Develop & Integrate
Explore & DesignDevelop & IntegrateEmbedded Wallet GuidesChangelogCommunityStatusRequest Demo

Create API Keys

📘

Please make sure to read the Manage API Access guide before running the examples below


📘

Creating and Listing API Keys or Console Users is allowed to API Keys with Admin/NonSigningAdmin roles only.

Creating API Keys via the Fireblocks API can be done by using the Create API Key API endpoint.
The endpoint requires sending a request body including multiple parameters:

  1. role - controls the API Key permissions. API Key roles are the same as user roles and you can read more about these in the following guide
  2. name - the label for the API Key
  3. csrPem - the CSR file required for authentication as described in the following guide
  4. coSignerSetupType - if the user has SIGNER or ADMIN roles, you can connect it to a Co-Signer for a fully automated signature process. Learn more about API Co-Signer in the following guide. Available options are:
    1. SGX_MACHINE - for SGX enabled servers
    2. FIREBLOCKS_CCMT - for the Fireblocks Communal Co-Signer (available in testnet workspaces only)
    3. NITRO_MACHINE - for AWS Nitro enabled servers
  5. coSignerSetupIsFirstUser - should be set to true if the coSignerSetupType is SGX_MACHINE and this is going to be the first paired user on this API Co-Signer.

Create API Key via API example:


import { readFileSync } from 'fs';
import { Fireblocks, BasePath } from "@fireblocks/ts-sdk";

const FIREBLOCKS_API_SECRET_PATH = "<PATH_TO_YOUR_SECRET>";

// Initialize a Fireblocks API instance with local variables
const fireblocks = new Fireblocks({
    apiKey: "<YOUR_API_KEY>",
    basePath: BasePath.US, 
    secretKey: readFileSync(FIREBLOCKS_API_SECRET_PATH, "utf8"),
});


(async() => {
  const csrPem = readFileSync("<path_to_csr_file>", "utf-8")
  try {
    const apiKeyRes = await fireblocks.apiUser.createApiUser({
      createAPIUser:{
        role: "ADMIN",
        name: "MyExampleAPIKey",
        csrPem,
        coSignerSetupType: "SGX_MACHINE",
        coSignerSetupIsFirstUser: true
      }
    })
  
   console.log(JSON.stringify(apiKeyRes, null, 2))
  } catch(e){
    console.log(e)
  }  
})();

Get API Keys via API Example:

import { readFileSync } from 'fs';
import { Fireblocks, BasePath } from "@fireblocks/ts-sdk";

const FIREBLOCKS_API_SECRET_PATH = "<PATH_TO_YOUR_SECRET>";

// Initialize a Fireblocks API instance with local variables
const fireblocks = new Fireblocks({
    apiKey: "<YOUR_API_KEY>",
    basePath: BasePath.US, 
    secretKey: readFileSync(FIREBLOCKS_API_SECRET_PATH, "utf8"),
});


(async() => {
  try {

    const apiKeys = await fireblocks.apiUser.getApiUsers()
    console.log(JSON.stringify(apiKeys, null, 2))

  } catch(e){
    console.log(e)
  }  
})();