Skip to main content
Fireblocks uses API keys (API User IDs) to authenticate all API calls. Depending on the type of workspace environment, the base API URL will be one of the following:
  • US Sandbox: https://sandbox-api.fireblocks.io/v1
  • US Mainnet/Testnet: https://api.fireblocks.io/v1
  • For EU Mainnet or Testnet workspaces: https://eu-api.fireblocks.io/v1
  • For EU2 Mainnet or Testnet workspaces: https://eu2-api.fireblocks.io/v1
Every API request must contain the following headers:
  • X-API-Key - The API key created from your Fireblocks workspace.
  • Authorization - This value should be set to Bearer <Access Token>. The access token is a Base64-encoded JSON Web Token (JWT).
Before you begin: Ensure you have created an API User ID (API key) in your Fireblocks Console.

JWT structure

Authorization: Bearer <JWT> The JSON Web Token (JWT) payload field should contain the following fields:
  • uri - The URI part of the request (e.g., /v1/transactions).
  • nonce - Unique number or string. Each API request must have a unique nonce.
  • iat - The time at which the JWT was issued, in seconds since Epoch.
  • exp - The expiration time on and after which the JWT must not be accepted for processing, in seconds since Epoch. (Must be less than iat+30sec.)
  • sub - The API key.
  • bodyHash - Hex-encoded SHA-256 hash of the raw HTTP request body.
The JWT must be signed with the Fireblocks API private key and the RS256 (RSASSA-PKCS1-v1_5 using SHA-256 hash) algorithm.
Check out API authentication code examples here.

Set up request headers via the Fireblocks SDKs

You can set up the request headers using the Fireblocks API SDKs: 
import { Fireblocks } from "@fireblocks/ts-sdk";
import * as fs from "fs";

// Initialize the Fireblocks SDK
const fireblocks = new Fireblocks({
  apiKey: "your-api-key",
  secretKey: fs.readFileSync("/path/to/your/secret.key", "utf8"),
  basePath: "https://api.fireblocks.io"
});
Alternatively, configure credentials with environment variables: 
export FIREBLOCKS_BASE_PATH="https://sandbox-api.fireblocks.io/v1"
export FIREBLOCKS_API_KEY="my-api-key"
export FIREBLOCKS_SECRET_KEY="my-secret-key"
When using the above SDK code examples to sign a request, be sure to replace apiKey with your own API key.