Cubewire LogoDeveloper
Support
Onboarding
Cubewire Developer Hub Logo
SOC 2 Compliant

Developer documentation and tools for Cubewire's digital wallet infrastructure. Built for developers, by developers.

developers@cubewire.com
TwitterGitHubDiscord

Developer Tools

  • API Documentation
  • API Reference

Resources

  • Documentation

Company

  • About
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
© 2026 Cubewire. All rights reserved.
Developer Documentation Portal•Built with ♥ for developers
  1. Cubewire Wallet
  3. Authentication

Authentication

Cubewire supports two authentication paths depending on your use case:

MethodUse caseGuide
Console AccessHuman users managing vaults and policiesConsole Access
Programmatic AccessBackend services calling the APIProgrammatic Access

Console access

For users signing into the dashboard at wallet.cubewire.com:

  • Email/password — Standard authentication with email verification
  • Google — Sign in with your Google account
  • Enterprise SSO — SAML 2.0 or OIDC for organizations that require centralized identity
  • MFA — Optional multi-factor authentication via authenticator app

Console Access

Dashboard authentication, MFA setup, and SSO configuration.

Programmatic access

For backend services integrating with the Cubewire API:

  • OAuth 2.0 Client Credentials — Industry-standard server-to-server flow
  • Short-lived tokens — Access tokens expire after 1 hour
  • Role-based permissions — Credentials inherit access from assigned roles

Programmatic Access

API authentication using OAuth 2.0 client credentials.

Security fundamentals

Never expose secrets in client-side code. Store credentials in environment variables or a secrets manager. Rotate immediately if compromised.

PracticeWhy it matters
Use environment variablesKeep CLIENT_ID and CLIENT_SECRET out of source code
Refresh tokens proactivelyRequest new tokens before expiry to avoid failed requests
Apply least privilegeAssign only the permissions each credential needs
Monitor access logsDetect unusual activity early
Rotate credentials regularlyLimit exposure window if credentials are compromised

Next

  • Console Access — Dashboard login, MFA, and SSO
  • Programmatic Access — API authentication with OAuth 2.0

On this page

  • Console access
  • Programmatic access
  • Security fundamentals
  • Next
  1. Cubewire Wallet
  3. Authentication

Authentication

Cubewire supports two authentication paths depending on your use case:

MethodUse caseGuide
Console AccessHuman users managing vaults and policiesConsole Access
Programmatic AccessBackend services calling the APIProgrammatic Access

Console access

For users signing into the dashboard at wallet.cubewire.com:

  • Email/password — Standard authentication with email verification
  • Google — Sign in with your Google account
  • Enterprise SSO — SAML 2.0 or OIDC for organizations that require centralized identity
  • MFA — Optional multi-factor authentication via authenticator app

Console Access

Dashboard authentication, MFA setup, and SSO configuration.

Programmatic access

For backend services integrating with the Cubewire API:

  • OAuth 2.0 Client Credentials — Industry-standard server-to-server flow
  • Short-lived tokens — Access tokens expire after 1 hour
  • Role-based permissions — Credentials inherit access from assigned roles

Programmatic Access

API authentication using OAuth 2.0 client credentials.

Security fundamentals

Never expose secrets in client-side code. Store credentials in environment variables or a secrets manager. Rotate immediately if compromised.

PracticeWhy it matters
Use environment variablesKeep CLIENT_ID and CLIENT_SECRET out of source code
Refresh tokens proactivelyRequest new tokens before expiry to avoid failed requests
Apply least privilegeAssign only the permissions each credential needs
Monitor access logsDetect unusual activity early
Rotate credentials regularlyLimit exposure window if credentials are compromised

Next

  • Console Access — Dashboard login, MFA, and SSO
  • Programmatic Access — API authentication with OAuth 2.0

On this page

  • Console access
  • Programmatic access
  • Security fundamentals
  • Next