# API Keys Management

To ensure secure communication between your website and CoinbarPay's payment gateway, our system relies on API keys to authenticate and authorize requests. In this section, we will discuss the importance of managing your API keys properly, as well as the steps for generating and using the required keys.

## API KEYS

#### <mark style="color:purple;">SERVICE\_CLIENT\_ID</mark> : Payment Gateway Key

The <mark style="color:purple;">`SERVICE_CLIENT_ID`</mark> serves as the primary identifier for your CoinbarPay Service.

{% hint style="info" %}
This ID is used for identification to requests made between your website and our payment gateway.
{% endhint %}

#### <mark style="color:orange;">SERVICE\_SECRET\_KEY</mark> : Authentication Secret Key

The <mark style="color:orange;">`SERVICE_SECRET_KEY`</mark> serves as HMAC (Hash-based Message Authentication Code) secret key to sign and authenticate requests to CoinbarPay API Server.

{% hint style="warning" %}

#### <mark style="color:orange;">Warning</mark>

This KEY should never been exposed, transfered, sent to anyone outside your company or is not allowed to manage transactions requests.
{% endhint %}

{% hint style="info" %}

#### <mark style="color:blue;">Security hints</mark>

To maintain the highest level of security and protect your CoinbarPay account from unauthorized access or malicious activities, follow these best practices for API key management:

1. **Secure Storage**: Keep your `KEYS` and other API keys in a secure and encrypted location, such as environment variables or a secure database, to prevent unauthorized access or exposure.
2. **Limit Access**: Grant `KEYS` access only to the required services and personnel who directly manage your integration with CoinbarPay.
   {% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.coinbar.io/api-web-integration/api-keys-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.