API Documentation
Complete reference for integrating Proton Pay into your application. All client endpoints require JWT Bearer authentication.
Authentication
Obtain a JWT token via /auth/login, then include it in every request:
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...
Content-Type: application/jsonAccess tokens expire after 15 minutes. Use /auth/refresh with your refresh token to obtain a new one. Refresh tokens expire after 7 days.
Base URL
https://protonpay.org/apiAuth Endpoints
Public endpoints — no Bearer token required.
/auth/registerRegister a new user account.
{
"name": "John Doe",
"email": "john@example.com",
"password": "securePassword123"
}{
"token": "eyJhbGciOiJIUzI1NiIs...",
"refreshToken": "eyJhbGciOiJIUzI1NiIs...",
"user": {
"id": "cm...",
"email": "john@example.com",
"name": "John Doe",
"role": "USER"
}
}/auth/loginAuthenticate and receive JWT tokens.
{
"email": "john@example.com",
"password": "securePassword123"
}{
"token": "eyJhbGciOiJIUzI1NiIs...",
"refreshToken": "eyJhbGciOiJIUzI1NiIs...",
"user": {
"id": "cm...",
"email": "john@example.com",
"name": "John Doe",
"role": "USER",
"balanceUsdc": "1250.00"
}
}/auth/refreshRefresh an expired access token using a refresh token.
{
"refreshToken": "eyJhbGciOiJIUzI1NiIs..."
}{
"token": "eyJhbGciOiJIUzI1NiIs...",
"refreshToken": "eyJhbGciOiJIUzI1NiIs..."
}Client Endpoints
Require Authorization: Bearer TOKEN header.
/client/balanceGet current USDC balance and linked wallet info.
{
"balanceUsdc": "1250.00",
"walletAddress": "D9cCZQ...",
"walletNetwork": "Solana"
}/client/dashboardGet dashboard summary: balance, recent activity, account setup status.
{
"balance": "1250.00",
"totalDeposited": "5000.00",
"totalWithdrawn": "3750.00",
"recentActivity": [
{
"id": "cm...",
"type": "DEPOSIT",
"amount": "100.00",
"status": "CONFIRMED",
"createdAt": "2026-03-14T12:00:00Z"
}
],
"setupSteps": {
"emailVerified": true,
"kycCompleted": false,
"walletLinked": true,
"twoFaEnabled": false
}
}/client/deposit/cardCreate a card deposit session via Tap Payments (USD, OMR, AED, SAR), YooKassa (RUB), or FreedomPay (KZT/UZS/KGS). Returns a payment URL.
{
"amount": 100,
"currency": "usd",
"provider": "tap"
}{
"url": "https://checkout.tap.company/pay/chg_..."
}/client/withdrawCreate a USDC withdrawal to an external wallet. Subject to plan limits and cooldown.
{
"amount": 50,
"walletAddress": "D9cCZQxDN1fohCRSfQMRC...",
"network": "Solana"
}{
"payout": {
"id": "cm...",
"amount": "50.00",
"fee": "0.50",
"walletAddress": "D9cCZQ...",
"network": "Solana",
"status": "PENDING",
"createdAt": "2026-03-14T15:00:00Z"
}
}/client/transferInternal USDC transfer to another user by email or public ID.
{
"toIdentifier": "user@example.com",
"amount": 25,
"note": "Payment for services"
}{
"transfer": {
"id": "cm...",
"amount": "25.00",
"fee": "0",
"toUser": "user@example.com",
"status": "COMPLETED"
},
"newBalance": "1225.00"
}/client/activityGet transaction history (deposits, withdrawals, transfers).
{
"activity": [
{
"id": "cm...",
"type": "DEPOSIT",
"amount": "100.00",
"method": "CRYPTO",
"network": "Solana",
"status": "CONFIRMED",
"createdAt": "2026-03-14T12:00:00Z"
}
]
}/client/feesGet current fee schedule and withdrawal limits for your plan.
{
"fees": {
"deposit": { "commission": "0%" },
"withdrawal": {
"Solana": "0.01 USDC",
"Base": "0.05 USDC",
"Polygon": "0.02 USDC"
},
"transfer": { "fee": "0 USDC" },
"limits": {
"maxSingleWithdrawal": 10000,
"dailyWithdrawalLimit": 50000,
"withdrawalCooldownSec": 60
}
}
}Developer Endpoints
API keys, webhooks, and invoices for programmatic integration.
/client/api-keysCreate a new API key. The raw key is returned only once.
{
"name": "Production Key"
}{
"key": {
"id": "cm...",
"name": "Production Key",
"prefix": "sk_live_abc...",
"rawKey": "sk_live_abc123def456...",
"permissions": "full"
}
}/client/webhooksRegister a webhook endpoint to receive event notifications.
{
"url": "https://yourapp.com/webhooks/nova",
"events": ["deposit.confirmed", "payout.completed"]
}{
"webhook": {
"id": "cm...",
"url": "https://yourapp.com/webhooks/nova",
"events": ["deposit.confirmed", "payout.completed"],
"secret": "whsec_..."
}
}/client/invoicesCreate a payment invoice with a unique payment link.
{
"amount": 50,
"currency": "USDC",
"description": "Monthly subscription"
}{
"invoice": {
"id": "cm...",
"amount": "50.00",
"currency": "USDC",
"status": "PENDING",
"payUrl": "https://protonpay.org/pay/cm..."
}
}Supported Networks
Solana
USDC (SPL)
~400ms finality
Base
USDC (ERC-20)
~2s finality
Polygon
USDC (ERC-20)
~2s finality
Card Payment Providers
Tap Payments
USD, OMR, AED, SAR, KWD, BHD, EGP
provider: "tap", currency: "usd"YooKassa
RUB
provider: "yookassa", currency: "rub"FreedomPay
KZT, UZS, KGS
provider: "freedompay", currency: "kzt"Webhook Events
Configure webhook endpoints via POST /client/webhooks to receive real-time event notifications.
deposit.confirmedA crypto deposit has been confirmed on-chaindeposit.card.successA card payment has been completed successfullypayout.completedA USDC payout has been sent to the walletpayout.failedA payout has failed (insufficient balance, network error)transfer.completedAn internal user-to-user transfer completedinvoice.paidA payment invoice has been paidkyc.approvedUser KYC verification was approvedkyc.rejectedUser KYC verification was rejected{
"event": "deposit.confirmed",
"data": {
"id": "cm...",
"userId": "cm...",
"amount": "100.00",
"currency": "USDC",
"network": "Solana",
"txHash": "5xKm2Q...8b3c",
"status": "CONFIRMED"
},
"timestamp": "2026-03-14T12:00:00Z",
"signature": "hmac_sha256(payload, webhook_secret)"
}Rate Limits
Error Codes
| Code | Description |
|---|---|
| 400 | Bad Request — Invalid or missing parameters |
| 401 | Unauthorized — Missing or expired JWT token |
| 403 | Forbidden — Insufficient permissions or plan limit reached |
| 404 | Not Found — Resource does not exist |
| 409 | Conflict — Duplicate operation (e.g. withdrawal cooldown) |
| 429 | Too Many Requests — Rate limit exceeded |
| 500 | Internal Server Error — Something went wrong on our end |
| 503 | Service Unavailable — Payment provider not configured |