Authentication
Use API keys to authenticate API requests.
At Blockchain.com, we prioritize the security and integrity of your interactions with our API. To facilitate this, we've implemented a two-tiered authentication system, tailored to different use cases.
By understanding and implementing the correct authentication type for your requirements, you can ensure secure and optimized interactions with our services.
Generating API Keys
See our Integration Guide for how to generate your API Keys.
Public Authentication
Public authentication is primarily used for endpoints consumed directly in your clients' browsers. It's designed to allow for general access without compromising sensitive data or operations.
Header Requirement:
X-Public-API-Key
Usage: If your application is fetching non-sensitive data or services, and itβs being consumed in a client-facing environment like a browser, public authentication is suitable. For backend operations, consider the private authentication strategy.
Example
Private Authentication
Private authentication is meant for environments where you can securely store and distribute private API keys. This authentication method is robust and caters to sensitive operations or data fetching, allowing for higher rate limits and enhanced security.
Header Requirements:
X-Public-API-Key
X-Private-API-Key
Usage: When you're dealing with sensitive operations, or when your backend systems consume the API endpoints, private authentication is recommended. It provides more security and can handle a higher request volume
Always handle your private API keys with the utmost security. Ensure they are never exposed publicly, and avoid using this authentication method in client-side applications.
Example
Last updated