V3 V3XY API Docs
Dashboard ↗ Storefront ↗

V3XY Developer API

Build on V3XY Services with server-side integrations for crypto payments, email verification, and account-linked developer tools. All public endpoints live under /v1 on the API gateway.

Who this is for: Customers and integrators running their own apps or storefronts. This documentation covers the developer surface only — not private or internal V3XY systems.
Quick start Make your first authenticated request in minutes. Authentication API keys for servers, sessions for account dashboards. Crypto payments Accept LTC, XRP, USDT, and more to your wallets. Terms & legal Usage rules, privacy, and service credits.

Quick start

  1. Create an account at v3xyservices.com (email + verification code, or Discord).
  2. Open Account → Developer and generate a developer API key with the scopes you need.
  3. Add at least one payout wallet for the crypto assets you plan to accept.
  4. Call the API from your server using the key in the X-V3XY-API-Key header.
curl -X POST "https://api.v3xyservices.com/v1/developer/payments/crypto" \
  -H "X-V3XY-API-Key: v3xy_dev_your_secret_here" \
  -H "Content-Type: application/json" \
  -d '{
    "asset": "LTC",
    "amount_usd_cents": 2500,
    "customer_email": "buyer@example.com",
    "external_id": "order-1001"
  }'

The response includes a wallet_address and amount_crypto for your customer to pay. Poll payment status or use webhooks for confirmation.

Base URL

All requests use HTTPS. Paths in this documentation are relative to the versioned base URL.

EnvironmentBase URL
Primary https://api.v3xyservices.com/v1
Backup https://api-backup.pages.dev/v1

If the primary host is unreachable or returns 502, 503, or 504, retry the same path on the backup base URL. Send Content-Type: application/json on requests with a JSON body.

Authentication

V3XY uses two credential types. Do not mix them.

Developer API keys

Use when your backend calls the API on behalf of your V3XY developer account. Keys are issued in the account dashboard and must never appear in client-side code, mobile app binaries, or public repositories.

ItemValue
HeaderX-V3XY-API-Key
Formatv3xy_dev_ followed by a random secret
UsageServer-side only

Key scopes

ScopeAllows
payments:createCreate crypto payment requests
payments:readRead payment status for your account
wallets:readList saved payout addresses (masked)
webhooks:manageRegister or update webhook URLs
verify:sendSend email verification codes to your users

Keys without the required scope receive HTTP 403 with code: "api_key_scope".

Session tokens

Use when a logged-in person manages their account — creating keys, adding wallets, or viewing their own data in a browser or trusted app.

ItemValue
HeaderAuthorization: Bearer <session_token>
Obtained viaEmail sign-in or Discord OAuth (see Account endpoints)
LifetimeShort-lived; sign in again to refresh
Important: Developer API keys identify your integration. Session tokens identify a person. Never send developer keys from a browser or expose them in front-end JavaScript.

Payout wallets

Before accepting crypto through the API, add wallet addresses you control in Account → Developer → Payout wallets. V3XY never asks for private keys or seed phrases.

FieldDescription
assete.g. LTC, XRP, USDT_BSC, USDT_TRC20
addressYour public receive address
labelOptional name for your reference
is_defaultUsed when a payment does not specify an asset-specific wallet

Changing a default wallet may require email confirmation. Payments already in flight keep the address they were created with. Supported assets match those enabled on your account (Litecoin, XRP, USDT variants, and others as available).

API reference

All paths below are relative to the base URL. Unless marked Session, authenticate with X-V3XY-API-Key.

POST /developer/payments/crypto payments:create

Creates a crypto payment intent. Funds are sent to your payout wallet. V3XY monitors the chain and updates status; webhooks fire on detection and confirmation.

Request body

{
  "asset": "LTC",
  "amount_usd_cents": 4999,
  "customer_email": "buyer@example.com",
  "external_id": "your-order-12345",
  "metadata": { "cart_id": "abc" }
}
FieldRequiredDescription
assetYesCrypto asset code
amount_usd_centsYesInteger USD cents (minimum 100)
customer_emailYesBuyer email for receipts
external_idNoYour order / idempotency reference (max 128 chars)
metadataNoOpaque JSON returned in webhooks (max 4 KB)

Response 200

{
  "success": true,
  "payment_ref": "cp_8f3a…",
  "asset": "LTC",
  "wallet_address": "ltc1q…",
  "amount_crypto": "0.08421500",
  "amount_usd": "49.99",
  "expires_at": "2026-05-22T18:45:00.000Z",
  "confirmations_required": 2
}
GET /developer/payment-status?payment_ref=… payments:read

Returns the current status of a payment you created.

Response 200

{
  "success": true,
  "payment_ref": "cp_8f3a…",
  "status": "awaiting",
  "asset": "LTC",
  "amount_crypto": "0.08421500",
  "amount_usd_cents": 4999,
  "confirmations": 0,
  "confirmations_required": 2,
  "tx_hash": null,
  "external_id": "your-order-12345",
  "expires_at": "2026-05-22T18:45:00.000Z"
}
statusMeaning
awaitingNo matching transaction yet
detectedTransaction seen; waiting for confirmations
confirmedPaid — webhook delivered
expiredQuote window ended unpaid
cancelledVoided before payment
POST /developer/verify/send-code verify:send

Sends a 6-digit verification code to an email address your integration is verifying. Subject to per-account rate limits and acceptable-use policy.

{
  "email": "user@example.com",
  "purpose": "signup",
  "template": "default"
}

Response 200

{
  "success": true,
  "message": "Verification code sent.",
  "expires_in_seconds": 900
}

Account endpoints Session

For people signing into a V3XY account. Use Authorization: Bearer <session_token>.

MethodPathDescription
POST/auth/email/send-codeSend register or login code
POST/auth/email/registerCreate account with email + code
POST/auth/email/login-challengeStep 1 — password check, sends code
POST/auth/email/loginStep 2 — complete login with code
GET/developer/api-keysList your API keys (prefix only)
POST/developer/api-keysCreate key — secret shown once
DELETE/developer/api-keys/{id}Revoke a key
GET/developer/walletsList payout wallets
POST/developer/walletsAdd or update wallet
DELETE/developer/wallets/{id}Remove wallet

Discord sign-in for browser users: open https://api.v3xyservices.com/v1/auth/login and complete OAuth (redirects to the public storefront with a session).

Webhooks

Register an HTTPS URL in Account → Developer → Webhooks. V3XY signs each delivery.

Header: X-V3XY-Signature: t=<unix>,v1=<hmac_hex>

expected = HMAC_SHA256(webhook_secret, "<t>.<raw_body>")
EventWhen
payment.detectedIncoming transaction seen on chain
payment.confirmedRequired confirmations reached
payment.expiredPayment window closed unpaid
 
{
  "type": "payment.confirmed",
  "created_at": "2026-05-22T18:12:00.000Z",
  "data": {
    "payment_ref": "cp_8f3a…",
    "external_id": "your-order-12345",
    "asset": "LTC",
    "amount_usd_cents": 4999,
    "tx_hash": "abc…",
    "metadata": { "cart_id": "abc" }
  }
}

Respond with 2xx within 10 seconds. Failed deliveries are retried with exponential backoff.

Errors

{
  "success": false,
  "error": "Human-readable message",
  "code": "machine_code"
}
HTTPcodeMeaning
401api_key_missingNo X-V3XY-API-Key header
403api_key_invalidKey revoked or unknown
403api_key_scopeKey not permitted for this endpoint
403api_key_originDeveloper key used from a browser origin
429Rate limited — retry after Retry-After
503Temporary outage — try backup base URL

Rate limits

Limits apply per developer key and per account. Exact values may vary by tier.

AreaTypical limit
Payment creation60 requests / minute per key
Payment status300 requests / minute per key
Verification email10 messages / hour per recipient
Key / wallet changes10 requests / hour per account

Security practices

  1. Never commit API keys to version control or expose them in front-end code.
  2. Use separate keys for staging and production environments.
  3. Revoke keys immediately if you suspect a leak.
  4. Register webhook URLs on HTTPS endpoints you control only.
  5. Always verify webhook signatures before trusting payment events.
  6. Use external_id for idempotency on your side.
  7. Only add payout wallets you control — V3XY cannot recover misdirected funds.