Skip to content

Generate keys

Now you have API access and you can proceed to generate keys and prepare your API account for API calls.

In this section you will learn how to:

  1. Generate RSA API sign keys for authorizing and signing API requests.
  2. Sign in to Qredo Web App and generate API keys for API user authentication.
  3. In the Qredo Web App, add the public RSA key created in the first step.

API requests and keys

With every API request header you must:

  • pass the API key for authentication
  • pass every signature generated with every API request using your RSA key

RSA keys for signing

The API requires RSA key pairs for authorizing and signing requests.

  • The Qredo server verifies the signature against the public RSA API key.
  • The private RSA API key signs the requests.

Generate RSA keys using the CLI

The following example uses the CLI (Command Line Interface) for generating the RSA key pair but you can use any preferred tool to perform this task. The Qredo Partner API works with 2048 bit RSA keys.

  1. Generate a 2048 bit RSA Key pair and store the private key in a file named private.pem using the CLI command:

    openssl genrsa -out private.pem 2048

    You should see the following message:

    Generating RSA private key, 2048 bit long modulus...
  2. Extract the public key from the key pair and store it in a file named public.pem using the command:

    openssl rsa -in private.pem -outform PEM -pubout -out public.pem

    You should see the following message:

    writing RSA key

The key pair files private.pem and public.pem are created in the current working folder.

API keys for authentication

The Qredo API keys are Base64 encoded and are used for API user access. There are two types of Qredo authentication API keys:

  • Production keys: use these for live action with the Partner API.
  • Sandbox keys: use these to test your integration with the Partner API.

Sandbox vs Production keys

Sandbox and production keys are used in the same environment. There is no difference regarding their use with the API: the base URL and all endpoints are the same.

Generate API keys in Qredo Web App

Follow this example procedure to produce sandbox API keys.

  1. Sign in to the Qredo Web App.

  2. In the top right corner, click on your name and open Personal Account - Settings.

  3. Under "Personal Account", select Partner API to display the following screen:


    Notice you have identical boxes for Production and Sandbox API access.

  4. Under Sandbox, click Generate API Key.


  5. Click Copy to clipboard. This copies the Base64 encoded authentication key for the sandbox environment to your clipboard.

  6. Paste the key into a text file and save it as apikey (no file extension). You will use this file with the Partner API Signing Client.

Regenerate keys if needed

If you lose or forget to copy the API key, complete the procedure again to regenerate the API key.

For production keys, follow the same procedure with the exception: on step 4, click Generate API Key under Production.

Keep your keys safe!

  • DO NOT share your keys with unauthorized parties.
  • DO NOT store your keys in easily accessible or compromizable locations.

Upload public RSA key to Qredo Web App

You need to associate the RSA key pair as created in the first step to your Qredo account by adding your public RSA keys using the Qredo Web App.

This example uses sandbox keys

The process is identical with sandbox and production keys.

To complete this procedure, follow steps 1 to 3 as described in the previous step to upload your RSA public key for Sandbox use.

  1. Sign in to the Qredo Web App.

  2. In the top right corner, click on your name and open Personal Account - Settings.

  3. Under "Personal Account", select Partner API to open the familiar page.

  4. Select Upload Public Key to open a dialog box.

  5. Locate the public.pem RSA key file you created earlier and open it using a text editor.

  6. Copy the entire contents and paste into the dialog box.


  7. Click Upload.

  8. A green LIVE indicator appears in the to mark that you are ready to go.


Follow these same steps under Production to start using the Partner & Core Client API on Production.

Last update: 2022-11-24