Dashboard
Build

API reference

All endpoints are under /v1, return application/json, and validate every payload against the shared Zod/pydantic schemas.

Authentication

Send X-API-Key: sk_live_... on every request. Endpoints marked x402 below also accept anonymous requests paid per-call — see x402 payments.

Session

PathDescription
POST/v1/auth/sessionExchange a verified Privy access token for an org + API key. Auto-provisions on first login.

Agents

PathDescription
POST/v1/agentsCreate an agent. Defaults to payload mode.
POST/v1/agents/{id}/killKill switch — cancel all open orders within 5s, revoke delegated credentials.
POST/v1/agents/{id}/credsSubmit sealed-box encrypted venue credentials for delegated mode.

Markets

PathDescription
GET/v1/markets/searchSearch markets. x402: $0.002/call.
GET/v1/markets/{id}Get market detail.
GET/v1/orderbook/{token_id}Get live orderbook. x402: $0.001/call.

Orders

PathDescription
POST/v1/orders/intentRun the risk engine and return an unsigned payload on approval. x402: $0.10/call.
POST/v1/orders/submit-signedSubmit a signed payload (payload mode).
POST/v1/ordersSubmit an order in delegated mode.
DELETE/v1/orders/{id}Cancel an order.

Portfolio

PathDescription
GET/v1/ordersList orders for the authenticated org.
GET/v1/fillsList fills, including builder-attribution status.
GET/v1/positionsList open positions.
GET/v1/portfolioAggregate portfolio summary.

Policy

PathDescription
GET/v1/policiesGet risk policies for every agent in the org.
PUT/v1/policiesUpdate a risk policy.
POST/v1/breaker/resetReset a tripped circuit breaker.

Billing

PathDescription
GET/v1/billing/usageUsage events and running totals for the org.

Errors

Validation failures return 422 with field-level detail. Rejected order intents return 409 with the full risk decision as the response body. Venue-side failures return 502. No response ever includes a stack trace.

422 response
{
  "error": "validation_error",
  "details": [
    { "field": "size_usdc", "message": "must be positive" }
  ]
}
Prefer typed clients?
The TypeScript SDK validates every request and response against the same shared schemas at runtime and wraps all of the above in a typed client.