# Create an API Key or External App Firstoken provides two credential types for programmatic access: **API Keys** and **External Apps**. Both require IP whitelisting at the time of creation. *** ### API Key API Keys authenticate requests to Firstoken APIs. #### Steps 1. Log in to the Firstoken Console. 2. Navigate to **Keys**. 3. Click **Add API Key**. 4. Complete the following fields: | Field | Required | Description | | ------------ | -------- | ------------------------------------------------------------------- | | Name | Yes | Identifies the API Key. | | Description | No | Optional context. | | Permissions | Yes | Select one or more permissions. | | IP Whitelist | Yes | Add one or more allowed IPs. To allow all traffic, use `0.0.0.0/0`. | To add an IP, click **Add IP**, enter the address and an optional description, then confirm. 5. Click **Create**. A modal displays the **API Key ID**. > **Important:** The API Key ID is shown only once at creation. Store it immediately in a secure location. It cannot be retrieved again after closing this modal. #### Available permissions | Permission | Description | | ------------------- | ----------------------------------------- | | Tokenize card(s) | Tokenize one or more cards. | | Detokenize token(s) | Detokenize one or more tokens. | | Inspect a Token | View the full PAN associated to a token. | | Delete token(s) | Delete one or more tokens from the vault. | | Create Transaction | Create a transaction. | | Get Transaction | Retrieve transaction information. | | Inspect Transaction | Inspect transaction details. | | Delete Transaction | Delete a transaction. | | Proxy Request | Send a request through the Proxy. | | Payment Request | Send a payment request. | *** ### External App External Apps support two key types: **Signing Key** and **Authorization Key**. #### Steps 1. Log in to the Firstoken Console. 2. Navigate to **External Apps**. 3. Click **Add External App**. 4. Complete the following fields: | Field | Required | Description | | ------------ | -------- | ------------------------------------------------------------------- | | Name | Yes | Identifies the External App. | | Description | No | Optional context. | | Key type | Yes | Select **Signing Key** or **Authorization Key**. | | Permissions | Yes | Select one or more permissions. | | IP Whitelist | Yes | Add one or more allowed IPs. To allow all traffic, use `0.0.0.0/0`. | To add an IP, click **Add IP**, enter the address and an optional description, then confirm. 5. Click **Create**. A modal displays the credentials for the selected key type. #### Available permissions | Permission | Description | | ----------------------------- | ------------------------------------- | | Render a Form | Render a Firstoken-hosted form. | | Create a Transaction Request | Create a transaction request. | | Monitor a Page | Monitor a page for CSP events. | | Allow Inbound Routes requests | Send requests through Inbound Routes. | #### Credential reference | Key type | Credentials shown at creation | Retrievable later | | ----------------- | ----------------------------- | ------------------------------------------------------------ | | Signing Key | Key ID | Yes — visible when editing the External App. | | Authorization Key | Key ID and Key Secret | Yes — both values are visible when editing the External App. | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://firstoken.gitbook.io/api-docs/how-to/create-an-api-key-or-external-app.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.