TransX402 Docs

API Reference

Complete documentation of all TransX402 REST API endpoints — authentication, merchant management, payment facilitation, sandbox, and more.

Base URL

The environment is determined automatically from the API key prefix:

Key PrefixEnvironmentURL
ipk_sandbox_Sandbox (Anvil fork)https://sandbox.transx402.com
ipk_live_Production (Base mainnet)https://api.transx402.com

Authentication

Endpoint GroupAuthMethod
/facilitateAPI KeyX-API-Key header
/payments/*API KeyX-API-Key header
/tokens/*None (public)
/healthNone (public)
/verify/:txHashNone (public)
/auth/*Wallet signatureSIWE
/merchant/*Session cookieSet after /auth/login
/sandbox/*Sandbox API KeyX-API-Key header

Authentication and Registration

POST /auth/register

Register a new merchant account. Requires a SIWE signature to prove wallet ownership.

Request:

{
  "email": "merchant@example.com",
  "walletAddress": "0xMerchant...",
  "name": "My Blog",
  "website": "https://myblog.com",
  "signature": "0x...",
  "message": "Sign in to TransX402\nNonce: abc123\nTimestamp: 2026-04-01T10:00:00Z"
}

Response:

{
  "merchantId": "m_abc123",
  "email": "merchant@example.com",
  "walletAddress": "0xMerchant...",
  "sandboxApiKey": "ipk_sandbox_...",
  "createdAt": "2026-04-01T10:00:00Z"
}

On registration, a sandbox API key is automatically created. Production keys are created separately from the dashboard.

POST /auth/login

Login with wallet signature. Sets a session cookie for dashboard access.

POST /auth/logout

Clear session.


Payment Facilitation

POST /facilitate

Process a signed payment authorization. This is the core endpoint called by x402 clients.

Auth: API Key (X-API-Key header)

Processing pipeline:

  1. Parse and validate request schema
  2. Authenticate API key, resolve merchant and environment
  3. Route to correct chain (sandbox Anvil or production Base)
  4. Verify token is in the registry
  5. Verify Permit2 signature
  6. Check deadline has not passed
  7. Check nonce has not been used
  8. Check payer's IDRX balance
  9. Check payer's Permit2 allowance
  10. Simulate transaction
  11. Submit transaction on-chain
  12. Wait for confirmation
  13. Record payment in database
  14. Fire webhook (async)
  15. Return transaction hash

Payment Status

GET /payments/:txHash

Get the status of a payment by transaction hash.

Auth: API Key

Response:

{
  "txHash": "0x...",
  "status": "confirmed",
  "from": "0xPayer",
  "to": "0xMerchant",
  "token": "IDRX",
  "amount": "150000000000000000000000",
  "amountFormatted": "150000",
  "currency": "IDR",
  "network": "base",
  "blockNumber": 12345678,
  "timestamp": "2026-04-01T10:30:00Z",
  "resource": "https://example.com/article/123"
}

Status values: pending, confirmed, failed

GET /payments

List payments for the authenticated merchant.

Auth: API Key

Query parameters:

ParamTypeDescription
pagenumberPage number (default: 1)
limitnumberItems per page (default: 20, max: 100)
statusstringFilter by status
fromstringFilter by payer address
sinceISO dateFilter payments after this date
untilISO dateFilter payments before this date

Response:

{
  "payments": [],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 142,
    "totalPages": 8
  }
}

Merchant Profile

GET /merchant/me

Get the current merchant profile.

Auth: Session cookie

PATCH /merchant/me

Update merchant profile.

Auth: Session cookie

Request:

{
  "name": "My Updated Blog",
  "webhookUrl": "https://myblog.com/webhook/transx402",
  "webhookSecret": "auto",
  "defaultToken": "IDRX",
  "defaultNetwork": "base"
}

GET /merchant/stats

Get payment statistics.

Auth: Session cookie

Response:

{
  "totalPayments": 1423,
  "totalVolume": {
    "IDRX": "21345000000000000000000000000",
    "formatted": {
      "IDRX": "21,345,000,000 IDR"
    }
  },
  "last30Days": {
    "payments": 342,
    "volume": { "IDRX": "..." },
    "uniquePayers": 89
  }
}

API Key Management

POST /merchant/api-keys

Create a new API key.

Auth: Session cookie

Request:

{
  "environment": "sandbox",
  "label": "WordPress Site"
}

Response:

{
  "id": "key_abc123",
  "key": "ipk_sandbox_abc123def456...",
  "prefix": "ipk_sandbox_abc1",
  "environment": "sandbox",
  "label": "WordPress Site",
  "createdAt": "2026-04-01T10:00:00Z"
}

Important: The full key field is only returned once at creation. Store it securely.

GET /merchant/api-keys

List all API keys (shows prefix, label, environment, last used — never the full key).

Auth: Session cookie

DELETE /merchant/api-keys/:id

Revoke an API key.

Auth: Session cookie


Sandbox Utilities

These endpoints are only accessible with sandbox API keys.

POST /sandbox/fund

Fund a test wallet with IDRX on the sandbox chain.

Auth: Sandbox API Key

Request:

{
  "address": "0xTestWallet...",
  "amount": "1000000"
}

Response:

{
  "txHash": "0x...",
  "address": "0xTestWallet...",
  "amount": "1000000",
  "token": "IDRX",
  "balance": "1000000"
}

POST /sandbox/reset

Reset sandbox chain state (re-fork from latest Base mainnet block).

Auth: Sandbox API Key

GET /sandbox/wallets

List pre-funded test wallets with IDRX and ETH balances.

Auth: Sandbox API Key

Response:

{
  "wallets": [
    {
      "address": "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266",
      "ethBalance": "10000.0",
      "idrxBalance": "10000000000",
      "privateKey": "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80"
    }
  ]
}

These are Anvil's deterministic accounts — safe to expose in sandbox only.


Token Information

GET /tokens

List all supported tokens.

Auth: None

GET /tokens/:symbol/price

Get current price information for a token.

Auth: None

Response:

{
  "symbol": "IDRX",
  "currency": "IDR",
  "rate": 1.0,
  "lastUpdated": "2026-04-01T10:30:00Z"
}

Payment Verification

GET /verify/:txHash

Public endpoint to verify a payment was processed by TransX402. Useful for server-side verification without an API key.

Auth: None

Response:

{
  "verified": true,
  "txHash": "0x...",
  "token": "IDRX",
  "amount": "150000000000000000000000",
  "from": "0xPayer",
  "to": "0xMerchant",
  "network": "base"
}

Health Check

GET /health

Auth: None

Response:

{
  "status": "ok",
  "version": "1.0.0",
  "networks": {
    "base": { "status": "ok", "blockNumber": 12345678 }
  }
}

Error Format

All errors follow a consistent format:

{
  "error": {
    "code": "insufficient_balance",
    "message": "Payer IDRX balance is below required amount",
    "details": {
      "required": "150000000000000000000000",
      "available": "50000000000000000000000"
    }
  }
}

Error Codes

CodeHTTP StatusDescription
invalid_signature400Permit2 signature verification failed
insufficient_balance400Payer doesn't have enough tokens
no_permit2_approval400Payer hasn't approved Permit2 contract
expired_deadline400Payment authorization has expired
unsupported_token400Token not in registry
unsupported_network400Network not supported for this token
simulation_failed400Transaction simulation reverted
tx_failed500On-chain transaction reverted
rate_limited429Too many requests
unauthorized401Invalid or missing API key

Rate Limits

EndpointLimit
POST /facilitate60/min per IP
GET /payments/*120/min per API key
POST /merchants/*10/min per IP
All others120/min per IP