Crypitor Api Overview
This document lets you understand how does Crypitor Api Platform work.
General Api Information
- All endpoints return either a JSON object or array.
- All time and timestamp related fields are in milliseconds.
- HTTP
400
return codes is used for invalid data. - HTTP
401
return codes is used for unauthorized request. - HTTP
404
return codes is used for data not found. - HTTP
406
return codes is used for not acceptable request. - HTTP
429
return code is used when breaking a request rate limit. - HTTP
500
return codes is used for invalid format request or wrong from server’s side. - Any endpoint can return an ERROR; the error payload is as follows:
{
"error": "429001",
"description": "Too many requests"
}
Request Rate Limit
- Crypitor Service applied an api request rate limit base on account type:
- Free account: rate limit is
10 requests per second
- Premium account:
unlimited
requests
- Free account: rate limit is
- A
429
will be returned when either rather limit is violated. - When a
429
is received, it’s your obligation as an API to back off and not spam the API.
Endpoint Security
- All endpoints were protected by an
Authorization
. Authorization
is yourapi key
and can be passed intoREST Api
viaAuthorization
header.- You can get your
api key
here
Webhook Security
- We would like to recommended you protect your webhook using an
Authorization
. - We allow you pass us an
Authorization
every when you call api Create Webhook - How it works:
- We receive an
Authorization
when you call api Create Webhook and store it insha1 hash
- When we send transaction notification via your webhook url, an
Authorization
header will be passed with value"sha1:<SHA1(your authorization)>"
- In your api controller, you will receive an request with
Authorization
header value as"sha1:<SHA1(your authorization)>"
- You need to verify request using
Authorization
value in request header andAuthorization
that you sent us via api Create Webhook
- We receive an
Get Started Now
Guides →