Introduction
Let us introduce you to the revolutionary world of CryptoMate APIs, a gateway to effortless global transactions. In this era of rapid technological advancement, harnessing the power of Blockchain technology has never been simpler. With CryptoMate APIs, you can unlock the true potential of this transformative technology while keeping your focus unwaveringly on providing an exceptional customer experience.
Picture this: you have the opportunity to craft incredible applications in an astonishingly short span of time, all thanks to our groundbreaking APIs. Let me walk you through some captivating examples:
Imagine seamlessly integrating crypto assets into your fintech wallet. With our ingenious MPC module, managing diverse wallets across different blockchains becomes as intuitive as invoking just two APIs. Yes, you heard that right - two APIs stand between you and an enhanced financial ecosystem.
Or consider this: sending your customers NFTs as part of a loyalty program, with the ability to effortlessly track every intricate movement. This seemingly complex task becomes a breeze with our Media NFT module, requiring just two APIs. Loyalty meets simplicity.
And for those seeking to embrace the future of commerce, imagine accepting crypto payments with unparalleled ease - a reality achieved by invoking a single API through our Payment module. This single act bridges the gap between traditional and digital currency transactions.
Before embarking on your journey to integrate our API marvels, there's a crucial step: obtaining an API key. This key serves as a digital seal of authenticity, safeguarding your requests and ensuring a secure gateway to our suite of services. Obtaining it is as simple as signing up on our website, where possibilities await.
Now, let's delve into the dynamic environments our APIs thrive in:
Sandbox environment: Here, experimentation is the name of the game. It's the domain of testing and development, where every transaction carries no real-world implications. Your endeavors here shape the future without leaving a trace on the main blockchain.
Production environment: This is where reality takes center stage. The transactions that unfold here are not merely simulations; they're tangible, real-world actions that imprint themselves on the main blockchain.
Let's explore the core operations that anchor our platform:
Wallets: Craft and manage accounts and wallets with unprecedented ease, empowering your users with seamless control over their digital assets.
Media NFT: Immerse yourself in the world of NFTs, creating and managing these unique tokens to captivate your users and offer them a novel experience.
Payments: Redefine transactions by simplifying crypto payments, empowering your users to engage in borderless commerce without the complexities that once stood in their way.
Virtual Wallets: Create easily deposit addresses, concentrate capital, and manage it from a single place. Now, streamline your financial operations and maximize efficiency with our integrated solution.
Cards: Issue virtual or physical cards to your clients. You may choose between debit or credit system based on your requirements.
In conclusion, CryptoMate APIs are more than just a technical innovation - they're a gateway to an era of simplicity, empowerment, and boundless opportunity. It's time to embrace a future where global transactions are as effortless as invoking an API. Welcome to the world of limitless possibilities.
What made this section unhelpful for you?
Base URL
Production:
Sandbox:
What made this section unhelpful for you?
Guides
On this page
- Guides
API Keys & Access Security
To ensure secure, reliable, and controlled access to our platform, all API interactions are authenticated using API keys. An API key uniquely identifies your application and authorizes it to interact with our services, providing a robust layer of protection for both your data and our infrastructure.
Creating and Managing API Keys
You can generate and manage API keys through the our Dashboard. Create, edit, rotate, or revoke keys directly from your account dashboard.
Each API key is independent and can be managed lifecycle-wise without impacting other integrations.
Fine-Grained Permissions
Every API key can be configured with specific feature-level permissions. This allows you to precisely control which parts of the system a given key can access.
For example, you may issue:
- A read-only key for reporting or analytics
- A restricted key for a single product or feature
- A full-access key for trusted backend services
This principle of least privilege helps minimize risk while maximizing operational flexibility.
IP Address Restrictions
To further strengthen security, API keys can now be restricted to a defined set of IP addresses.
When creating or editing an API key, you may optionally configure an IP allowlist:
- Only requests originating from the specified IP addresses or CIDR ranges will be accepted.
- Requests from any other IP will be automatically rejected, even if the API key is valid.
This feature is particularly useful for:
- Backend services running from fixed infrastructure
- Preventing key misuse in case of accidental exposure
- Enforcing network-level security policies
IP restrictions can be updated at any time without regenerating the key.
Using an API Key
To authenticate a request, include your API key in the request headers:
X-API-KEY: <your-api-key>
No additional authentication steps are required.
What made this section unhelpful for you?
On this page
- API Keys & Access Security
Errors
In this guide, we will explore potential challenges that you might come across and discuss effective strategies for managing them. By addressing these issues, you can significantly enhance the efficiency of your development process.
Trace Request
On every response and webhook transaction a header is sent to track it, the name of this header is X-Trace-Id.
This information will be ask on any support request made so we can speed up the solution of any error ocurred.
Error response
If the request has not been successful, you will receive a JSON with the following attributes:
error_code: The error code that has occurred.
message: A message that describes the error.
Example
What made this section unhelpful for you?
Error Codes
200-201
The request executed had finished successfully.
400
The request is not valid, due to some unpredictable error. If you are using a POST, PUT or PATCH request, check that the body is valid. If you are using a GET request, check that the parameters are correct. If you are using a DELETE request, check the path.
401
The API Key is not authorized to do this operation. Check that your API Key had been correctly configured.
404
The requested resource does not exist. Some of the information needed to do this request was not found.
412
The request was not completed because an internal validation was not fulfilled. Check that the body of the request is valid.
500
Our APIs are currently experiencing issues. This is an error on our side, we will check as soon as possible. Please contact support and try again later.
What made this section unhelpful for you?
API
On this page
- API
Webhooks
Webhooks provide real-time notifications for API events, enabling your platform to receive timely updates about specific activities. Our system sends these notifications to a designated endpoint within your hosted environment, which is configured to adeptly receive and process them.
Leverage webhooks to promptly obtain information about critical API events. These events include occurrences external to your system, such as a new deposit in an MPC wallet or a card transaction at a point-of-sale (POS) terminal.To seamlessly receive and process webhook-enabled events, you need to establish and configure a webhook endpoint within your environment.
Each webhook request consists of a common part and a custom payload specific to the event being communicated. The common part includes standard information such as the event type, sub-type, status and a unique Id of of the notification, while the custom payload contains detailed data relevant to the specific event.
Field | Type | Description |
operation | String | Indicator of the operation being informed |
sub_operation | String | Indicator of the activity of the operation being informed |
operation_id | String | Unique identifier of the operation |
status | String | Status of the transaction. Possible values: SUCCESS | CANCELLED | FAILED |
reason | String | If the status is FAILED the reason of why ll appear here |
data | Object | Variable payload of the notification. The content of this will change depending of the notification type. Complete specification of this will be inside each notification page. |
General payload example:
{ "operation": "TREASURY", "sub_operation": "DEPOSIT", "operation_id": "ca0c57d2-b1c9-4bcd-9d5d-8d361cad6fddds1c", "status": "FINISHED", "data": { }}On this page
- Webhooks