Authentication Headers
Getting Your API Credentials
1
Log into Dashboard
Navigate to dashboard.xentfi.com and log in.
2
Go to API Keys
Click Settings → API Keys in the left sidebar.
3
Generate New Key
Click Generate New API Key, enter a name, and select environment.
4
Copy Credentials
Copy your
apiKey and appId. Store them securely - you won’t see the key again!Making Authenticated Requests
Include both headers in every API request:Authentication Response
Success (200)
When authentication succeeds, you receive the requested data.Failure (401)
When authentication fails:API Key Types
Sandbox Keys
- Use for development and testing
- Testnet networks only
- Higher rate limits
- No real funds required
Production Keys
- Use for live transactions
- Mainnet networks only
- Standard rate limits
- Real funds transfer
API Key Scopes
Security Best Practices
Key Rotation
When to Rotate
- Every 90 days (recommended)
- Team member departure
- Suspected compromise
- Security audit requirement
Rotation Process
Rotating via API
Key Revocation
If a key is compromised, revoke it immediately:Environment Setup
Development Environment (.env)
Production Environment
Troubleshooting
403 Forbidden - Insufficient scope
403 Forbidden - Insufficient scope
Solution: Your API key doesn’t have permission for this operation. Generate a key with required scopes.
Rate Limits by Key Type
Related Resources
- Rate Limits Guide - Detailed rate limit information
- Error Handling - Common authentication errors
- Security Overview - Security best practices

