Developers

REST endpoints and webhook tooling for bots and external integrations.

Public (no login)

GET /api/prices — market snapshots (e.g. ?quick=1)
GET /api/public/stats — aggregated system-trade stats for the marketing home page (30-day window)

Authenticated session

After sign-in, same-origin fetch calls include the session cookie. Examples:

GET /api/trades — trade history
GET /api/reports/portfolio — portfolio metrics
GET /api/arbitrage/... — arbitrage data (feature-dependent)
POST /api/social/follow — follow a strategy (exchange id)

Webhook test endpoint

POST /api/developers/webhooks

Header: Authorization: Bearer <DEVELOPERS_WEBHOOK_TOKEN>

Body: JSON (any). Response echoes receivedAt and payload. Use this to verify connectivity before wiring external alerts.

Generate a token locally: openssl rand -hex 32 — set DEVELOPERS_WEBHOOK_TOKEN in Cloud Run.

Billing webhooks

Subscription checkout uses PayPlus. Payment confirmations are sent to /api/billing/webhook — configure the secret in the processor dashboard (PAYPLUS_WEBHOOK_SECRET).

Social notifications

Users who follow an exchange strategy receive in-app (and push) notifications when the system posts a trade for that venue. Automatic copy-trading is not enabled by default — execution stays on your own keys and risk settings.

Home Sign in