# How to access the API

## Obtain API credentials

{% hint style="warning" %}
Only users with the *Owner* role can generate API credentials.
{% endhint %}

To get access to API:

{% stepper %}
{% step %}
Click your user icon in the upper right corner of the page and select **Access list**.
{% endstep %}

{% step %}
Switch to the **API** tab.
{% endstep %}

{% step %}
In the **Manage API access** section, optionally whitelist IP addresses for API access: refer to [How to whitelist IP addresses](https://docs.b2binpay.com/how-tos/how-to-whitelist-ip-addresses#restrict-access-to-api) for step-by-step instructions.
{% endstep %}

{% step %}
Enable the **Activate API user** toggle.
{% endstep %}

{% step %}
In the **Your API access credentials** section, click the **Regenerate** button.
{% endstep %}

{% step %}
In the confirmation popup, enter your password, and then the *Authorization 2FA for operations* code to confirm the operation.
{% endstep %}

{% step %}
The newly generated API key and secret are displayed in the popup. Use **Copy** buttons to copy values.

{% hint style="danger" %}
Mind that the credentials only reveal once in this popup. They can’t be accessed after the popup is closed and have to be regenerated.
{% endhint %}
{% endstep %}
{% endstepper %}

Now you can access the system via the API. The new API user with the *Admin* role is automatically granted access to all your wallets.

{% hint style="success" %}

### Security tips

If sharing your API keys with other persons to set up integrations:

* Use password managers for secure credential sharing.
* Whitelist IP addresses for API access.
* Generate new credentials after the setup is complete.
  {% endhint %}

## Obtain a callback secret

{% hint style="warning" %}
Only users with the *Owner* role can generate callback secrets.
{% endhint %}

To get a callback secret:

{% stepper %}
{% step %}
Click your user icon in the upper right corner of the page and select **Access list**.
{% endstep %}

{% step %}
Switch to the **Callback secret** tab.
{% endstep %}

{% step %}
In the **Your callback secret** section, click the **Regenerate** button.
{% endstep %}

{% step %}
In the confirmation popup, enter your password, and then the *Authorization 2FA for operations* code to confirm the operation.
{% endstep %}

{% step %}
The newly generated callback secret displayed in the popup. Use **Copy** button to copy the value.

{% hint style="danger" %}
Mind that the callback secret only reveals once in this popup. It can’t be accessed after the popup is closed and has to be regenerated.
{% endhint %}
{% endstep %}
{% endstepper %}

Now you can use the callback secret for [deposit](https://docs.b2binpay.com/api-guide/deposit-methods#callback-verification) and [payout](https://docs.b2binpay.com/api-guide/payout-methods#callback-verification) callback verifications.