Articles on: Account, APIs, Billing and Support

Managing API Keys

Managing and Using API Keys for Website Customization




This document explains how brands can create and configure API keys to customize their website experience, including displaying customer coin balances and securely updating wallet information.

Step 1: Navigate to the API Keys Section

Go to the Settings area of your dashboard, then click on API Keys to open the API key management page.

On this page, you will see any existing API keys, such as the default key used to display customer coin balances on specific website pages and widgets.


Step 2: Create a New API Key

To generate a new API key, click the plus (+) icon at the top of the API Keys page.


Give your API key a clear and descriptive name, and add a description that explains why you are generating this key. In the description, you can specify the intended use cases and any relevant details about how and where it will be used.

Step 3: Choose the API Key Type – Read-Only

Select the type of API key you want to configure. The first option is a Read-Only API key.

Use a Read-Only API key when you only need to display customer information such as coin balance, referral link, and similar data, without making any changes to the customer’s wallet or transactions.



A Read-Only API key is safe to expose on the frontend (e.g., in widgets or public pages), since it cannot modify any customer data.

Step 4: Choose the API Key Type – Read and Write

The second option is a Read and Write API key.



Use a Read and Write API key when you need to modify customer coin balances, such as:

  • Deducting coins from a customer’s wallet
  • Adding coins to a customer’s wallet


Select this type only when your use case requires updating balances or transaction data.

As per your use case, configure this API key and integrate it into the relevant backend systems or secure services.



For security reasons, do not expose Read and Write API keys on any frontend pages. If exposed, anyone could potentially use the key to change customer transaction data. Keep these keys strictly on the server side or in secure environments.

Step 5: Use Workspace ID with the API Key

When calling the APIs, brands must also pass the Workspace ID along with the API key.

To find your Workspace ID, click on the top-right corner of the dashboard (usually where your account or workspace name appears) and copy the Workspace ID shown there.

Step 6: Final Notes and Best Practices

Use Read-Only API keys wherever you only need to display customer information; they can be safely used on the frontend.

Use Read and Write API keys only in secure backend contexts where balance updates are required, and never expose them publicly.




Updated on: 22/12/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!