Keeping API Keys Secure
If you suspect or are sure that your auth API Keys have been compromised or exposed, you can regenerate or expire them.
Regenerate or Expire an API Key
-
Log in to the Tatum Dashboard.
-
Navigate to the [API Keys] section.
-
Find the auth API Key(s) you have issues with.
-
Click the [...] Menu.
-
Click Regenerate or Expire key:
- Regenerate key: This will replace the auth API Key with a new one. You will need to update the key anywhere it's used.
- Expire key: This will remove the key from the active section. Virtual Accounts and Notifications are bound to each API Key; they will stop working.
When regenerating the auth API Key, keep special attention to KMS since it requires a 1:1 match with the auth API Key that broadcasts transactions for signature.
Stop a Key from working
-
Log in to the Tatum Dashboard.
-
Navigate to the [API Keys] section.
-
Find the auth API Key(s) you have issues with.
-
Click the [...] Menu.
-
Click "Regenerate key"
-
Click "Regenerate key", again
-
You may also "Expire" the key so it does not appear as active
Disclaimer
The auth API Keys function as the primary means of authentication for requests made through both the REST API and the Tatum SDK. They facilitate access to sensitive data and critical functionalities within users' applications. Any compromise or breach of these keys may lead to unauthorized access, data breaches, and potential financial loss.
Users are advised that by utilizing our platform and its services, they accept full responsibility for the protection and security of their auth API Keys.
Users are strongly encouraged to exercise due diligence and vigilance in managing and securing their auth API Keys to ensure the continued security of their applications and data.
Tatum disclaims any liability or responsibility for any unauthorized access, data breaches, or financial loss resulting from the misuse or compromise of the auth API Keys.
Updated about 19 hours ago