waves_logo Docs
  • Node Owner Guide
    Node Owner Guide
  • Install Waves Node
    • Deploy Node in Docker
      Deploy Node in Docker
    • Install Node on Ubuntu
      Install Node on Ubuntu
    • Install Node on macOS
      Install Node on macOS
    • Install Node on Windows
      Install Node on Windows
    • Install from Source (Building SBT)
      Install from Source (Building SBT)
    Install Waves Node
  • Synchronize Waves Blockchain
    • Import/Export Blockchain
      Import/Export Blockchain
    • Download the Latest Blockchain
      Download the Latest Blockchain
    • Rollback Waves Node
      Rollback Waves Node
    Synchronize Waves Blockchain
  • Generate Blocks
    Generate Blocks
  • Upgrade Waves Node
    Upgrade Waves Node
  • Node Configuration
    Node Configuration
  • Logging Configuration
    Logging Configuration
  • Node Wallet
    Node Wallet
  • Features
    • Activation protocol
      Activation protocol
    Features
  • Custom Blockchain
    Custom Blockchain
  • Node REST API
    • API Key
      API Key
    • Working with Transactions
      Working with Transactions
    • Numeric Fields Format
      Numeric Fields Format
    • Pagination
      Pagination
    • CORS
      CORS
    • API Limitations of Pool of Public Nodes
      API Limitations of Pool of Public Nodes
    • Slow Requests
      Slow Requests
    • Response Codes and Errors
      Response Codes and Errors
    Node REST API
  • Extensions
    • gRPC Server
      gRPC Server
    • Blockchain Updates
      Blockchain Updates
    Extensions
  • Troubleshooting
    • Block Generation FAQ
      Block Generation FAQ
    Troubleshooting
  • Node Go
    Node Go
      • English
      • Русский
      On this page
        • Set API Key
        • API Key for Private Methods
      waves_logo Docs

          # API Key

          Node API private methods (for example, signing transactions by the node or exporting seed) are designed to be used only by the node owner and require API key to be provided in HTTP request. Node owner can set API key and other parameters in the REST API Settings section of the node configuration file. You can only use public API methods of a node if you are not the owner of the node.

          Your node API key is very important just like the seed phrase and the wallet password.

          Note: The API key is transmitted in the HTTP header as unprotected plain text. An attacker can intercept your network transit and use it to steal your assets! It is highly important to protect the transmission using HTTPS or SSH port forwarding.

          # Set API Key

          To set the API key, specify its hash in the node configuration file.

          1. Create unique string value that you will use as API key.

          2. Go to Swagger web interface.

          3. Open the /utils/hash/secure API method and input your unique string in the message field.

          4. Click Execute to get the hashed API key.

          5. Specify the hash of API key as the value of the api-key-hash parameter in your node configuration file.

          6. Restart your node.

          # API Key for Private Methods

          Private API endpoints are marked with 🔒 icon in Swagger Web Interface. Private API endpoints require original API Key (not the the hashed value) provided in the X-Api-Key header of the HTTP request.

          Example of calling a private endpoint for signing a transaction:

          curl -X POST --header 'X-API-Key: YOUR UNIQUE API KEY' --header 'Content-Type: application/json' --header 'Accept: application/json' 
          -d '{ \
          "amount": 5800000000, \
          "fee": 100000, \
          "type": 4, \
          "version": 1, \
          "attachment": "", \
          "sender": "3P3pUKEAKxegWr3PZkGYNq1mzQQaQ5zxZbw", \
          "feeAssetId": null, \
          "assetId": null, \
          "recipient": "3P9p39MwZ5JjwdBSYEWC6XYri4jpovzcAbs", \
          "feeAsset": null, \
          "timestamp": 1568020044350 \
          }' 'http://nodes.wavesnodes.com/transactions/sign'
          

          With Node API you can sign transactions only on behalf of accounts stored in the node wallet. If you want to sign your or another user's transaction, but the node is not yours, use client libraries (see examples in the How to Create Transaction and Send It to Blockchain article).

          Node REST API
          Working with Transactions
          Node REST API
          Working with Transactions