🛡️Authentication

How to get credentials and authenticate with the Diamond Network APIs

All requests to Diamond Network APIs must be authenticated with a public or private API key. You can use the same credentials to access all current and future APIs, provided the product is available to your account.

Register a free app on the dashboard to get your credentials

FormatTypeUsage

pk_XXXXXX

Public

For frontend use with the Verify Browser SDK or Verification API

sk_XXXXXX

Secret

Backend use to create & manage Unlockables or use the Verification API

Using API keys

When using the REST API, pass your API key as header X-API-KEY. For the Browser SDK initialise using your public API key.

Never reveal your secret API key on the frontend!

Rate Limits

When using the public API key, requests are rate limited per-IP, allowing 60 requests every 15 minutes. This quota is shared across all Diamond Network APIs and apps.

Requests using the secret API key are rate limited per-app, allowing 900 requests every 15 minutes. This quota is not shared, and only applies to your app, however it cannot be used from the frontend.

When exceeding your rate limit you'll receive HTTP Error 429 Too Many Requests. You can monitor the remaining request quota and rate limit reset with the RateLimit-Remaining and RateLimit-Reset headers returned in every request.

If you're frequently hitting the rate limit please contact us to increase your limits.

Cross Domain Apps

Cross domain apps are not currently supported, each app can only be accessed from a single domain (or subdomain). Please create a new app for each domain if you wish to use our APIs across multiple domains.

Last updated