Most API endpoints require authentication with a Client ID and Secret. Each Client ID has a specific set of allowed scopes (Permissions) to access API endpoints. Scopes allowed on an API client may be updated at any time in the Dashboard Admin > API Management section.
Contact your Entity Manager if you need permissions to manage API credentials.
When setting scopes, Paxos recommends following the principle of least privilege and only allow scopes required by a specific application. Scopes for each endpoint are listed in the Authorizations section in the API Reference docs. The Market Data and most Pricing endpoints do not require authorization. Once the credentials are activated, most users find success using one of the libraries on the OAuth2 website for authentication.
To add or modify API Credentials, you’ll need a Developer or other role with appropriate permissions. Contact your Entity Manager for help.

Add API Credentials

  1. Log in to your Dashboard account and go to API Management.
  2. Click API Credentials.
  3. Create a Label for your API credentials.
  4. Select the Scopes for your Client ID. For example, the following scopes (space delimited) should be adequate to mint, redeem and convert Paxos-issued stablecoins:
conversion:read_conversion_stablecoin
conversion:write_conversion_stablecoin
funding:read_profile
funding:write_profile
transfer:read_deposit_address
transfer:read_transfer
transfer:read_fiat_account
transfer:read_fiat_deposit_instructions
transfer:write_internal_transfer
transfer:write_crypto_withdrawal
transfer:write_deposit_address
transfer:write_fiat_account
transfer:write_fiat_deposit_instructions
transfer:write_fiat_withdrawal
  1. Optional: Add Allowable IP addresses. If you have a single IP address, you can configure a CIDR entry to specify a single IP with 32 fixed bits by appending /32 to the address. For example, using 000.000.0.000/32 will allow only the IP address 000.000.0.000.
  2. Optional: Enable Request Signing.
  3. Click Create Credentials.
  4. Copy the Client ID and Client Secret and store them in a safe place. The secret will not be displayed in the UI again, and it will have to be reset if forgotten.

Update or Delete Credentials

To make changes to an existing client, select it from API Credentials and click either Edit API Credentials or Delete API Credentials.