Skip to main content

API Overview

Base URL

All requests go to: 
https://api.assetpay.co
Staging environment: 
https://staging-api.assetpay.co

Authentication

There are two authentication methods depending on the endpoint:

API Key (Merchant endpoints)

Used for /auth/authenticate-client and /secure/* endpoints. Pass your key in the api-key header: 
api-key: ap_your_key_here

Client Token (Client endpoints)

Used for /client/* endpoints. Pass the JWT in the Authorization header: 
Authorization: eyJhbGciOiJIUzI1NiIs...
See the Authentication guide for how to generate client tokens.

Response Format

All responses follow the same envelope:

Success

{
  "requestId": "550e8400-e29b-41d4-a716-446655440000",
  "success": true,
  "data": {
    // endpoint-specific response
  }
}

Error

{
  "requestId": "550e8400-e29b-41d4-a716-446655440000",
  "success": false,
  "error": {
    "code": 1001,
    "key": "VALIDATION_FAILED",
    "message": "Invalid request data"
  }
}
The requestId is a UUID generated for each request. Include it when contacting support about specific errors.

Rate Limits

Rate limits vary by endpoint and merchant verification status:
Endpoint GroupVerifiedUnverified
Client authentication1,000,000/hour100/hour
Inventory1,000/min10/min
Market2,000/min20/min
Deposit/Withdraw500/min5/min
Trade history3,000/min30/min
Trade URL check100,000/hour100/hour
Prices1,000/hour100/hour
Rate limits are shared across all clients of the same merchant. If you have 100 users hitting the inventory endpoint, they all share the same 1,000/min bucket. When you hit a rate limit, you’ll receive a 429 response with error code 1007 (RATE_LIMITED).

Versioning

The API uses URI-based versioning. Client and secure endpoints are version-neutral (no version prefix needed). Call them directly: 
POST /auth/authenticate-client
GET  /client/inventory
POST /client/trading/deposit
POST /secure/check-tradeurl

Prices

All prices in the API are in USD (dollars), not cents. For example, 10.75 means $10.75.

Game Parameter

Most endpoints accept a game parameter:
ValueGame
730Counter-Strike 2
252490Rust
If omitted, defaults to 730 (CS2).