Use this guide to generate a client ID and secret for API access, rotate credentials when needed, and manage your organization's API credentials in the Payments Direct interface.
- You must have the API Credentials: Can Edit permission.
- Your organization can hold a maximum of 3 API credentials at a time.
In the left navigation, select Settings.
Select Credentials.
Select New Credential.
If your organization already has 3 credentials, the New Credential button is disabled. Delete an existing credential before creating a new one.
Enter a Credential name to identify the credential in the list.
Select Save & Generate Key.
A dialog appears showing the credential details:
| Field | Description |
|---|---|
| Audience | The API audience value for your environment. |
| Client ID | The unique identifier for this credential. |
| Secret | The generated secret key. |
The secret is displayed only once. After you close this dialog, it cannot be retrieved. Copy the secret and store it in a secure location before closing.
- Copy the Client ID and secret, then select Close.
Rotate a credential to generate a new secret while keeping the same Client ID. Use this when a secret is compromised or as part of a regular credential rotation schedule.
- In the left navigation, select Settings.
- Select Credentials.
- On the credential card you want to rotate, select the ... action menu.
- Select Rotate Credential.
- In the confirmation dialog, select Rotate Credential to confirm.
A dialog appears showing the rotated credential's new secret.
The new secret is displayed only once. The previous secret is immediately invalidated. Copy and store the new secret before closing.
- Copy the new secret, then select Close.
Update any API clients or integrations using the old secret to use the new one.
- On the credential card you want to rename, select the ... action menu.
- Select Edit.
- Update the Credential name.
- Select Save.
You can delete non-primary credentials that are no longer needed.
The primary credential cannot be deleted. To remove it, you must first designate a different credential as primary, or contact your Ripple representative.
- On the credential card you want to delete, select the ... action menu.
- Select Delete.
- In the confirmation dialog, select Delete to confirm.
The credential is permanently removed. Any API clients using the deleted credential will immediately lose access.
- Use the Client ID and secret to authenticate API requests. For instructions, see Request an access token.
- If you need to control which IP addresses can use the API, see your Ripple representative for network-level access controls.