API Security
On the details page of an API project, click on the
Security tab for the security settings. We provide four different ways of protect your API as follows:- Authorization Requirements for Requests
- Allowed IP Addresses
- Allowed API Request Methods
- Request Cost Limit
To authenticate using a project secret, select
Require project secret as below on the Security tab, then the Project Secret will be automatically generated. 
Use the following command to access InfStones API. Please fill in your Project Secret and your Project ID.
curl --user : <your-project-secret> <your-endpoint> -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
For example:
curl --user : 7979e694acf340b2aa1a5f6c0080393b https://api.infstones.com/bsc/mainnet/36d4ad84d99743f7b3ecb0a01d6e0d9b -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
To authenticate using a JWT, select
Require JWT as below on the Security tab.
In order to use JWTs with your project, you need to generate a public key / private key pair first. Algorithm RS256 is supported only.
A public key will usually look something like:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyehkd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdgcKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbcmwIDAQAB
-----END PUBLIC KEY-----
Once you have your key pair generated, paste the public key in the
JWT Public Key block, and click Add.
You’ll get a key
ID and a key Fingerprint. The key ID will be used when creating JWTs, and the key Fingerprint can be used to identify the key.
Use the following command to access InfStones API with JWT.
curl -H "Authorization: Bearer <JWT>" \
<your-endpoint>
This setting will restrict IP addresses to use the API project, with a maximum of 30 IP addresses in total. If no restriction is needed for the project, then this area could be left empty.
Type the IP address you wanna allow to access, and click
Add. Only 1 IP address can be added at a time. 
The previous added IP addresses are shown in the
List of allowed addresses. You can click the x at the right of the IP address to remove it.
This setting will add API method allowed to this API project, with a maximum of 30 API methods in total. If no restriction is needed for the project, then this area could be left empty.
Select the API method you want to allowed to this API project from the method list, and click
Add. Only 1 API method can be added at a time. 
The previously added API methods are shown in the
List of allowed methods. You can click the x at the right of the API method to remove it.
The
Requests Cost Limit option allows you to set the daily request cost limit of the project. Please type the daily request cost limit and click Save. 
Please be noted that you have a total request cost limit of all the Public API projects of each chain, which is related to the service plan you select for this chain as shown below.
The daily request cost on a single project cannot exceed the total request cost limit of the whole chain, even though the daily request cost limit you set for this project exceeds the total request cost limit of the chain.
Last modified 23d ago