Logo

Flint API

Getting started

Authorization

All API requests are required to be authorized.

Authorize all requests with the x-api-key header. Your API key can be found in the Flint dashboard.

API Key Security

Your API key is a secret and should not be shared with anyone, or left in your codebase as plaintext. If you suspect your API key has been compromised, kindly log into your merchant console and delete said key.

Sample request with authorization

Authorize a request to the stables stack API using the x-api-key header. Alternatively, you can use the flint-api-key header.

async function getTransactions() {
  const request = await fetch(
    `${process.env.FLINT_API_BASE_URL}/v1/transactions`,
    {
      headers: {
        'x-api-key': `${process.env.FLINT_API_KEY}`,
      },
    },
  )

  const response = await request.json()
  return response
}

That is it! That is all that is required to hit the Flint stables stack API, access on/off ramp, manage wallets, and subscribe to blockchain events.

20 RPS Rate limit

API keys are rate limited to prevent abuse, and to manage the load on our server from a single client

Webhook signature verification

import crypto from 'node:crypto'

export function isWebhookSignatureValid(
  body: any,
  signature: string,
  webhookSecretKey: string,
): boolean {
  const hash = crypto
    .createHmac('sha512', webhookSecretKey)
    .update(JSON.stringify(body))
    .digest('hex')

  return signature === hash
}

Introduction

Welcome to the FlintAPI Stables Stack documentation.

Ramp resource

Next Page

On this page

Sample request with authorizationWebhook signature verification