Blockchain.com Pay
  • πŸ’ΈWelcome to Blockchain.com Pay
  • πŸ“Getting Started
    • Ramps
    • Try our Widget
    • Integration Options
      • πŸ“±Mobile Integration
        • iOS Integration Options
        • Android Integration Guide
      • πŸ–₯️Web Integration
      • Brand Guidance
    • Testing your integration
    • Pre-Launch Checklist
    • Customise the Widget
      • Optional Customisation
    • Query parameter signing
  • πŸ“API
    • Partner API
      • Authentication
      • Eligibility
      • Quotes
      • Orders
      • Rate Limits
    • Webhooks
  • πŸ“Regions, payments and cryptos
    • Supported Regions
    • Supported Payment Methods
    • Supported Cryptocurrencies
  • πŸ“FAQs
Powered by GitBook
On this page
  • Generating API Keys
  • Public Authentication
  • Private Authentication
  1. API
  2. Partner API

Authentication

Use API keys to authenticate API requests.

Last updated 1 year ago

At Blockchain.com, we prioritize the security and integrity of your interactions with our API. To facilitate this, we've implemented a two-tiered authentication system, tailored to different use cases.

By understanding and implementing the correct authentication type for your requirements, you can ensure secure and optimized interactions with our services.

Generating API Keys

See our for how to generate your API Keys.

Public Authentication

Public authentication is primarily used for endpoints consumed directly in your clients' browsers. It's designed to allow for general access without compromising sensitive data or operations.

Header Requirement:

  • X-Public-API-Key

Usage: If your application is fetching non-sensitive data or services, and it’s being consumed in a client-facing environment like a browser, public authentication is suitable. For backend operations, consider the private authentication strategy.

Example

curl \
  -H "X-Public-API-Key: <yourPublicApiKey>" \
  https://api.blockchain.info/partner-gateway/partner-api/v1/currencies

Private Authentication

Private authentication is meant for environments where you can securely store and distribute private API keys. This authentication method is robust and caters to sensitive operations or data fetching, allowing for higher rate limits and enhanced security.

Header Requirements:

  • X-Public-API-Key

  • X-Private-API-Key

Usage: When you're dealing with sensitive operations, or when your backend systems consume the API endpoints, private authentication is recommended. It provides more security and can handle a higher request volume

Always handle your private API keys with the utmost security. Ensure they are never exposed publicly, and avoid using this authentication method in client-side applications.

Example

curl \
  -H "X-Public-API-Key: <yourPublicApiKey>" \
  -H "X-Private-API-Key: <yourPrivateApiKey>" \
  https://api.blockchain.info/partner-gateway/partner-api/v1/currencies
πŸ“
Public Authentication
Private Authentication
Integration Guide