🗝️Public API Access

Public Routes

The following Public routes do not require special private-key signed headers, just the public key:

• /v1/orders/*

• /v1/currencies/*

• /v1/blockchains/*

• /v1/payment-routes/*

When generating an API Client key, you’ll receive:

• Public Key (Base58) – stored by Swapped

• Private Key (Base58, 32 bytes) – used to sign requests

⚠️ Your Commerce Client API private key is never stored by Swapped If lost, it cannot be recovered — generate a new key, if necessary

If you call a public route, Swapped Commerce will not validate a signature, and your request will succeed without using your private key. However:

You should still securely store your API Client key pair (public and private) if you wish to use Authenticated API routes in the future

Using your Public Key

When using your Public API Key to make requests to the Swapped Commerce API directly, you'll need to provide your public key as an identifier. Set this as the X-API-Key Header, as seen below:

const axios = require('axios');

// Config
const API_KEY  = 'YOUR_API_KEY';
const BASE_URL = 'https://pay-api.swapped.com';
const ENDPOINT = '/v1/orders';

// Payload
const payload = {
  purchase: {
    name: 'text',
    description: 'text',
    imageUrl: 'text',
    price: 'text',
    currency: 'USD'
  },
  metadata: {
    externalId: 'text',
    customerId: 'text',
    customerCountry: 'text',
    customerEmail: 'text',
    redirectUrl: 'text'
  }
};

// Headers
const headers = {
  'X-API-Key': API_KEY,
  'Content-Type': 'application/json',
  'Accept': '*/*'
};

// Request
axios.post(`${BASE_URL}${ENDPOINT}`, payload, { headers })
  .then(response => {
    console.log('✅ Success:', response.status);
    console.log(response.data);
  })
  .catch(error => {
    console.error(error);
  });