Skip to content
English
Submit Ticket
  • There are no suggestions because the search field is empty.

Creating API Credentials

Generate API keys for programmatic access

Creating API Credentials

Create API credentials to access the OpusDNS API programmatically for domain management, DNS operations, and automation.

Where to Find It

Path: Left sidebar → Developer → API Credentials

Direct URL: /developer/api-credentials 

What You'll See

The API Credentials page shows a table of existing credentials with columns: Name, API Key ID, Status (Active/Revoked), Created, Expires, and Last Used. Above the table is a button to create new credentials.

An informational alert at the top explains the three values you'll receive:

  • API Key — Use in the x-api-key HTTP header for direct API access
  • Client ID — Your organization's unique identifier for OAuth authentication
  • Client Secret — Used to authenticate OAuth requests

Step-by-Step

  1. Navigate to Developer in the left sidebar.
  2. Go to the API Credentials section.
  3. Click the create button.
  4. Fill in the form:
    1. Name (required) — A descriptive name for this credential (e.g., "Production API Key", "WHMCS Integration")
    2. Description (optional) — Additional notes about the credential's purpose
    3. Expiration Date (optional) — Set an expiry date or leave blank for no expiration
  5. Submit the form.
  6. ⚠️ CRITICAL: Copy your credentials immediately!

Screenshot 2026-05-19 at 14.25.25

 

After Creation — Copy Your Secrets

A success dialog displays three values:

  • API Key — The full API key for the x-api-key header
  • Client ID — Your organization identifier
  • Client Secret — The OAuth client secret

⚠️ Important Security Notice: The API Key and Client Secret are shown only once during creation. If you close this dialog without copying them, you cannot retrieve them later. You will need to create new credentials.

 

Using Your Credentials

Option 1: API Key (Direct Access)

Include the API key in your HTTP request headers:

x-api-key: your-api-key-here
 

Option 2: OAuth Client Credentials

Use the Client ID and Client Secret for OAuth 2.0 client credentials flow to obtain an access token.

Managing Existing Credentials

In the credentials table, you can:

  • See when a key was last used
  • Check if it's Active or Revoked
  • See the expiration date (or "Never" if not set)
  • Revoke a credential when it's no longer needed (this cannot be undone)

Restricting API Access by IP

For additional security, navigate to Developer → API Security to configure IP address restrictions that limit which IPs can use your API credentials.

Common Mistakes

  • Not copying the secret — The most common issue. The secret is shown only once.
  • Using an expired credential — Check the expiration date in the table.
  • Forgetting to revoke compromised keys — If a key is exposed, revoke it immediately and create a new one.