API v1 Authentication

The TokenEx authorization model consists of two key elements: your API authentication parameters and your vault's IP whitelist.

API Authentication Parameters

For every call to the TokenEx API, you will provide your TokenEx ID and API key. You can think of this as a username and password. The API key governs the functions in the API to which you have access. This provides for very granular access controls and supports a "segregation of duties" approach.

For example, you may have a front-end web server in the DMZ that is responsible for collecting order information and creating tokens. You may also have another server in an internal network segment that calls the Detokenize function to facilitate order processing. You could issue separate API keys for Tokenize and Detokenize so that the server in the DMZ does not have access to the Detokenize function.

ParameterTypeDescription
APIKeystringControls your access to individual functions in the API
TokenExIDstringYour vault identifier

IP Whitelist

In addition to the API Authentication Parameters described in the previous section, TokenEx also employs IP whitelisting for each TokenEx ID. Your whitelist can be maintained via the Customer Portal.

The IP Whitelist is based on CIDR notation. For further information refer to the following link: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing