Skip to main content

Authentication

The VX API requires RPs (relying parties) to authenticate using an API key or OAuth2 access token. Typical options:

  • API key (long-lived) provided during onboarding, used as a Bearer token.
  • OAuth2 access tokens for dynamic integrations.

Include the token in the Authorization header:

Authorization: Bearer dewa_vx_xxxxxxxxxxxxxxxxxx

VX validates RP registration certificates and scopes to ensure the requesting RP is authorized to request specific attributes from wallets.

See onboarding and compliance sections for details about RP registration and authorized attribute scopes.