Quick Start
Admin registers your app via POST /api/v1/auth/register with the master key.
Exchange clientId + clientSecret for a JWT token.
Include Authorization: Bearer and X-User-Id headers.
Create wallets, mint tokens, transfer, check balance. All transactions are gasless.
Authentication
/api/v1/auth/token) require a valid JWT token in the Authorization header. Tokens expire after 1 hour and must be refreshed by calling /api/v1/auth/token again.Client Registration (One-time, Admin only)
Admin calls POST /api/v1/auth/register with X-Admin-Key header to create API credentials.
Token Generation (On app start / token expiry)
Call POST /api/v1/auth/token with clientId and clientSecret to get a JWT.
API Calls (All subsequent requests)
Include Authorization: Bearer <token> and X-User-Id: <user_id> headers.
Token Refresh (When token expires)
On 401 with TOKEN_EXPIRED, call /api/v1/auth/token again with same credentials.
AuthorizationJWT Bearer token obtained from /api/v1/auth/token
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...X-User-IdUser identifier from your system (maps to a Smart Account)
X-User-Id: user_abc123X-Admin-KeyMaster admin key for client management endpoints
X-Admin-Key: your_admin_master_keyStep 1: Register Client (Admin)
curl -X POST /api/v1/auth/register \
-H "X-Admin-Key: your_admin_master_key" \
-H "Content-Type: application/json" \
-d '{
"name": "My App Production",
"scopes": ["wallet", "mint", "transfer", "claim"],
"tier": "enterprise"
}'
# Response:
{
"success": true,
"client": {
"clientId": "client_abc123def456",
"clientSecret": "sk_live_xxxxxxxxxx",
"name": "My App Production",
"scopes": ["wallet", "mint", "transfer", "claim"],
"tier": "enterprise"
}
}Step 2: Get JWT Token
curl -X POST /api/v1/auth/token \
-H "Content-Type: application/json" \
-d '{
"clientId": "client_abc123def456",
"clientSecret": "sk_live_xxxxxxxxxx"
}'
# Response:
{
"success": true,
"accessToken": "eyJhbGciOiJIUzI1NiIs...",
"tokenType": "Bearer",
"expiresIn": 3600,
"scope": "wallet mint transfer claim"
}Step 3: Make Authenticated API Call
curl -X POST /api/v1/wallet/create \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." \
-H "X-User-Id: user_12345" \
-H "Content-Type: application/json"
# Response:
{
"success": true,
"wallet": {
"address": "0x1234567890abcdef...",
"type": "smart_account"
}
}JWT Token Structure
Token Payload Claims
subClient ID (subject)isschronos-adapter (issuer)audblockchain-api (audience)iatIssued at (Unix timestamp)expExpires at (1 hour after iat)jtiUnique token ID (replay prevention)scopesPermitted API scopestierRate limit tierAvailable Scopes
Create wallets, check balance, view transactions
Check mint status, sign and execute mints
Transfer ERC-20 tokens between accounts
Execute and verify token claims (payouts)
External sign-mint endpoint with CORS
Rate Limiting
100
requests / minute
500
requests / minute
2000
requests / minute
429 response with RATE_LIMIT_EXCEEDED code. The response includes when the limit resets.Error Codes
Authentication Errors
401MISSING_AUTHAuthorization header not provided
401INVALID_TOKENJWT signature invalid or malformed
401TOKEN_EXPIREDJWT has expired, refresh required
401CLIENT_REVOKEDAPI client has been deactivated
401INVALID_CREDENTIALSWrong clientId or clientSecret
API Errors
400MISSING_USER_IDX-User-Id header not provided
403INSUFFICIENT_SCOPEToken lacks required permission
409RECEIPT_ALREADY_MINTEDReceipt ID already used for minting
429RATE_LIMIT_EXCEEDEDToo many requests, slow down
500USER_OPERATION_FAILEDBlockchain transaction failed
API Endpoints
Environment Variables
Authentication
JWT_SECRETRequiredSecret for signing JWT tokens (min 64 chars)
ADMIN_MASTER_KEYRequiredMaster key for admin endpoints
CDP Platform
CDP_API_KEY_IDCDP API key ID
CDP_API_KEY_SECRETCDP API key secret
CDP_WALLET_SECRETCDP wallet encryption secret
CDP_PAYMASTER_URLPaymaster URL for gasless transactions