Prerequisites

You have been assigned the user role of a Operator, Manager, or Admin in Cobo Portal.

Steps

Register an API key on Cobo Portal

It is recommended to use permanent API key, set up the IP whitelist and configure the callback endpoint as described in the following steps.

  1. Log in to Cobo Portal.

  2. Click the Developer icon the Developer icon in the main menu.

  3. Click the WaaS 2.0 tab and then switch to the API Keys tab.

  4. Click Register API Key to display the Register API key dialog.

  5. Enter the API key name (maximum 30 characters).

  6. Enter the API key and select its cryptographic algorithm. The API key is the public key in the cryptographic key pair, and must be 64 characters long, containing only numbers 0 to 9 and alphabets A to F. To learn how to generate an API key using the Ed25519 algorithm, see Generate an API key and an API secret.

  7. In the Role & Wallet Scope section, click Set Wallet Scope for User Role to set user roles for this API key and the wallet scope that the API key can access.

  8. Select user roles and wallet scope from the corresponding dropdown lists.

    You can click For Each Role to select different wallet scope for each user role.

    The API key will obtain the permissions listed under the user roles you select and have access to the selected wallets. Assign the wallet scope carefully, and avoid selecting any type wallet.

    Click Confirm to complete the configuration.

  9. Select the callback endpoint this API key uses, or register a new one. The selected callback endpoint will receive messages triggered by the API key. For more information, see Register a callback endpoint.

  10. Select the key type.

    • Permanent: To use this key type, you need to specify a static IP address as the address from which you send the API request.
    • Temporary: A temporary key expires in 30 days. This option is suitable if you do not have a static IP address ready.

  11. If you register a permanent API key, enter the whitelisted IP addresses (if there are multiple, separate them with commas).

    Temporary key cannot set up the IP whitelist.

  12. Click Register.

  13. If you register a temporary API key, click Create in the dialog.

  14. In the Security Verification dialog, verify your identity using multi-factor authentication (MFA).

Once identity verification is successful, your API key registration request is submitted.

Approve the request on Cobo Guard

According to your organization’s governance policies settings, this request may require approval from a specific number of organization admins in Cobo Guard. You can view the approval rules for registering an API key by clicking the profile icon at the bottom left > Organization > Governance Policies > Developers.

Admins need to open Cobo Guard, find the notification corresponding to the request, and tap Approve.

Once approved, the API key registration is successful, and you will see the API key status change to Active.

Next steps

After registering an API key, you can:

  • Edit the API key’s name or related callback endpoint.
  • Revoke the key to disable all future API access associated with it.
  • Filter the API key list, for example, by status or type. API Key status includes:
    • Active: The API key is active and work normally.
    • Revoked: The API key has been revoked and cannot be used to access the WaaS 2.0 service.
    • Pending Approval (Create): The operation of creating the API key has not been approved.
    • Pending Approval (Revoke): The operation of revoking the API key has not been approved.
    • Pending Approval (Update): The operation of updating the API key has not been approved.
  • Search for specific API keys using names or keywords.
Feel free to share your feedback to improve our documentation!