Your API key is required for every request made to access content for your App. It should be passed as the "X-Niftory-API-Key" header.
This key identifies your application. It can be used on its own for any operation you'd want anyone visiting your application to be able to perform without logging in, like querying NFTs.
The API Key alone cannot be used to query any user or sensitive app data or perform any mutations. For that, see Types of Authentication.
Get Your Keys
We're currently in Developer Preview - all development teams will need to be approved to access their Niftory Dashboard. Please reach out to [email protected]to get access.
Once you've been accepted - go to the Niftory Admin Portaland follow these steps:
1.
You should automatically be redirected to the Your App page. If not, click on your User Profile, and select App.
2.
Select a name for your contract and hit Deploy Smart Contract. Your smart contract will be created under a brand new blockchain address for your application. Once deployed, go to the next step.
3.
Add in a redirect URI for your login page. If you're using the sample app (which uses next-auth), the redirect URI looks like https://domain.com/api/auth/callback/niftory.
4.
Click Setup and Get Keys to get all of your secrets and start building. You're all set to go!
Niftory App Page
Follow some API Key best practices to use them securely. It's safe to use it in your frontend, but don't embed the API Key directly in code.
Consider adding them to your .env file in a NextJS app or wherever your front and back-end configuration files are held.
Next let's configure your app to start using the API Key and client credentials.