API Keys & Authentication

Get the API keys you need to authenticate client requests and learn how to keep them safe.

What is an API Key?

API keys are unique data strings that we use to authenticate users and enable access to privileged operations on Circle’s APIs. All Circle APIs use API keys as the mechanism to authenticate client requests. Without it, requests will fail.

Keep Your API Keys Safe

Because our API keys allow access to privileged operations on Circle APIs, you should always keep them secure.
You should never share or record your API key in a publicly accessible medium (client-side code, public repositories, etc.).

🚧

Caution

If you lose secure control of your API keys, you may suffer financial loss.

API Key Authentication

Testnet (Test) authorization header example:

 authorization: Bearer TEST_API_KEY:ebb3ad72232624921abc4b162148bb84:019ef3358ef9cd6d08fc32csfe89a68d

Mainnet (Live) authorization header example:

 authorization: Bearer LIVE_API_KEY:ebb3ad72232624921abc4b162148bb84:019ef3358ef9cd6d08fc32csfe89a68d

Testing Authentication

To verify that your API key is correctly set up, run the command below, which causes your code to reach one of our read endpoints (in this case, the endpoint to retrieve all wallets).

curl --request GET \
     --url https://api.circle.com/v1/w3s/wallets \
     --header 'accept: application/json' \
     --header 'authorization: Bearer <API_KEY>'

Successful Response:

{
  "data": {
    "wallets": [ ]
  }
}

Error Response:

{
  "code": 401,
  "message": "Malformed authorization. Are the credentials properly encoded?"
}

Managing Your API keys

You can use your Circle Developer account to get access to and manage your API keys. When generating an API key, copy it exactly as displayed to avoid errors.