API Keys
Scopes
Enabling required permissions for API calls
Below is a complete list of the API scopes available. You can also find the scope a specific API requires in the API Reference section.
Wallet APIs
| Scope | Description | Server Key | Client Key |
|---|---|---|---|
wallets.read | Retrieve all wallets for a user. | ✅ | ✅ |
wallets.create | Create a wallet for a user. | ✅ | ✅ |
wallets:nfts.read | Fetch the NFTs owned by a specific wallet address. | ✅ | ✅ |
wallets:balance.read | Get the balance of a specific wallet address. | ✅ | ✅ |
wallets:transactions.create | Create a transaction from a user’s wallet. | ✅ | ✅ |
wallets:transactions.sign | Sign a transaction from a user’s wallet. | ✅ | ✅ |
wallets:transactions.read | Read transactions from a user’s wallet. | ✅ | ✅ |
wallets:signatures.create | Create a signature for a wallet. | ✅ | ✅ |
wallets:signatures.read | Read a signature for a wallet. | ✅ | ✅ |
wallets.fund | Send funds to a wallet. | ✅ | ✅ |
wallets:nfts.transfer | Transfer an NFT from a user’s wallet. | ✅ | |
wallets:messages.sign | Sign a message from a user’s wallet. | ✅ |
When using the Wallets SDK you must use a client-side API key.
Authentication
| Scope | Description | Server Key | Client Key |
|---|---|---|---|
users.create | Create users / allow them to sign up. | ✅ | |
users.read | Get profile info for user accounts. | ✅ |
Tokenization (Minting) APIs
| Scope | Description | Server Key | Client Key |
|---|---|---|---|
nfts.create | Mint your NFTs and deliver them to a wallet or to an email address. | ✅ | |
nfts.update | Update a minted NFT’s metadata on IPFS (image, description, name…). | ✅ | |
nfts.read | Retrieve all metadata for an NFT. | ✅ | |
nfts.delete | Burn a specific NFT within a collection. | ✅ | |
nfts.transfer | Transfer an NFT to a different wallet. | ✅ | |
collections.create | Create a collection of NFTs. | ✅ | |
collections.update | Update information for an existing collection (image, name, royalties…). | ✅ | |
collections.read | Retrieve the information about a specific collection. | ✅ | |
credentials.read | Fetch credentials, some endpoints will only work with a server side key. | ✅ | ✅ |
credentials.decrypt | Decrypt credentials, mainly used by our client side SDK. | ✅ | ✅ |
credentials:templates.create | Create a template for your credentials. | ✅ | |
credentials.create | Issue your credentials and create credential types | ✅ | |
credentials.delete | Revoke a credential issued to a subject. | ✅ |
Checkout APIs
| Scope | Description | Server Key | Client Key |
|---|---|---|---|
orders.create | Create an order for headless checkout. | ✅ | ✅ |
orders.read | Get an existing order for headless checkout. | ✅ | ❌ |
orders.update | Update an existing order for headless checkout. | ✅ | ❌ |
Client-side API keys only have access to the
orders.create scope. When reading or updating order status from the
client-side, you must pass the clientSecret returned in the create-order call as an authorization header for
subsequent order operations (get-order, update-order). The clientSecret provides the authorization and an API Key
is not required in this use case. See this
guide in the Headless Checkout docs.Project Administration
| Scope | Description | Server Key | Client Key |
|---|---|---|---|
billing.readonly | Get balance in credits for a project. | ✅ | |
projects:usage.read | Get usage for the different products in a project | ✅ |