🛡️Authentication
How to get credentials and authenticate with the Diamond Network APIs
All requests to Diamond Network APIs must be authenticated with a public or private API key. You can use the same credentials to access all current and future APIs, provided the product is available to your account.
Register a free app on the dashboard to get your credentials
Format | Type | Usage |
---|---|---|
| Public | For frontend use with the Verify Browser SDK or Verification API |
| Secret | Backend use to create & manage Unlockables or use the Verification API |
Using API keys
When using the REST API, pass your API key as header X-API-KEY
. For the Browser SDK initialise using your public API key.
Never reveal your secret API key on the frontend!
Rate Limits
When using the public API key, requests are rate limited per-IP, allowing 60 requests every 15 minutes. This quota is shared across all Diamond Network APIs and apps.
Requests using the secret API key are rate limited per-app, allowing 900 requests every 15 minutes. This quota is not shared, and only applies to your app, however it cannot be used from the frontend.
When exceeding your rate limit you'll receive HTTP Error 429 Too Many Requests
. You can monitor the remaining request quota and rate limit reset with the RateLimit-Remaining
and RateLimit-Reset
headers returned in every request.
If you're frequently hitting the rate limit please contact us to increase your limits.
Cross Domain Apps
Cross domain apps are not currently supported, each app can only be accessed from a single domain (or subdomain). Please create a new app for each domain if you wish to use our APIs across multiple domains.
Last updated