Managing API Keys
Limit the actions that can be done via our API by setting up and using API keys for your projects
We use a key-based authentication system with our API to allow or deny access to certain features.
On the Manage API Keys page, you can create new keys, set up their permissions/expiration, and limit their IP access.
There is no limit to the number of API keys you can create in NFT-MAKER PRO.
Note - NEVER share your API Keys ANYWHERE
This is particularly important if you intend to make API calls based on actions on your website, please see our Security Practises for more details.

Create API Key

The first thing you need to do, is create your API Keys, this is a very simple process. Start by navigating to the 'Manage API Keys' Section.
Step 1 - Navigate
Next, select 'Create new Apikey'
Step 2 - Start the creation workflow

Initial Settings

We should now see a new screen which allows us to perform the initial set up of our API Keys.
The main thing to ensure at this stage is that you activate/deactivate the features you intent to use with this specific Key, as these features will not be editable later.
Note - You can make as create and delete as many Keys as you like, with different features on each, it's simply more convenient to consider the features you need ahead of time so that you don't need to repeat this process.
This is important if you have multiple people in your organisation, for whom you do not wish to all have the same rights to features. For example, you may want to be the ONLY person who can use the API to make Payouts, but for others to be able to upload NFT's. In this case, multiple Keys makes sense.
Also note the expiry date is within a reasonable timeframe (the default is probably good enough). Once you are happy, select 'Create Apikey'.
Step 3 - Set the settings

Note the Key

Once created, you get one chance to make a note of the API Key. This is the most important part, so make a note of this and keep it very safe.
Note - Anyone who has this API key can use the active features - DO NOT SHARE IT
Step 4 - Make a note

Editing Settings

You now have your API Key and will be returned to the manage API section. In here you will see these 4 options next to each of your keys. Selecting the pencil icon will allow you to change the name and expiry date of your API Key, selecting the bin will allow you to delete it.
Step 5 - Making changes

Restrict by IP

Following on from above, selecting the alarm clock icon will allow you to further lock down who can use the API Key, based on their IP address. This menu allows you to manage this via combinations of Allow/Deny Rules.
Note - the default is set to 'Allow all' which will be sufficient if you ensure that your API Key is kept safe.
If you ever have reason to believe your API Key is compromised, we would recommend deleting it as mentioned above and generating a new one.
Step 6 - Additional Controls
For now, you can find our API documentation here.