCJvcmdhbml6YXRpb25JZCI6IjIxYzgxMzE5LTViODMtNDVmOS1iNjQ4LTQyMDU1MDg0YWYxNSIsInNpZ25hdHVyZVZlcmlmaWNhdGlvbktleSI6bnVsbCwidXNlcklkIjoiMWU0YzFmYmEtOGMzNy00OGY0LWJhZDgtNTg0ODY0OTBmMjQxIn0sImlzcyI6Imh0dHBzOi8vcGFsaXNhZGUtZGV2ZWxvcG1lbnQuZXUuYXV0aDAuY29tLyIsInN1YiI6ImNJVWtYa1pCQngzenVrcXI2TEozdGgyQ1ZhWXJnb3RIQGNsaWVudHMiLCJhdWQiOiJodHRwczovL2FwaS5wYWxpc2FkZS5jby8iLCJpYXQiOjE3MjI4ODk3MTIsImV4cCI6MTcyMjg5MzMxMiwic2NvcGUiOiJiYWxhbmNlczpyZWFkOm9yZzppZD0yMWM4MTMxOS01YjgzLTQ1ZjktYjY0OC00MjA1NTA4NGFmMTU6KiIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyIsImF6cCI6ImNJVWtYa1pCQngzenVrcXI2TEozdGgyQ1ZhWXJnb3RIIiwicGVybWlzc2lvbnMiOlsiYmFsYW5jZXM6cmVhZDpvcmc6aWQ9MjFjODEzMTktNWI4My00NWY5LWI2NDgtNDIwNTUwODRhZjE1OioiXX0.AxTTxM2oLArtE6uRNJ1ADhMmrvwVfFQXu1vE5XZqpK64HuXwZB26R-25P4XpA9LX0QH7JTOpE9snNN7VYs4RVGXwNKeDRW0Zne7IkAVUwCAfhBkVxZ8Z_BZfNrTumGa-2R45XiQ2v-EfQZZV59q95eEz0f1ALWlc4XgVp_A5LPR25yys-H4sWPJJq5JUBdHtPVr7gUSkH7P3P4GSi3iZfcKaqijEwpJxN7Qmf7j2UFSC68-WeDxDXlIZIWkgCUz4lfPkYcz7oxpjRRGIej9eTtV9c5fCrkZcEaSOsSvqL3O2ubFqQm8hf6czfkOlyBmu7E2PJzImD1JJqpkB_qYfXg",
"scope": "balances:read:org:id=21c81319-5b83-45f9-b648-42055084af15:*",
"expiresIn": 3600,
"tokenType": "Bearer"
}
- Use the access token to authenticate requests to the API
curl --location 'http://api.palisade.co/v2/balances' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImxBMmpQWDd5NWZTR0tMWDFtMkpucyJ9.eyJodHRwczovL3BhbGlzYWRlLmNvIjp7ImRldmljZUlkIjpudWxsLCJvcmdhbml6YXRpb25JZCI6IjIxYzgxMzE5LTViODMtNDVmOS1iNjQ4LTQyMDU1MDg0YWYxNSIsInNpZ25hdHVyZVZlcmlmaWNhdGlvbktleSI6bnVsbCwidXNlcklkIjoiMWU0YzFmYmEtOGMzNy00OGY0LWJhZDgtNTg0ODY0OTBmMjQxIn0sImlzcyI6Imh0dHBzOi8vcGFsaXNhZGUtZGV2ZWxvcG1lbnQuZXUuYXV0aDAuY29tLyIsInN1YiI6ImNJVWtYa1pCQngzenVrcXI2TEozdGgyQ1ZhWXJnb3RIQGNsaWVudHMiLCJhdWQiOiJodHRwczovL2FwaS5wYWxpc2FkZS5jby8iLCJpYXQiOjE3MjI4ODk3MTIsImV4cCI6MTcyMjg5MzMxMiwic2NvcGUiOiJiYWxhbmNlczpyZWFkOm9yZzppZD0yMWM4MTMxOS01YjgzLTQ1ZjktYjY0OC00MjA1NTA4NGFmMTU6KiIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyIsImF6cCI6ImNJVWtYa1pCQngzenVrcXI2TEozdGgyQ1ZhWXJnb3RIIiwicGVybWlzc2lvbnMiOlsiYmFsYW5jZXM6cmVhZDpvcmc6aWQ9MjFjODEzMTktNWI4My00NWY5LWI2NDgtNDIwNTUwODRhZjE1OioiXX0.AxTTxM2oLArtE6uRNJ1ADhMmrvwVfFQXu1vE5XZqpK64HuXwZB26R-25P4XpA9LX0QH7JTOpE9snNN7VYs4RVGXwNKeDRW0Zne7IkAVUwCAfhBkVxZ8Z_BZfNrTumGa-2R45XiQ2v-EfQZZV59q95eEz0f1ALWlc4XgVp_A5LPR25yys-H4sWPJJq5JUBdHtPVr7gUSkH7P3P4GSi3iZfcKaqijEwpJxN7Qmf7j2UFSC68-WeDxDXlIZIWkgCUz4lfPkYcz7oxpjRRGIej9eTtV9c5fCrkZcEaSOsSvqL3O2ubFqQm8hf6czfkOlyBmu7E2PJzImD1JJqpkB_qYfXg'
API credentials settings
Once API credentials have been created, they will be listed in a table. Users can access settings by clicking the three dots in the ‘actions’ column of the table.
There are 3 types of settings:
View credentials
A summary of the credentials will be displayed, including:
- Name
- Description
- Set type
clientID(but notclientSecret)- Permissions
- Details of the credentials’ creation & any updates
Here, you will also have the option to edit the credential. Only the permissions will be editable. The set type, name, description and IP address settings cannot be edited.
Disable credentials
Disabling these API credentials will indefinitely prevent access to the Palisade platform via your API integration. Credentials can easily be enabled again by clicking ‘Enable’ in the actions column.
Delete credentials
Deleting these API credentials will remove access to the Palisade platform via the API. These credentials cannot be recovered once deleted.
API docs
See our API Reference for more information about the Palisade API.
Updated 3 days ago