# API Keys {% hint style="danger" %} Guard your API key carefully, as it provides access to sensitive financial information similar to actual banking details. Make sure not to commit it to your source control. If you end up doing so you can always revoke the key from your bunq app. {% endhint %} ### **API Key Authentication** The easiest way to authenticate with the bunq API is by using an **API key**. This key acts as a secret credential that identifies your application. To use an API key, you must: 1. **Obtain an API Key** – Generate one from the **bunq app** or request a **sandbox API key** via `POST /sandbox-user`. Or grab one from your bunq app in production. 2. **Register Your Device and starting a session** – Before making API calls, your device must be registered with `POST /device-server`. This binds the API key to your device and its IP address. We dedicated a whole page on registering your installation, your device and starting a session [here](https://doc.bunq.com/tutorials/your-first-payment/creating-the-api-context) ### Session Management * **Auto Logout:** The auto-logout time set in the bunq app applies to all sessions, including API sessions. * **Session Extension:** If a request is made within **30 minutes of expiration**, the session is automatically extended. ## Get your sandbox API Key {% hint style="success" %} Our tutorial [your-first-payment](https://doc.bunq.com/tutorials/your-first-payment "mention") walks you through setting up API keys step by step, and also shows you how to do the subsequent steps. {% endhint %} You can get your API key for the sandbox through a Curl command or the developer portal. The Production API key can be taken from our App. {% tabs %} {% tab title="Through Curl Call" %} ## Curl call to obtain API key To create a user and obtain an API key you can just run 1 command from your terminal: Run this command to obtain a user person. It will return just a API key, but in the background we generated a dummy user for you to play around with in the sandbox. ```bash curl --location --request POST 'https://public-api.sandbox.bunq.com/v1/sandbox-user-person' ``` Run this command to obtain a business user ```bash curl --location --request POST 'https://public-api.sandbox.bunq.com/v1/sandbox-user-company' ``` This request will create a new user in the system. The response will give you the API key that belongs to this user. Store it somewhere safe. ```json { "Response": [ { "ApiKey": { "api_key": "sandbox_a918ac413524f2bf56ceb740595e01839dd7f0321ca08e4c4ea93349" } } ] } ``` {% endtab %} {% tab title="Through Developer Portal" %} ## Obtain API key from the developer portal 1. Simply log into our developer portal [here](https://developer.bunq.com/portal) 2. Log in using the bunq app 3. Click Sandbox users from the navigation bar 4. Generate a new user

{% endtab %} {% tab title="Production API key" %} ## Getting your production API key {% hint style="danger" %} Be aware that a production API key can be used to control your bank account and make payments on your behalf. {% endhint %} 1. Go to your bunq app 2. In the settings screen look for the heading 'Developers' 3. There you select API keys 4. and click add a API key

{% endtab %} {% endtabs %}