Types of Authentication tokens

There are 2 types of authentication tokens used by the system for the APIs to be called by the client directly and the Wallet JS SDK. Let's first understand the 2 types of functions/APIs available.

1. APIs: To be called by the client from their backend or some service hosted on their end or dashboard (coming soon). These are the APIs that perform client-admin level actions, eg. deploying a contract, creating a new token data - which gets airdroppped or sold later.
2. Wallet SDK functions: To be called from the client's front end. These are actions that the user performs on the frontend eg. starting a sale on an owned token, transferring the token to another user and so on. Essentially the actions that require the user's authorization.

Correspondigly there are 2 authentication tokens

1. X-API-KEY: This it the authentication that corresponds to the APIs that the client calls from their backend (pt. 1 from above). It is to be entered wherever you see "x-api-key" in the header of the request.

X-API-KEY : Client api key. To be kept in secret by the client-admin.

1. ACCESS-TOKEN: This is the authentication token that is used by the Wallet SDK to identify the user and the client from which the request has originated on the client's frontend. This token is handled and used by the Wallet SDK, the client will hardly ever need to see or use this token.

ACCESS-TOKEN : Client's user's access token. To be used by the wallet sdk to perform user related approvals and authentication. Client doesn't need to manage this