Barion Wallet Authentication

From Barion Documentation
Jump to navigation Jump to search

What is wallet authentication?

Some API endpoints can only be reached using wallet-level authentication (for a full list see List of Barion API endpoints). This is achieved through the usage of API keys tied to each wallet.

This feature is only available to business accounts.

Using API keys

To use an endpoint which requires wallet-level authentication, simply send your API key in the x-api-key header of your request.

You can directly use values copied from the secure site's access page.

Managing API keys

The management interface of wallet-level API keys can be found on the Barion secure site under the Wallet -> Access menu item.

The wallet key management page with only one active API key

You can view your currently active API key or place it onto the clipboard via clicking the icons on the right side of the screen.

Rotating keys

In case a key's secrecy is compromised it is important to change it to avoid unauthorized parties from using Barion in your name.

You can add a new API key to your wallet by clicking the "rotate" icon to the right of the key. This does not deactivate the old API key, it just adds a new one. After changing all usages of the old key to the new one, the old one can be safely deleted.

The wallet key management page with two active API keys

As there can only be at most two active API keys tied to a wallet at all times, it is not possible to rotate one of two active keys. You'll have to delete one of them to start rotating the other one.