Server-side Keys - Crossmint Docs

Developer Console

Developer Blog

Introduction

Wallets

Introduction
Custodial Wallets
Smart Wallets
Advanced Topics

Minting Tools

Introduction
Quickstart ⚡
Guides
Advanced Topics

Verifiable Credentials

Introduction
Quickstart ⚡
Guides
Advanced Topics

NFT Checkout

Introduction
No-Code Storefront
Pay Button
Embedded Checkout
Headless Checkout
Creating or Importing NFT Collections
Advanced Topics

Server-side API keys must be stored securely!

Enable only the scopes you need, and no more, and do NOT expose your keys on the frontend of your app, or your github code repository.

Create a Server-side Key

Navigate to the API Keys section of the developer console and click the “Create new key” button in the server-side keys section.

create server-side API key in Crossmint developer console

Select Scopes

Within the modal that opens, toggle the required scopes on and click the “Create server key” button at the bottom. You may need to expand an accordion for the product area you’re working on to expose additional scope options.

You can determine the scopes you need by visiting the API reference page for the API(s) you need to interact with.

API Scopes

Complete list of available API scopes

API Reference

Detailed docs for all API endpoints

Using a Server-side Key

With an API key provisioned and the appropriate scopes you’re ready to use the key. When making API reqeusts, pass a header named X-API-KEY that includes your API key value.

If you’re using the API Playground you can add your API key in the Authorization section and this will set it as a header when making the request.

When calling the APIs from server-side code, you set the X-API-KEY header however the target language or library expects it. See some examples below:

All of the API routes in the API Reference include code examples for many popular programming languages.

Scopes Client-side Keys

On this page

Create a Server-side Key
Select Scopes
Using a Server-side Key