The Bold MFB API provides comprehensive access to our platform’s features, allowing seamless integration with your application. To get started, you must first create a Bold MFB account and obtain the necessary API keys for all integrations.

Authentication

The API utilizes API key authentication, ensuring secure access to the platform. The public key remains static, while the secret key undergoes periodic rotation to enhance security and minimize potential risks. For a comprehensive understanding of API key security and key rotation, refer to the official guidelines here.

To maintain security best practices, it is strongly recommended to rotate the secret key every 30 to 90 days. Regular key rotation helps mitigate the risk of unauthorized access in the event of credential exposure.

Obtaining API Keys

To get your API secret key and public key, navigate to the API settings page and click “Generate”.

  • First-time users: A one-time public key and secret key will be generated.
  • Important: The secret key must be copied immediately, as it will change upon regeneration. However, the public key will remain the same.

Using API Keys

All API endpoints require authentication via public and secret keys. Include both keys in the request headers when making API calls.

"headers": {
  "x-api-key": "your_public_key",
  "x-api-secret": "your_secret_key"
}
Webhooks