Getting started

Before you start

ioCash is a platform with a centralized part (API) and a decentralized part (Distributed Ledger Technology, also called DLT) that mixes blockchain technology with a REST API.

Our platform is designed for developers, engineers, or anyone else who’s comfortable creating custom-coded solutions or integrating with platforms. If you think you may need some help integrating with the ioCash platform do not hesitate to contact one of our experts.

In order to use any functionality of the ioCash platform, the first thing you need to do is to register and be logged in. For that, please go to the registration page and create a developer account in our portal.


After you have successfully registered and you are logged in, you have to be authorized by our team to be able to use the API. For that, you can request an API key. In order to do so, you need to provide the public key of a 4096 bit RSA key. If you already have one, you can go directly to the section API Key Request.

RSA Key Generation

To create a new RSA Key, you can execute the following command in your terminal:

$openssl genrsa -out private.pem 4096
Generating RSA private key, 4096 bit long modulus
e is 65537 (0x10001)

The private key is saved in private.pem file. You should make sure that the private key can only be read by you and not by any other user for security reasons.

Now, you can generate the public key with this command:

$openssl rsa -in private.pem -outform PEM -pubout -out public.pem
writing RSA key

The public key is generated in the file public.pem. Now you can check your public key with the following command:

$less public.pem
-----END PUBLIC KEY-----

API Key Request

Once you have your RSA pair of keys, you will have to send us your public key. In addition, you have to send us a description of your app, the use case and the tax identification number of your company. Please use the form on the API Key Request site to send us the information.

When this is done, we will register your company as a client and send you an access token that you need for all API requests. This token will be passed via the Authorization HTTP header:

Authorization: Bearer {access_token_here}

JWT generation and signature

To strengthen the security of our API, all requests must be JWT signed with RS256 Algorithm with your private key in the authentication header.

The JWT must have the following content:

 "alg": "RS256",
 "typ": "JWT",
 "kid": "" //API key of the client, provided by our team
 "exp": "" // Expiration date of the token - usually current time plus 1 hour or 1 day
 "iat": "" //Issuance date of the token - usually current time
 "nbf": ""  //Date at which the token can be used - usually current time
 "pol": "" //Claims - optional field, provided by our team

The kid and pol are provided by our team after the API key Request, and are unique to each client. If you did not receive the pol don't worry, it is an optional field and you can leave it empty.

Below, we show a Java example to generate the token:

protected String createSignedJWT() {
                .setHeaderParam('alg', SignatureAlgorithm.RS256.value)
                .setHeaderParam('typ', 'JWT')
                .setHeaderParam('kid', "your kid")
                .setExpiration(Date.from(, ChronoUnit.MINUTES)))
                .setIssuedAt(new Date())
                .setNotBefore(new Date())
                .addClaims(['pol': "your pol"])
                .signWith(SignatureAlgorithm.RS256, "your private key")