Configure API Credentials

Create and updated an OAuth2 client.

Most API endpoints require authentication with a Client ID and Secret. Each Client ID has a specific set of allowed scopes to access API endpoints. Scopes allowed on an API client may be updated at any time.

Scopes for each endpoint are listed in the Authorizations section in the API Reference docs. The Market Data and most Pricing endpoints do not require authorization.

When setting scopes, we recommend following the principle of least privilege and only allow scopes required by a specific application.

1. Log in to your Developer Sandbox or Production account and go to Settings > API Management.
   
   

   The Developer Sandbox is completely segregated from production, so credential configuration must take place in both environments.

   • Developer Sandbox: https://account.sandbox.paxos.com/wallet/credentials
   • Production: https://account.paxos.com/wallet/credentials

2. Create a Label for your API credentials.
3. Select the Scopes for your Client ID. For example, the following scopes (space delimited) should be adequate to mint, redeem and convert Paxos-issued stablecoins:
   
   

   conversion:read_conversion_stablecoin
   conversion:write_conversion_stablecoin
   funding:read_profile
   funding:write_profile
   transfer:read_deposit_address
   transfer:read_transfer
   transfer:read_fiat_account
   transfer:read_fiat_deposit_instructions
   transfer:write_internal_transfer
   transfer:write_crypto_withdrawal
   transfer:write_deposit_address
   transfer:write_fiat_account
   transfer:write_fiat_deposit_instructions
   transfer:write_fiat_withdrawal
   transfer:write_sandbox_fiat_deposit
4. Click Create Credentials.
5. Copy the Client ID and Client Secret and store them in a safe place. The secret will not be displayed in the UI again, and it will have to be reset if forgotten.

Once you have the Client ID and Client Secret, you can authenticate in Sandbox.