API v1 Authentication
The TokenEx authorization model consists of two key elements: your API authentication parameters and your vault's IP whitelist.
API Authentication Parameters
For every call to the TokenEx API, you will provide your TokenEx ID and API key. You can think of this as a username and password. The API key governs the functions in the API to which you have access. This provides for very granular access controls and supports a "segregation of duties" approach.
For example, you may have a front-end web server in the DMZ that is responsible for collecting order information and creating tokens. You may also have another server in an internal network segment that calls the Detokenize function to facilitate order processing. You could issue separate API keys for Tokenize and Detokenize so that the server in the DMZ does not have access to the Detokenize function.
| Parameter | Type | Description |
|---|---|---|
| APIKey | string | Controls your access to individual functions in the API |
| TokenExID | string | Your vault identifier |
IP Whitelist
In addition to the API Authentication Parameters described in the previous section, TokenEx also employs IP whitelisting for each TokenEx ID. Your whitelist can be maintained via the Customer Portal.
The IP Whitelist is based on CIDR notation. For further information refer to the following link: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
Updated about 2 years ago