Skip to main content

API Keys

All API requests must include an API key in the Authorization header. 
Authorization: Bearer YOUR_API_KEY

Generating API Keys

1

Navigate to API Keys

Go to app.cryptotally.xyz/api-keys
2

Create New Key

Click “Generate New API Key” and give it a name
3

Copy the Key

The key is only shown once! Store it securely.
Copy and store your API key in a secure location

Using API Keys

cURL Example

curl https://api.cryptotally.xyz/v1/wallets \
  -H "Authorization: Bearer ct_live_abc123xyz..."

JavaScript Example

const response = await fetch('https://api.cryptotally.xyz/v1/wallets', {
  headers: {
    'Authorization': 'Bearer ct_live_abc123xyz...'
  }
});

Python Example

import requests

headers = {
    'Authorization': 'Bearer ct_live_abc123xyz...'
}

response = requests.get('https://api.cryptotally.xyz/v1/wallets', headers=headers)

Key Types

TypePrefixEnvironmentUse Case
Livect_live_ProductionProduction applications
Testct_test_DevelopmentTesting and development
Test keys only work with test mode data and won’t affect your production wallets.

Security Best Practices

Never commit API keys to version control or expose them in client-side code.
Store API keys in environment variables or secret management systems.
Generate new keys periodically and revoke old ones.
Create separate keys for different applications with appropriate scopes.

Key Permissions

Configure what each API key can access:
  • Read-only: View wallets and transactions (recommended for dashboards)
  • Read-Write: View and modify tags, notes, attachments
  • Full Access: All operations including exports and webhooks

Revoking Keys

If a key is compromised:
  1. Go to API Keys page
  2. Click the 🗑️ icon next to the key
  3. Confirm revocation
  4. Update your applications with a new key
Revoking a key immediately invalidates all requests using that key.