These docs are for v2.0. Click to read the latest docs for v3.0.

How to authenticate

This guide explains how to retrieve the bearer token required to run API calls.

Call the following endpoint with the required body parameters to get your access_token (bearer token).

Request Endpoint:

Sandbox Environment (Runs on testnet chains and used for trying out or testing purposes)

POST https://login-sandbox.venly.io/auth/realms/Arkane/protocol/openid-connect/token

Production Environment (Runs on mainnet chains and used for real API calls)

POST https://login.venly.io/auth/realms/Arkane/protocol/openid-connect/token

🚧

There are two types of access credentials:

  • Sandbox Credentials (For the sandbox environment)
  • Production Credentials (For the production environment)

You can switch between the access credentials from the Portal by hitting the toggle button.

Request Body:

NameTypeDescription
grant_typestringThis will be client_credentials
client_idstringClient ID provided to you by Developer Portal.
client_secretstringClient Secret provided to you by Developer Portal.

Requesting Bearer Token via Postman

Request:

Example of requesting Bearer Token via Postman

Example of requesting Bearer Token via Postman

Response Body:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmQi1UenBOb0hBVGhwT2J4aW9qTDBrdm83MldmRzRXRXh1eFpiaXlGQUhzIn0.eyJleHAiOjE2OTU5ODg0OTksImlhdCI6MTY5NTk4ODEzOSwianRpIjoiMWZlMDk0YjUtZWZkYy00Yjk1LWEzMWYtMzQxM2E4MjcwMzFlIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi1zdGFnaW5nLmFya2FuZS5uZXR3b3JrL2F1dGgvcmVhbG1zL0Fya2FuZSIsImF1ZCI6WyJyZWFsbS1tYW5hZ2VtZW50IiwiTkZULUFQSSIsIkFya2FuZUNvbm5lY3QiXSwic3ViIjoiMDQ0Y2VhNDEtY2IyNy00OGUzLTliZDAtM2E3OWRmMGZhMTNiIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiZHJpbGEtY2Fwc3VsZSIsInNlc3Npb25fc3RhdGUiOiJmYjhhYzgxMi0yODVjLTQ3NDctYTIzNi1jYzAxODM1MjY4ZjIiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHBzOi8vYXBpLXN0YWdpbmcudmVubHkubWFya2V0IiwiaHR0cHM6Ly9hcGktd2FsbGV0LXN0YWdpbmcudmVubHkuaW8iLCJodHRwczovL2FwaS1idXNpbmVzcy1zdGFnaW5nLnZlbmx5LmlvIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJDb25uZWN0IGFkbWluIiwiTkZULUFQSSJdfSwicmVzb3VyY2VfYWNjZXNzIjp7InJlYWxtLW1hbmFnZW1lbnQiOnsicm9sZXMiOlsicXVlcnktY2xpZW50cyIsInF1ZXJ5LWdyb3VwcyJdfSwiTkZULUFQSSI6eyJyb2xlcyI6WyJtYW5hZ2U6dG9rZW5zIiwidmlldzppdGVtcyIsIm1hbmFnZTp0b2tlbi10eXBlcyIsIm1hbmFnZTpjb250cmFjdHMiLCJtaW50OnRva2VucyIsInVwbG9hZDptZWRpYSIsInZpZXc6ZW52aXJvbm1lbnRzIiwiY3JlYXRlOm1pbnRlci13YWxsZXQiLCJjcmVhdGU6Y29tcGFueS1taW50ZXItd2FsbGV0IiwibWFuYWdlOm1pbnRlci13YWxsZXQiLCJtYW5hZ2U6YXBwcyJdfSwiQXJrYW5lQ29ubmVjdCI6eyJyb2xlcyI6WyJldmljdDpjb25uZWN0LWNhY2hlIl19fSwic2NvcGUiOiJ2aWV3OndhbGxldHMgd2hpdGVsYWJlbCBleHBvcnQ6d2FsbGV0cyBlbWFpbCB2aWV3OndhbGxldC1hbmFseXRpY3Mgc2F2ZTpzaWduYXR1cmUgdXNlOmFsbC13YWxsZXRzIHNpZ246d2FsbGV0cyB2aWV3OnByb2ZpbGUgdmlldzphcmNoaXZlZC13YWxsZXRzIHNhdmU6dHJhbnNhY3Rpb24gcHJvZmlsZSIsImNvbXBhbmllcyI6W3siaWQiOiIxNzhkYzM4Zi1mM2VjLTQyMWQtYWY3Mi0wZDE3MjRjNTZkOWUiLCJuYW1lIjoiRHJpbG9uIn1dLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoiZHJpbGEtY2Fwc3VsZSIsImNsaWVudEhvc3QiOiIzOS41OS4xMy44MiIsIm5pY2tuYW1lIjoiQ29uanVyaW5nUXVldHphbCIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1kcmlsYS1jYXBzdWxlIiwiY2xpZW50QWRkcmVzcyI6IjM5LjU5LjEzLjgyIn0.Yy7m4wbK7OdUgNuS55OFMj-0dVBN57gw1n7yQ9fYxXYfOJy80fnuFzCD8gMoLWUEdpGGb9WmhVj8tpYGkn18MoA5RUT5AgbcLYF7CCCJKupJu9blfCGsusAcvqd8z295ps8ZT6DWfrdJcYrMmrrZqYrRMngMJJdHc6uGCEAXfaWuC3dO1ykT-QSvtMqi7VNXV_UJ63EfrLfnvHEUKQWu1s-HyU_JYDPEtF4qRN2_RxfqjcJfm1sQUvrBZJFLdTu4CXJSpsRL6N04cCeoA4RM3kM6GlxNQIcYV9laIx5Ct6HANHUf-XXUU_-AAMEKT4B2f9l1e8LtFkva9BevaXXB5A",
    "expires_in": 360,
    "refresh_expires_in": 3456000,
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlOTVlMDc2NC1lZmVkLTQyMmEtYmU0Mi1iZTcwYmY1Nzg2NDYifQ.eyJleHAiOjE2OTk0NDQxMzksImlhdCI6MTY5NTk4ODEzOSwianRpIjoiMjk3YTFmYmYtODVjZS00ZmZjLWJiNWQtNTJlNWYwZDk2YmRmIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi1zdGFnaW5nLmFya2FuZS5uZXR3b3JrL2F1dGgvcmVhbG1zL0Fya2FuZSIsImF1ZCI6Imh0dHBzOi8vbG9naW4tc3RhZ2luZy5hcmthbmUubmV0d29yay9hdXRoL3JlYWxtcy9BcmthbmUiLCJzdWIiOiIwNDRjZWE0MS1jYjI3LTQ4ZTMtOWJkMC0zYTc5ZGYwZmExM2IiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoiZHJpbGEtY2Fwc3VsZSIsInNlc3Npb25fc3RhdGUiOiJmYjhhYzgxMi0yODVjLTQ3NDctYTIzNi1jYzAxODM1MjY4ZjIiLCJzY29wZSI6InZpZXc6d2FsbGV0cyB3aGl0ZWxhYmVsIGV4cG9ydDp3YWxsZXRzIGVtYWlsIHZpZXc6d2FsbGV0LWFuYWx5dGljcyBzYXZlOnNpZ25hdHVyZSB1c2U6YWxsLXdhbGxldHMgc2lnbjp3YWxsZXRzIHZpZXc6cHJvZmlsZSB2aWV3OmFyY2hpdmVkLXdhbGxldHMgc2F2ZTp0cmFuc2FjdGlvbiBwcm9maWxlIn0.D1ceJfK3eSVoanPAIYBEhqGPgCOEhmVltKAu4kz4Q_o",
    "token_type": "bearer",
    "not-before-policy": 1572970662,
    "session_state": "fb8ac812-285c-4747-a236-cc01835268f2",
    "scope": "view:wallets whitelabel export:wallets email view:wallet-analytics save:signature use:all-wallets sign:wallets view:profile view:archived-wallets save:transaction profile"
}
ParametertypeDescriptionExample
access_tokenstringAccess token that allows access to the resource'eyJhbGciOiJSUzI1NiIsInR5cCI....'
expires_innumberHow long the access_token is valid in seconds.360
refresh_expires_instringHow long the refresh_token is valid3456000
token_typestringThe type for the token, will be "bearer"'bearer'
scopestringThe scopes for this tokenview:wallets whitelabel export:wallets

🚧

In the response a refresh_token is also provided. This is however deprecated, and will be removed in future releases. Do not use the refresh token to receive a new access_token.

Refreshing your Bearer token

The access token is valid for 6 minutes. After 6 minutes, you will need to request a new access token. This can be done by performing the same call as above.

Using the Bearer token in the API-calls

In the result of the previous call, an access_token is returned. This access_token needs to be passed with every API call that you do (as a Bearer token in the authorization header).

To run API calls on our documentation tool, you can enter the access_token as shown below to authenticate calls:

Entering Bearer Token to Authenticate API Calls

Entering Bearer Token to Authenticate API Calls