Each REST API user has a unique access token.

API users authenticate their requests by passing their access token in the Authorization header with the Bearer prefix.

All API requests are made to the following endpoint:

When making a request, the value for the Authorization header must be in the format Bearer {access token}. For example:

Bearer eyJhbGciOiJFZERTQSIsImtpZCI6ImZ3MFc3aVpocUc0SUEzaXV4ZmhQIiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL2FwaS5mb3JkZWZpLmNvbS8iLCJzdWIiOiI2MDlmODVjMi00OWJmLTQwMzItOGM5Yy00NDMyZGEzMzE4MGVAZm9yZGVmaSIsImF1ZCI6WyJodHRwczovL2FwaS5mb3JkZWZpLmNvbS9hcGkvIl0sImV4cCI6MjAxNzI5MDg4NCwiaWF0IjoxNzAxOTMwODg0LCJqdGkiOiJlM2RmNDE0ZS03M2U3LTRkMWEtYmJjYy1iYThiZTE4NDhiOTMifQ.JodHRwczovL2FwaS5mb3JkZWZpLmNvbS8iLCJzdWIiOiI2MDlmODVjMi00OWJmLTQwMzItOGM5Yy00NDMyZGEzMzE4MGVAZm9yZGVmaSIsImF1ZCI6WyJ

All API requests must be made over HTTPS. Calls made over plain HTTP or without theAuthorization header will fail.


Further Authorization of Sensitive Operations

API requests for sensitive operations, such as transaction signing, require a second authorization (see: API Signer pairing).

Create an API user and token

To create an API user:

  1. In the Fordefi web console, click User Management in the side menu.
  2. Click Add Users and navigate to the API User tab.
  3. Enter a name and click Add.
  4. Copy the access token that is generated for the user and click Done.


The access token will disappear once you click Done.