API Keys & Access Keys
The Secret Access Key or
sak_and the Public Access Key or pak_have distinct permission roles to accommodate many Lightning Network use cases client side and server side. Secret Access Key: The
sak_ is intended to be used SERVER SIDE only, and is meant to be as secret as secret keys can get. This key has permission to perform ALL requests across the API. If you intend to use the LNPay API only server side, you can disregard the Wallet Access Keys section below.
Public Access Key: The
pak_ is intended to be used CLIENT SIDE only, and is intended to be paired with a Wallet Access Key (wak) The pak_ is essentially serves as an account identifier, while the Wallet Access Keys provide a level of control over wallets. This dynamic is helpful for when you want to have wallets perform certain functions client side, but do not want to expose your entire LNPay account.The Public Access Key cannot perform any LIST functions (list wallets, list transactions).
Each wallet has role-based permissioned access keys associated with it. The keys are generated on wallet create via the API or dashboard. They are only available via the API in the response from wallet create, and cannot be retrieved later via the API.
The purpose of these keys are to restrict use with client side applications. Browser side, in mobile apps, consumer hardware, etc.
These keys ARE intended to be exposed client side!
These keys should be used with the
pak_ Public Access KeyRole | Prefix | Permissions | Example | Notes |
Wallet Admin | waka_ | wallet_deposit wallet_read wallet_transfer wallet_tx_read wallet_withdraw | waka_OkdGALaQ.... | |
Wallet Invoice | waki_ | wallet_deposit wallet_tx_read | waki_oSjzkjVR... | |
Wallet Read | wakr_ | wallet_read wallet_tx_read | wakr_h1JTla... | |
Wallet LNURL Withdraw | waklw_ | wallet_public_withdraw wallet_read wallet_withdraw | waklw_1Lldqo... | This key does not need an API key in order to withdraw! |
Wallet LNURL Pay | waklp_ | wallet_deposit | waklp_Hh3u23..... | This is only for RECEIVING lnurlpay requests |
Client Side
Server Side
This table breaks down when it is appropriate to use the API Key and Wallet Key combo
https://api.lnpay.co/v1/<Wallet Key>?access-token=<API Key>
Function | API Key | Wallet Key |
N/A | N/A | |
pak_ | waka_or wakr_ | |
pak_ | waka_or waki_ | |
pak_ | waka_ | |
pak_ | waka_ | |
pak_ | waka_ | |
pak_ | waka_or wakr_ |
This table breaks down when it is appropriate to use the API Key and Wallet Key combo
https://api.lnpay.co/v1/<Wallet Key>?access-token=<API Key>
Function | API Key | Wallet Key |
sak_ | N/A | |
sak_ | wal_ | |
sak_ | wal_ | |
sak_ | wal_ | |
sak_ | wal_ | |
sak_ | wal_ | |
sak_ | wal_ optional |
Last modified 1yr ago