All requests to Diamond Network APIs must be authenticated with a public or private API key. You can use the same credentials to access all current and future APIs, provided the product is available to your account.

Using API keys

When using the REST API, pass your API key as header X-API-KEY. For the Browser SDK initialise using your public API key.

Rate Limits

When using the public API key, requests are rate limited per-IP, allowing 60 requests every 15 minutes. This quota is shared across all Diamond Network APIs and apps.

Requests using the secret API key are rate limited per-app, allowing 900 requests every 15 minutes. This quota is not shared, and only applies to your app, however it cannot be used from the frontend.

When exceeding your rate limit you'll receive HTTP Error 429 Too Many Requests. You can monitor the remaining request quota and rate limit reset with the RateLimit-Remaining and RateLimit-Reset headers returned in every request.

If you're frequently hitting the rate limit please contact us to increase your limits.

Cross Domain Apps

Cross domain apps are not currently supported, each app can only be accessed from a single domain (or subdomain). Please create a new app for each domain if you wish to use our APIs across multiple domains.