Access your account, go to Settings > Users.

Select Add User. On the Add User dialog, toggle the user type to API user.

Label the API user accordingly and select read-only permissions for the user role.

Whitelist the following IP Addresses:

Attach the CSR File to the API user and select Add User.

A Certificate Signing Request (CSR) can be generated by the Otto team or the client. The CSR generation will have 2 components, A Certificate Request and a Private Key. The Certificate Request (.csr file) will be added to the API user on Fireblocks, and the corresponding Private Key will be input into the Secret field in Otto, as well as inputting the API Key generated from Fireblocks in the Key field.