Arf Liquidity Docs
    Arf Liquidity Docs
    • Introduction
    • Environments
    • IP Restrictions
    • Authentication
    • RSA4096 Examples
    • Errors
    • Webhooks
    • Client
      • Create Client
        POST
      • Upload Document
        PUT
      • Get Client
        GET
      • List Clients
        GET
      • Get Client Credit Preference
        GET
      • Create Bank Information
        POST
      • Create Chain Information
        POST
    • Credit
      • Check Credit
        GET
      • Create Credit
        POST
      • Get Credit
        GET
      • List Credits
        GET
    • Webhooks
      • List All Webhook
        GET
      • Create Webhook
        POST
      • Delete Webhook
        DELETE
    • Schemas
      • Error Schema
      • Successful Response
      • Client Detail
      • Document Detail
      • Credit Details
      • Webhook

    Authentication

    The Liquidity API requires two authentication layers for secure access:

    1. API Key#

    A valid API key must be included in the Authorization header:
    Authorization: Bearer lk_sandbox_xxx...
    Test keys: lk_sandbox_
    Live keys: lk_live_
    HTTPS is mandatory
    API keys must remain confidential

    2. RSA-4096 Signature#

    Required for specific endpoints (e.g., Create Client, Create Credit)
    The raw request body must be signed with an RSA-4096 private key
    The Base64-encoded signature must be added to the X-Signature header:
    X-Signature: <base64-encoded-signature>
    The signature must match the exact body content
    Only RSA-4096 is supported
    Public keys (PEM format) must be shared with the account manager securely

    Reference#

    See the [RSA-4096 Implementation Guide] for:
    Key pair generation
    Request signing & verification
    Error handling and best practices
    Modified at 2025-07-10 08:41:29
    Previous
    IP Restrictions
    Next
    RSA4096 Examples
    Built with