API Reference

Overview

The Krypta API provides programmatic access to the platform. All endpoints use JSON for request and response bodies. The base URL for all API requests is:

text

https://krypta.su/api

All requests must include the Content-Type: application/json header for POST/PATCH/PUT requests. Responses always return JSON with appropriate HTTP status codes.

Authentication

API access requires a Business subscription. API keys can be created and managed from the API Keys page in your dashboard. Each key is shown only once at creation — store it securely.

Include your API key in the X-API-Key header with every request:

bash

curl -H "X-API-Key: krpt_live_your_key_here" \
     https://krypta.su/api/orders/my

Each API key has configurable scopes (permissions) that determine which endpoints it can access. A key without the required scope will receive a 403 Forbidden response.

Scopes

When creating an API key, you select which scopes it should have. Available scopes:

Scope	Access
orders:read	View your orders
orders:write	Create and cancel orders
deals:read	View your deals
deals:write	Create deals, mark payment, release, cancel
wallets:read	View balances, transactions, deposits, withdrawals
wallets:write	Request withdrawals
profile:read	View your profile and subscription info

Rate Limiting

API keys are limited to 60 requests per minute. When the limit is exceeded, the API returns HTTP 429 Too Many Requests. Plan your request frequency accordingly.

json

{
  "statusCode": 429,
  "message": "Too Many Requests"
}

Error Codes

The API uses standard HTTP status codes. Error responses have the following format:

json

{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "Bad Request"
}

Code	Description
400	Bad Request — invalid parameters or validation failure
401	Unauthorized — missing or invalid API key
403	Forbidden — API key lacks required scope
404	Not Found — resource does not exist
429	Too Many Requests — rate limit exceeded
500	Internal Server Error

Orders

GET/api/orders

List public open orders. Supports optional API key authentication.

Query parameters: assetId, fiatCurrency, side (SELL | BUY), sortBy (price | trust), skip, take (max 100).

bash

curl "https://krypta.su/api/orders?side=SELL&take=10"

GET/api/orders/my

Get your own orders with pagination and filters.

Scope: orders:read

Query parameters: status (OPEN | PARTIAL | FILLED | CANCELLED), side (SELL | BUY), assetId, page (default 1), limit (default 20, max 100).

bash

curl -H "X-API-Key: krpt_live_..." \
     "https://krypta.su/api/orders/my?status=OPEN&page=1&limit=10"

json

// Response
{
  "orders": [{ "id": "uuid", "side": "SELL", "status": "OPEN", ... }],
  "total": 42,
  "page": 1,
  "limit": 10
}

GET/api/orders/:id

Get a specific order by ID. Public endpoint.

POST/api/orders

Create a new SELL or BUY order. Requires KYC, 2FA, and active subscription.

Scope: orders:write

json

{
  "assetId": "uuid",
  "fiatCurrency": "USD",
  "side": "SELL",
  "price": "50000",
  "amount": "0.1",
  "minDealAmount": "0.001",
  "maxDealAmount": "0.1",
  "paymentMethodIds": ["uuid"]
}

The side field accepts "SELL" or "BUY". SELL orders lock crypto + maker fee at creation. BUY orders don't lock funds — the taker (seller) locks at deal creation.

PATCH/api/orders/cancel-all

Cancel all your open orders at once. Locked funds are returned.

Scope: orders:write

json

// Response
{
  "cancelledCount": 3
}

PATCH/api/orders/:id/cancel

Cancel a specific order.

Scope: orders:write

Deals

POST/api/deals

Create a deal against a SELL order (buyer action). Requires KYC, 2FA, and email verification.

Scope: deals:write

json

{
  "orderId": "uuid",
  "amount": "0.01"
}

GET/api/deals/my

Get your deals (as buyer or seller).

Scope: deals:read

GET/api/deals/:id

Get deal details. Only accessible to deal participants.

Scope: deals:read

PATCH/api/deals/:id/pay

Mark fiat payment as sent (buyer action).

Scope: deals:write

PATCH/api/deals/:id/release

Release crypto to buyer (seller action).

Scope: deals:write

PATCH/api/deals/:id/cancel

Cancel a deal (only if status is CREATED).

Scope: deals:write

Wallets

GET/api/wallets/my

Get your wallets with deposit addresses.

Scope: wallets:read

bash

curl -H "X-API-Key: krpt_live_..." \
     https://krypta.su/api/wallets/my

GET/api/wallets/my/transactions

Get wallet transaction history. Query: assetId, page, limit (max 100).

Scope: wallets:read

GET/api/wallets/deposits

Get deposit history. Query: page, limit (max 100).

Scope: wallets:read

GET/api/wallets/withdrawals

Get withdrawal history. Query: page, limit (max 100).

Scope: wallets:read

POST/api/wallets/withdraw

Request a withdrawal. Requires email verification.

Scope: wallets:write

json

{
  "assetId": "uuid",
  "amount": "0.01",
  "address": "0x...",
  "network": "ethereum"
}

Profile

GET/api/auth/me

Get current user info and subscription status.

Scope: profile:read

json

{
  "user": {
    "id": "uuid",
    "email": "user@example.com",
    "role": "USER",
    "emailVerified": true,
    "isTestMode": false,
    "createdAt": "2026-01-15T10:30:00Z"
  },
  "subscription": {
    "planSlug": "business",
    "status": "ACTIVE",
    "currentPeriodEnd": "2026-03-15T10:30:00Z",
    "isExpired": false
  }
}