This feature is exclusively available on paid plans (Developer, Scale, and Startup).
Upgrade your plan to access these security settings.
API key security settings provide essential protection mechanisms for your API access. By configuring these security measures, you can:
Implementing these security settings helps prevent unauthorized usage, protect against potential attacks, and ensure your API keys are only used as intended.
IP whitelisting is a crucial security measure that restricts API access to specific IP addresses. This ensures that only requests from trusted locations can use your API key.
Navigate to the settings section where you can manage your API key’s security configurations.
Select the specific API key you want to configure security settings for. Each API key can have its own unique security configuration.
Initiate the process of adding a new IP address to your whitelist. This opens the form where you can specify the trusted IP.
Specify the IP address you want to whitelist. This can be your server’s IP, office IP, or any other trusted location. After adding, only requests from these IPs will be allowed.
Domain whitelisting enables cross-origin resource sharing (CORS) for specific domains, allowing your web applications to interact with the API securely.
Access the domain whitelisting section to manage which websites can make requests using your API key.
Start the process of adding a new domain to your whitelist. This ensures your web applications can communicate with the API.
Add the domain of your web application (e.g., https://etherspot.io). Only requests from whitelisted domains will be allowed to interact with the API.
Note: It has to be exaclty the same (with the https://)
Address whitelisting adds an extra layer of security by controlling which blockchain addresses can perform sensitive operations.
Access the address whitelisting section to manage which blockchain addresses can perform specific operations.
This whitelisting applies to the following RPC methods:
Specify the blockchain address you want to whitelist. Only transactions and operations from these addresses will be processed, providing granular control over who can use specific RPC methods.