• English
  • Русский

# API Key

Node API private methods (for example, signing transactions by the node or exporting seed) are designed to be used only by the node owner and require API key to be provided in HTTP request. Node owner can set API key and other parameters in the REST API Settings section of the node configuration file. You can only use public API methods of a node if you are not the owner of the node.

Your node API key is very important just like the seed phrase and the wallet password.

Note: The API key is transmitted in the HTTP header as unprotected plain text. An attacker can intercept your network transit and use it to steal your assets! It is highly important to protect the transmission using HTTPS or SSH port forwarding.

# Set API Key

To set the API key, specify its hash in the node configuration file.

  1. Create unique string value that you will use as API key.

  2. Go to Swagger web interface.

  3. Open the /utils/hash/secure API method and input your unique string in the message field.

  4. Click Execute to get the hashed API key.

  5. Specify the hash of API key as the value of the api-key-hash parameter in your node configuration file.

  6. Restart your node.

# API Key for Private Methods

Private API endpoints are marked with 🔒 icon in Swagger Web Interface. Private API endpoints require original API Key (not the the hashed value) provided in the X-Api-Key header of the HTTP request.

Example of calling a private endpoint for signing a transaction:

curl -X POST --header 'X-API-Key: YOUR UNIQUE API KEY' --header 'Content-Type: application/json' --header 'Accept: application/json' 
-d '{ \
"amount": 5800000000, \
"fee": 100000, \
"type": 4, \
"version": 1, \
"attachment": "", \
"sender": "3P3pUKEAKxegWr3PZkGYNq1mzQQaQ5zxZbw", \
"feeAssetId": null, \
"assetId": null, \
"recipient": "3P9p39MwZ5JjwdBSYEWC6XYri4jpovzcAbs", \
"feeAsset": null, \
"timestamp": 1568020044350 \
}' 'http://nodes.wavesnodes.com/transactions/sign'

With Node API you can sign transactions only on behalf of accounts stored in the node wallet. If you want to sign your or another user's transaction, but the node is not yours, use client libraries (see examples in the How to Create Transaction and Send It to Blockchain article).

Node REST API
Working with Transactions