Authentication

How to authenticate your BuyCoins API requests

To authenticate API requests, you need to generate your keys by going to the API Settings screen on BuyCoins.
Two keys will be generated:
Public Key: Think of this as a username. It's how BuyCoins knows which user is attempting to make a request.
Secret Key: Think of this as a password. BuyCoins never stores your Secret Key, we only generate it and display it you ONCE. Copy & keep your secret key in a secure place (e.g Environment Variables).
To authenticate your GraphQL request, you need to use Basic Authentication with the Public Key as username and the Secret Key as password.
Basic Authentication Primer
username (Public Key) and password (Secret Key) are concatenated into a single string: username:password
This string is encoded with Base64
The Basic keyword is put before this encoded value and shall result in something like this: Basic am9objpzZWNyZXQ=
The entire string should be added to the header of the request with the key Authorization
curl --header "Authorization: Basic am9objpzZWNyZXQ=" my-website.com
How to Authenticate with GraphQL
Most GraphQL client libraries have some way to add headers to all your requests. Here's a JavaScript example with Apollo Boost​
const ApolloClient = require('apollo-boost').default;
​
const authValue = 'Basic ' + Buffer.from(process.env.BUYCOINS_PUBLIC_KEY + ':' + process.env.BUYCOINS_SECRET_KEY).toString('base64');
const client = new ApolloClient({
    uri: process.env.BUYCOINS_GRAPHQL_API,
    fetch: fetch,
    headers: {
        authorization: authValue
    }
})

GraphQL Basics - Previous

GraphQL: Endpoints & Schema

Next - GraphQL Basics

Global Object Identification

Last updated 2 years ago