New versions of the Qredo API and Signing Agent are now available! To get started, just contact us here.
Qredo Logo

Qredo API

Get started

A new version of the Qredo API is now available! Our dedicated team of crypto experts can get you started with Qredo’s Next Generation APIs in minutes — just contact us here.

You can also follow this video tutorial:

Overview

This guide explains how to start using the API and approving transactions.

Quick start

Step 1: Get the Workspace ID

First you need to take these steps in the Qredo Web App:

  1. Create a Qredo profile.

  2. Create a Workspace.

  3. Navigate to your Workspace and copy the Workspace ID from the URL:

    https://qredo.network/app/workspace/{workspaceID}
    

To generate an API key in the next step, you need to create a Workspace in the Qredo Web App. However, after you get your API key and meet other prerequisites, you'll be able to create new Workspaces programmatically. Learn more: Manage Workspaces

Step 2: Get an API key & secret

Then you need to generate an API key and secret:

  1. Navigate to Workspace settings.
  2. Click Create API key. If this option isn't visible to you, just contact us here.
  3. Select the Read/Write access.
  4. Click Create API key.
  5. Copy and save your API key and secret.

You won't be able to view your API secret after closing the last screen. Make sure to take a copy of it. Learn how to securely store your API secret and other sensitive data: Security best practices

Step 3: Get an auth token

Qredo API calls require an authentication token.

To get this token, call the Get a JWT authentication token endpoint with HMAC authentication based on your API secret.

You can do it in Postman:

  1. Create a collection and add the following collection variables:

    • apiKey and apiSecret: Specify your API key and secret obtained in Step 2.
    • workspaceID: Specify your Workspace ID obtained in Step 1.
  2. Create a GET request with the following URL:

    GET https://api-v2.qredo.network/api/v2/workspaces/{{workspaceID}}/token
    
  3. Paste the code below in the Pre-request Script tab under your request URL.

  4. Click Send to make the call.

Here is the script code:

// specify your API key and secret
// for production usage, please secure and retrieve your API secret through a key management solution 
let apiKey = pm.variables.get("apiKey")
let apiSecret = pm.variables.get("apiSecret")

// get the current timestamp
let timestamp = String(Math.floor(Date.now() / 1000))

// get the method and URL of the request
let method = pm.request.method
let url = pm.request.url.toString()
let resolvedUrl = pm.variables.replaceIn(url)

// create a message using the timestamp, method, and URL
let message = `${timestamp}${method}${resolvedUrl}`

// decode the API secret and use it to HMAC sign the message
let buff = Buffer.from(apiSecret, "base64")
let secret = buff.toString("ascii")
let hmac = CryptoJS.HmacSHA256(message, secret)

// create a signature: base64 encode the signed message
let sig = CryptoJS.enc.Base64.stringify(hmac)
    .replace(/\+/g, "-")
    .replace(/\//g, "_")
    .replace(/=+$/, "")

// add headers
pm.request.headers.add({key: "qredo-api-key", value: apiKey})
pm.request.headers.add({key: "qredo-api-timestamp", value: timestamp})
pm.request.headers.add({key: "qredo-api-signature", value: sig})

Alternatively, you can use our JavaScript example.

Step 4: Make your first API call

Now you can start making API calls. For example, you can get your Workspace information.

Call Get workspace information:

GET https://api-v2.qredo.network/api/v2/workspaces/{workspaceID}
  1. Query parameters: In the query, replace {workspaceID} with your Workspace ID from Prerequisites.
  2. Authentication: Pass the auth token as x-token in the request header..
  3. Result: Here is an example response for this endpoint:
{
    "color": "secondaryGreen",
    "features": {
        "apiRateLimit": 0,
        "approvalGroups": false,
        "connectedPlugins": [
            "sui",
            "celestia",
            "wc",
            "mmi"
        ],
        "enabledPowerSwaps": false,
        "exchanges": [
            "Ankex"
        ],
        "glass": false,
        "glassdoor": {
            "automatedWhitelisting": false
        },
        "requiredApprovers": false,
        "staking": true
    },
    "name": "my-workspace",
    "workspaceID": "2RnSf8MQKt3q5C3l7t1l7u0Vsih"
}

Start approving transactions

If you take additional steps, you'll be able to approve transactions programmatically (without the Signing App). For a quick start, we recommend approving with the Signing Agent.

Approve with the Signing Agent

The following guides explain how to register the Signing Agent, prepare your Workspace, and start creating and approving transactions:

  1. Signing Agent: Get started - see Steps 2–4.
    Start and register the Signing Agent (associate it with your API key).

  2. Add the API key to a Transaction Policy
    Add the API key to a Transaction Policy that is going to govern your Wallet. You can either create a new Policy or update an existing one.

  3. Create a Portfolio and Wallet
    Create a Portfolio and a Web3 Wallet, apply your Transaction Policy to the Wallet.

  4. Create an EVM transaction
    Initiate a transaction. The Signing Agent will automatically approve or reject it based on the rules you set.

Approve with the Qredo API

The following guides explain how to prepare your API key and Workspace and start creating approving transactions with the Qredo API:

  1. Register BLS & EC keys
    Generate BLS and EC keys and register them (associate them with your API key).

  2. Add the API key to a Transaction Policy
    Add the API key to a Transaction Policy that is going to govern your Wallet. You can either create a new Policy or update an existing one.

  3. Create a Portfolio and Wallet
    Create a Portfolio and a Web3 Wallet, apply your Transaction Policy to the Wallet.

  4. Create an EVM transaction
    Open a WebSocket connection and initiate a transaction. Then get the transaction request and sign it with your BLS private key.

Previous
Introduction