Overview of TokenEx API v2

The TokenEx Web API accepts JSON payloads.

Host: test-api.tokenex.com/v2
Port: 443
Content Type: application/json

🚧

Attention!

All TokenEx API requests must utilize TLS 1.2 (HTTPS).

Authentication and Authorization

The TokenEx authorization model consists of two key elements: your API Authentication parameters (a combination of your TokenEx ID and Token Ex API Key) and the IP whitelist for the associated Vault or Vaultless Profile.

API Authentication

For every call to the TokenEx API, you will need to provide your TokenEx ID and API key. You can think of this as a username and password.

The TokenEx ID will identify which Vault tokens will be stored in or which Vaultless Profile tokens will be generated against.

The API key will determine which functions in the API you can access. This provides for very granular access controls and supports a "segregation of duties" approach.

For example, you may have a front-end web server in the DMZ that is responsible for collecting order information and creating tokens. You may also have another server in an internal network segment that calls the Detokenize function to facilitate order processing. You could issue separate API keys for Tokenize and Detokenize so that the server in the DMZ does not have access to the Detokenize function.

📘

How to do it.

The TokenEx ID and API key will be supplied in your HTTP request as header values.

IP Whitelist

In addition to the API Authentication Parameters described in the previous section, TokenEx also employs IP whitelisting for each TokenEx ID. Your whitelist can be maintained via the Customer Portal.

The IP Whitelist is based on CIDR notation. For further information refer to the following link: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing

📘

API Documentation

Click here for the TokenEx API v2 API documentation.