API Communication
Not familiar with the API user creation and authentication?
Visit the links below to understand how each process works:
Overview
API communication between the customer backend and the Fireblocks platform occurs over HTTP (REST). Authentication uses API users and JSON Web Tokens (JWTs) signed for each request.
Note: For end users accessing via the app with the Embedded Wallet SDK, authentication uses IDP tokens and pre-configured SSO OAuth, where the NCW Signer API user is configured.
API roles
The Fireblocks EW feature requires two API roles: EW Admin and EW Signer.
EW Admin
This role is used for administrative workspace operations, such as disable/enable a wallet.
EW Signer
This role is used for specific wallet operations, such as creating a transaction from a specific end user wallet.
There are two ways in which this API user is used:
- Implicitly, as part of the EW SDK using the OAuth pre-configured configuration.
- Explicitly, similar to the NCW Admin API user (using signed JWT)
Role permissions
The table below lists the different operations that can be executed by the EW Admin & EW Signer API users.
API User Role/ Operation | EW Admin | EW Signer |
---|---|---|
Create new EW Everywhere | β | β |
Create new account under a specific EW Everywhere | β | β |
Enable/Disable EW Everywhere | β | β |
Get deposit address information | β | β |
Create transaction from EW Everywhere | β | β |
Get transaction fee information | β | β |
Cancel transaction | β | β |
Decline transfer | β | β |
Enable/disable a signing device | β | β |
Invoke RPC (relayed from the EW Everywhere SDK) | β | β |
Add asset to an account under an EW Everywhere | β | β |
Get public key | β | β |
Delete algorithm | β | β |
Updated 4 months ago