Skip to main content
Version: v0.9

API Key Authentication

In Cryptofuse API v0.9, all authentication is handled using API keys. Each request to the API must include your API key in the request header.

How to Use Your API Key

Include your API key in the X-API-Key header of all API requests:

GET /v0/payments
X-API-Key: your_api_key_here

API Key Lifecycle

Obtaining an API Key

To obtain an API key:

  1. Contact the Cryptofuse team at support@cryptofuse.io with your account information
  2. Once approved, you will receive your API key via email
  3. Store your API key securely - it will not be displayed again

Revoking an API Key

If you need to revoke an API key:

  1. Contact the Cryptofuse support team at support@cryptofuse.io
  2. Provide your account information and the reason for revocation
  3. Confirm you want to revoke the API key
  4. You'll be issued a new API key if needed

Security Best Practices

To ensure the security of your account and data:

  • Store your API key securely in environment variables or a secure key management system
  • Never expose your API key in client-side code or public repositories
  • Use HTTPS for all API requests
  • Immediately contact support if you suspect your API key has been compromised
  • Implement IP restrictions for additional security (contact support to set up)

Permissions

In the v0.9 API, all API keys have full access to all available endpoints. More granular permissions will be introduced in future versions.

Rate Limiting

API requests are rate-limited based on your API key. The current limits are:

  • 100 requests per minute
  • 1,000 requests per hour
  • 5,000 requests per day

If you exceed these limits, you'll receive a 429 Too Many Requests response. The response will include a Retry-After header indicating how many seconds to wait before making another request.

Error Responses

When using the v0.9 API, all endpoints will return an error indicating that the API version is deprecated:

HTTP/1.1 410 Gone
Content-Type: application/json

{
  "error": "deprecated_endpoint",
  "message": "This API endpoint is deprecated in v0.9 and no longer functional. Please use the v1.0 API endpoints instead.",
  "request_id": "req_v09_deprecated"
}

Important: The v0.9 API has been deprecated and all endpoints will return error responses. Please upgrade to the v1.0 API for current functionality.

Coming in v1.0

The v1.0 API introduces:

  • JWT token-based authentication
  • Token refresh mechanisms
  • Role-based access control
  • API keys with granular permissions
  • API key management via API endpoints

To continue using the Cryptofuse API, please upgrade to v1.0 which is now available.