DavidAce
Hello,
what is the difference between OAuth and API key? When to use OAuth? When to use API key? Or, do I need both?
Thanks,
David.
Difference between OAuth and API key?
SSanderProdigy
@David-Night-Fox-2260538364#143549 API key is always full access. With OAuth you can choose a limited set of permissions (Somewhat like read-only)
- DavidAce
- Edited
@Sander#143550 Everything I can do with OAuth is also possible with API key (but of course not vice versa), am I right?
LexyAce- Edited
@David-Night-Fox-2260538364#143556 Yes, but not vice versa. API keys are intended for personal use whereas OAuth is intended for apps.
OAuth offers all the possible permissions you might need for your app. If you use OAuth, bunq users using your app will get a connection request saying what permissions they are granting your app, which equals a better user experience too.
- DavidAce
@lexy-Blue-Panda#143567 So, if I only want to create (PHP) scripts for me (any maybe some of my family) API key is the right one, right?
SSanderProdigy
@David-Night-Fox-2260538364#143569 yes. 🙂
- LexyAce
@David-Night-Fox-2260538364#143569 It would be more practical in this case. However, you should not share your API key with anyone.
- DavidAce
- Edited
@Sander#143570 @lexy-Blue-Panda#143573 How can I e.g. call a list of all my monetary accounts with an API call?
- LexyAce
@David-Night-Fox-2260538364#143574 by making a POST call to the /user/{userID}/monetary-account endpoint.
All the API requests you might want to use, including getting a list of monetary accounts, are covered in our Postman collection. You can get it here: https://github.com/bunq/postman
WesselWizard
@lexy-Blue-Panda#143573 For personal use, the big difference is that you can use an API key to send money, delete and request cards, and so on. So the key is quite sensitive. With OATH you can only read data and propose payments.
Unless you want to automate payments, I'd go for OATH.