Creating Sender Account
Sunday, August 7, 2022 at 09:57pmHello Duo,
We are implementing sender account API key for creating transaction on behalf of the sender. While creating a sender's API key, I have found that if the sender ID is same, the API key generated is always the same. In this case, we can save the sender's API key in the database so that next time we don't have to generate the API key again hitting the onespan end point.
If the API key generated for particular sender is always same, we can save the API key in the database otherwise we have to hit the api key generator end point every time?
What do you recommend ? Saving the api key in the database or use it dynamically hitting the one span endpoint every time.
Thank you
Reply to: Creating Sender Account
Monday, August 8, 2022 at 08:14amHi Bikram,
Thanks for your post!
For your question, yes, the API Key will be the same for the same sender ID and you can store it in your local database instead of query every time.
On top of that for better security, it's also suggested to register a client application, retrieve an access token (valid for 30 minutes) for the sender, and authenticate the API calls with this API token instead of API key. You can refer to my blog for more detailed information:
https://www.onespan.com/blog/onespan-sign-release-1134-api-token-client-application
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer