API Key Management

API keys are used to authenticate requests from your ERP system to B1Link. This section covers how to generate, store, and manage your API keys.

Receiving Your API Key

1. Log in to the B1Link portal
2. Navigate to Corporate Onboarding Configuration → ERP Configuration
3. Generate an API key by providing a name for the key
4. Copy and securely store the API key immediately - it will only be shown once

Secure Storage Requirements

⚠️ CRITICAL SECURITY WARNING:

• The API key is displayed only once when generated
• Store the API key securely in your system's secure configuration or secrets management
• Never commit the API key to version control
• Never log or expose the API key in error messages or debugging output
• Use environment variables or secure vaults (Azure Key Vault, AWS Secrets Manager, etc.)

API Key Format

• The API key is a Base64-encoded string
• Length varies but is typically 44 characters
• Example format: dGVzdF9hcGlfa2V5X2V4YW1wbGU=

API Key Characteristics

• Each API key is unique to your company
• Multiple active API keys can exist for a company
• API keys can be deactivated but not deleted
• The API key is used to generate request signatures (see Signature Generation)

Storage Recommendations

Environment Variables

# Production
export B1LINK_API_KEY="your-api-key-here"

# Development
export B1LINK_API_KEY_DEV="your-dev-api-key-here"

Secure Vaults

• Azure Key Vault - Store as a secret
• AWS Secrets Manager - Store as a secret
• HashiCorp Vault - Store in the secrets engine
• Kubernetes Secrets - Store as a secret resource

Configuration Files (Not Recommended for Production)

If you must use configuration files:

• Never commit to version control
• Use encrypted configuration files
• Restrict file permissions (read-only for application user)
• Rotate keys regularly

Next Steps

After securing your API key, proceed to:

• Webhook Endpoint Configuration
• Signature Generation