search

Authentication & API Access

hashtag
Authentication & API Access

This page describes how authentication works when integrating with the Fyre API and what partners need to know before using it.

API access is managed centrally by Fyre and enabled progressively as the integration matures.

hashtag
API Access Model

Fyre uses a simple API key–based authentication model:

  • Each partner receives a dedicated API key.

  • The API key is used to authenticate all API requests.

  • It identifies the partner and determines which operations and datasets can be accessed.

Fyre generates, manages, and communicates the API key securely. Partners do not generate or rotate API keys themselves.

hashtag
When API Access is Granted

API access is enabled at different stages of the integration, depending on the agreed setup:

  • Preparation phase – allows delivery of the initial one-month transactional data sample for validation and alignment.

  • Post-preparation / Production – expands access to support production data delivery and additional API capabilities as they become available.

All access is coordinated directly with the partner.

hashtag
Environment

  • Currently, Fyre operates a single API environment.

  • All interactions, including preparation and production activities, take place within this environment.

  • Access is controlled via API keys and scoped permissions rather than separate environments.

  • If additional environments are introduced in the future, this will be documented and communicated.

hashtag
How to Authenticate Requests

All authenticated API requests must include the API key in the request headers:

  • Requests without a valid API key, or with an invalid or expired key, will be rejected.

hashtag
API Key Usage Guidelines

  • Treat the API key as a secret.

  • Do not expose it in client-side code or public repositories.

  • Use it only within the agreed integration scope.

  • Do not share API keys across unrelated systems or environments.

  • If a key is compromised or suspected to be exposed, notify Fyre immediately so it can be revoked and replaced.

hashtag
Access Scope Over Time

  • The same authentication mechanism is used throughout the integration lifecycle.

  • During preparation, access may be limited to initial data delivery and integration activities.

  • Once production onboarding is completed, access may expand to include:

    • Historical data delivery

    • Ongoing daily ingestion

    • Additional partner-facing features

Any changes to access scope are coordinated directly with the partner.

PreviousUsing the Fyre APINextAPI Reference

Last updated