DApp API Reference
This website documents the public API for PlasmaPay DApp
You can view code examples in the dark area to the right; switch the programming language of the examples with the tabs in the top right.
Authentication
curl -X GET -H "content-type: application/json" -H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1//me
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/me', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',`JWT ${ACCESS_TOKEN}`);
req.setRequestHeader('content-type','application/json');
xhr.send();
The PlasmaPay API is JSON based. In order to make an authenticated call to the API, you must include your access token with the call. OAuth2 uses a JWT token that is passed along in an Authorization header.
Registering an Application
In order to use the PlasmaPay DApp API, you must have an active PlasmaPay account. Once you're logged in to your account you can register a new DApp application at https://app.plasmapay.com/id/profile/dapp-settings/create.
After successfully registering a new application, you will be given a set of 2 unique keys:
CLIENT_IDCLIENT_SECRET(needed only for Authorization flow with client server)
We are support two implementations of Authorization Flow:
- For browser Applications (CLIENT_SECRET not needed for exchange code to token)
- For browser and server (full-stack) Applications (CLIENT_SECRET needed for exchange code to token)
Also you must configure domain whitelist for accept CORS requests.
OAuth2 Authentication Flows
The PlasmaPay DApp Authorization is based on OAuth2.
If you are familiar with OAuth, then the authentication endpoints are as follows:
- UI Dialog:
https://app.plasmapay.com/id/permission-oauth - Authorization:
https://app.plasmapay.com/id/oauth/v1/authorize - Token Request:
https://app.plasmapay.com/id/oauth/v1/token
Available Authentication Flows
The PlasmaPay DApp API supports two common OAuth 2.0 flows:
Under the majority of circumstances we recommend the Authorization Code flow as it provides the highest level of security.
If you plan on building an application that will be used by multiple PlasmaPay accounts, you MUST use the Authorization Code flow.
Authorization Code
For implement this flow you need:
CLIENT_IDCLIENT_SECRET
provided when registering your application.
The Authorization Code flow is a redirection-based flow, which means the application must be able to redirect the application user and receive authorization codes via a web browser.
Step 1: Authorization
const url = "https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}" +
"&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}&state={STATE}";
window.location.href = url;
open https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}&state={STATE}
An authorization code is the key used to retrieve the access token. In order to acquire an authorization code, you need to redirect the user's browser to the authorization&permissions dialog of PlasmaPay.
GET https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}&state={STATE}
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an authorization code grant | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| PlasmaPay permissions to request from the user. Read more in Scopes | |
| A random string generated in your Application |
Step 2: User Authorization
Once directed to the above link, the user will be asked to log in to their PlasmaPay account (if they're not already logged in). They will then be asked to authorize or deny the authentication request and accept permissions.
Step 3: Authorization Code response
RESPONSE
302 Found
Location: https://{YOUR_APP_DOMAIN}/auth/callback?code={CODE}&state={STATE}
After the user successfully authorizes the application, they will be redirected back to
the provided redirect_uri with the authorization code as a query parameter named code.
e.g. https://{YOUR_APP_DOMAIN}/auth/callback?code={CODE}&state={STATE}
Step 4: Exchange code for an access_token
curl -H "Content-type: application/json" -X POST https://app.plasmapay.com/id/oauth/v1/token
-d '{"client_id": "{CLIENT_ID}", "client_secret": "{CLIENT_SECRET}",
"redirect_uri": "https://{YOUR_APP_DOMAIN}/auth/callback", "code": "{CODE_FROM_STEP_3}",
"grant_type": "authorization_code", "scope":"{SCOPE}"}'
var request = require('request');
const options = {
uri: 'https://app.plasmapay.com/id/oauth/v1/token',
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
json: {
client_id: "{CLIENT_ID}",
client_secret: "{CLIENT_SECRET}",
redirect_uri: "https://{YOUR_APP_DOMAIN}/auth/callback",
code: "{CODE_FROM_STEP_3}",
grant_type: "authorization_code",
scope:"{SCOPE}"
}
}
request(options, function (error, response, body) {
if (!error && response.statusCode === 200) {
// Handle body
}
});
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}"
}
Your redirect_uri may be implemented as:
- SPA page that passes the code to your backend server
- backend server endpoint
In any case, the request for exchange the code to the access token should be made by your backend server.
The access token is a JWT key used to make requests to the API.
In order to get an access token, the application must make a POST request to
POST https://app.plasmapay.com/id/oauth/v1/token
with the client_id, client_secret, redirect_uri, code, grant_type and scope as parameters.
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an authorization code | |
| The application's client ID provided when registering your application | |
| The application's client secret provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| Must match the authorization code returned by the authorization endpoint in Step 3 | |
| PlasmaPay permissions to request from the user. Read more in Scopes |
After receive the access_token, this is the point where you will likely want to save off the details for future reuse without requiring user interaction. In server DB for example. To reconstruct a refreshable access token you will need to store the access_token and refresh_token parameters returned.
Refreshing an Access Token
curl -H "Content-type: application/json" -X POST https://app.plasmapay.com/id/oauth/v1/token
-d '{"client_id": "{CLIENT_ID}", "client_secret": "{CLIENT_SECRET}",
"redirect_uri": "http://my.application.com/auth/callback", "refresh_token": "{REFRESH_TOKEN}",
"grant_type": "refresh_token", "scope":"{SCOPE}"}'
var request = require('request');
const options = {
uri: 'https://app.plasmapay.com/id/oauth/v1/token',
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
json: {
client_id: "{CLIENT_ID}",
client_secret: "{CLIENT_SECRET}",
redirect_uri: "http://my.application.com/auth/callback",
refresh_token: "{REFRESH_TOKEN}",
grant_type: "refresh_token",
scope:"{SCOPE}"
}
}
request(options, function (error, response, body) {
if (!error && response.statusCode === 200) {
// Handle body
}
});
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}"
}
A refresh token is a JWT token returned when creating an access token that can be used to request a new access token when the existing current access token expires.
To refresh an access token, the application must make a POST request to
POST https://app.plasmapay.com/id/oauth/v1/token
with the client_id, client_secret, redirect_uri, refresh_token, grant_type and scope as parameters.
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an refresh token | |
| The application's client ID provided when registering your application | |
| The application's client secret provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| Must match the refresh token returned by the authorization endpoint in Step 4 | |
| PlasmaPay permissions to request from the user. Read more in Scopes |
Authorization Code (SPA)
For implement this flow you need:
CLIENT_ID
provided when registering your application.
The Authorization Code flow is a redirection-based flow, which means the application must be able to redirect the application user and receive authorization codes via a web browser.
Step 1: Authorization
const url = "https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}" +
"&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}";
window.location.href = url;
open https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}
An authorization code is the key used to retrieve the access token. In order to acquire an authorization code, you need to redirect the user's browser to the authorization&permissions dialog of PlasmaPay.
GET https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=code&scope={SCOPE}&state={STATE}
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an authorization code grant | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| PlasmaPay permissions to request from the user. Read more in Scopes | |
| A random string generated in your Application |
Step 2: User Authorization
Once directed to the above link, the user will be asked to log in to their PlasmaPay account (if they're not already logged in). They will then be asked to authorize or deny the authentication request and accept permissions.
Step 3: Authorization Code response
RESPONSE
302 Found
Location: https://{YOUR_APP_DOMAIN}/auth/callback?code={CODE}&state={STATE}
After the user successfully authorizes the application, they will be redirected back to
the provided redirect_uri with the authorization code as a query parameter named code.
e.g. https://{YOUR_APP_DOMAIN}/auth/callback?code={CODE}&state={STATE}
Step 4: Exchange code for an access_token
curl -H "Content-type: application/json" -X POST https://app.plasmapay.com/id/oauth/v1/token
-d '{"client_id": "{CLIENT_ID}", "redirect_uri": "https://{YOUR_APP_DOMAIN}/auth/callback",
"code": "{CODE_FROM_STEP_3}", "grant_type": "authorization_code", "scope":"{SCOPE}"}'
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('POST', 'https://app.plasmapay.com/id/oauth/v1/token', true);
xhr.withCredentials = true;
req.setRequestHeader('content-type','application/json');
xhr.send(JSON.stringify({
client_id: "{CLIENT_ID}",
redirect_uri: "https://{YOUR_APP_DOMAIN}/auth/callback",
code: "{CODE_FROM_STEP_3}",
grant_type: "authorization_code",
scope: "{SCOPE}"
}));
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}"
}
The access token is a JWT key used to make requests to the API.
In order to get an access token, the application must make a POST request to
POST https://app.plasmapay.com/id/oauth/v1/token
with the client_id, redirect_uri, code, grant_type and scope as parameters.
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an authorization code | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| Must match the authorization code returned by the authorization endpoint in Step 3 | |
| PlasmaPay permissions to request from the user. Read more in Scopes |
After receive the access_token, this is the point where you will likely want to save off the details for future reuse without requiring user interaction. window.localStorage for example. To reconstruct a refreshable access token you will need to store the access_token and refresh_token parameters returned.
Refreshing an Access Token
curl -H "Content-type: application/json" -X POST https://app.plasmapay.com/id/oauth/v1/token
-d '{"client_id": "{CLIENT_ID}", "redirect_uri": "http://my.application.com/auth/callback",
"refresh_token": "{REFRESH_TOKEN}", "grant_type": "refresh_token", "scope":"{SCOPE}"}'
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('POST', 'https://app.plasmapay.com/id/oauth/v1/token', true);
xhr.withCredentials = true;
req.setRequestHeader('content-type','application/json');
xhr.send(JSON.stringify({
client_id: "{CLIENT_ID}",
redirect_uri: "http://my.application.com/auth/callback",
refresh_token: "{REFRESH_TOKEN}",
grant_type: "refresh_token",
scope:"{SCOPE}"
}));
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}"
}
A refresh token is a JWT token returned when creating an access token that can be used to request a new access token when the existing current access token expires.
To refresh an access token, the application must make a POST request to
POST https://app.plasmapay.com/id/oauth/v1/token
with the client_id, redirect_uri, refresh_token, grant_type and scope as parameters.
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an refresh token | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| Must match the refresh token returned by the authorization endpoint in Step 4 | |
| PlasmaPay permissions to request from the user. Read more in Scopes |
Implicit (SPA)
For implement this flow you need:
CLIENT_ID
provided when registering your application.
The Implicit flow is a redirection-based flow, which means the application must be able to redirect the application user and receive authorization codes via a web browser.
Step 1: Authorization
const url = "https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}" +
"&redirect_uri={REDIRECT_URI}&response_type=token&scope={SCOPE}";
window.location.href = url;
open https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=token&scope={SCOPE}
An authorization code is the key used to retrieve the access token. In order to acquire an authorization code, you need to redirect the user's browser to the authorization&permissions dialog of PlasmaPay.
GET https://app.plasmapay.com/id/permission-oauth?client_id={CLIENT_ID}
&redirect_uri={REDIRECT_URI}&response_type=token&scope={SCOPE}&state={STATE}
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an token grant | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| PlasmaPay permissions to request from the user. Read more in Scopes | |
| A random string generated in your Application |
Step 2: User Authorization
Once directed to the above link, the user will be asked to log in to their PlasmaPay account (if they're not already logged in). They will then be asked to authorize or deny the authentication request and accept permissions.
Step 3: Access/Refresh tokens
RESPONSE
302 Found
Location: https://{YOUR_APP_DOMAIN}/auth/callback#access_token={ACCESS_TOKEN}
&refresh_token={REFRESH_TOKEN}&state={STATE}
After the user successfully authorizes the application, they will be redirected back to
the provided redirect_uri with the access_token and refresh_token as a HTTP #fragment part of the URL.
e.g. https://{YOUR_APP_DOMAIN}/auth/callback#access_token={ACCESS_TOKEN}
&refresh_token={REFRESH_TOKEN}&state={STATE}
The access token is a JWT key used to make requests to the API.
After receive the access_token, this is the point where you will likely want to save off the details for future reuse without requiring user interaction. window.localStorage for example. To reconstruct a refreshable access token you will need to store the access_token and refresh_token parameters returned.
Refreshing an Access Token
curl -H "Content-type: application/json" -X POST https://app.plasmapay.com/id/oauth/v1/token
-d '{"client_id": "{CLIENT_ID}", "redirect_uri": "http://my.application.com/auth/callback",
"refresh_token": "{REFRESH_TOKEN}", "grant_type": "refresh_token", "scope":"{SCOPE}"}'
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('POST', 'https://app.plasmapay.com/id/oauth/v1/token', true);
xhr.withCredentials = true;
req.setRequestHeader('content-type','application/json');
xhr.send(JSON.stringify({
client_id: "{CLIENT_ID}",
redirect_uri: "http://my.application.com/auth/callback",
refresh_token: "{REFRESH_TOKEN}",
grant_type: "refresh_token",
scope:"{SCOPE}"
}));
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}"
}
A refresh token is a JWT token returned when creating an access token that can be used to request a new access token when the existing current access token expires.
To refresh an access token, the application must make a POST request to
POST https://app.plasmapay.com/id/oauth/v1/token
with the client_id, redirect_uri, refresh_token, grant_type and scope as parameters.
| Parameter | Meaning |
|---|---|
| Specifies that your application is requesting an refresh token | |
| The application's client ID provided when registering your application | |
| Should be set to a URL in your application where the user will be redirected back to after the request is authorized | |
| Must match the refresh token returned by the authorization endpoint in Step 4 | |
| PlasmaPay permissions to request from the user. Read more in Scopes |
Scopes
OAuth2 authentication require that you obtain correct permissions (scopes) to access different API endpoints.
With OAuth2, scopes should be considered as grants: Users can select which scopes they grant access to for the application. The application might need to request new scopes over the lifecycle of the authorization.
PlasmaPay OAuth2 provide the following permissions at the moment:
| Permission | Meaning |
|---|---|
| General access to PlasmaPay Account |
As a general rule, you should only ask for scopes which your application needs and avoid asking for access to unnessary ones. Users more readily grant access to limited, clearly described scopes.
Status codes
The PlasmaPay API uses the following error codes:
| Code | Meaning |
|---|---|
| 200 | OK Successful request |
| 201 | Created New object saved |
| 204 | No content Object deleted |
| Code | Meaning |
|---|---|
| 400 | Bad Request -- You have passed a malformed request |
| 401 | Unauthorized -- Your API key is incorrect |
| 403 | Forbidden -- The resource requested is not available with your permissions |
| 404 | Not Found -- The specified resource could not be found |
| 422 | Unprocessable Entity -- Your request is invalid |
| 500 | Internal Server Error -- We had a problem with our server. Try again later |
| 503 | Service Unavailable (Time out) -- The server is overloaded or down for maintenance |
CORS
The PlasmaPay DApp API supports cross-origin HTTP requests which is commonly referred as CORS. This means that you can call API resources using Javascript from any browser, but you need add domains to whitelist in OAuth settings of your Application. While this allows many interesting use cases, it’s important to remember that you should never expose CLIENT_SECRET to 3rd parties.
Resources
GET /meta
Get meta info
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/meta
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/meta', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"title": "Dapp title"
}
In order to get current User you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/meta
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
GET /me
Get current user
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/me
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/me', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"id": "5af9726ebsa232002144771a",
"avatar": {
"ref": "{{AVATAR_URI}}"
},
"createdAt": "2018-05-14T11:26:38.400Z",
"displayName": "Vasya Vasin",
"firstName": "Vasya",
"lastName": "Vasin",
"locale": "en",
"username": "testtest1111"
}
In order to get current User you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/me
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
GET /tokens
Get user tokens
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/tokens
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/tokens', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
[{
"token": "USDP",
"decimals": 18
}, {
"token": "RUBP",
"decimals": 18
}, {
"token": "MYRP",
"decimals": 18
}, {
"token": "HKDP",
"decimals": 18
}, {
"token": "GBPP",
"decimals": 18
}, {
"token": "EURP",
"decimals": 18
}, {
"token": "CZKP",
"decimals": 18
}, {
"token": "BTCP",
"decimals": 18
}, {
"token": "PLASMA",
"decimals": 18
}]
In order to get user tokens you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/tokens
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
GET /balance
Get balances by all or some user tokens
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/balance
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/balance', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
[{
"token": "USDP",
"balance": 924.6831701897099
}, {
"token": "RUBP",
"balance": 4780.547415329875
}, {
"token": "MYRP",
"balance": 111
}, {
"token": "HKDP",
"balance": 0
}, {
"token": "GBPP",
"balance": 0
}, {
"token": "EURP",
"balance": 8
}, {
"token": "CZKP",
"balance": 0
}, {
"token": "BTCP",
"balance": 0.00067099
}, {
"token": "PLASMA",
"balance": 0
}]
In order to get balances by all or some user tokens you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/balance
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string[] | No | Filter balances for needed tokens |
GET /balance/app
Get Dapp balances
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/balance/app?contract=someusername
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/balance/app?contract=someusername', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
[{
"balance": "20.602060206020602060",
"token": "USDP"
}, {
"balance": "0.010000000000000000",
"token": "GBPP"
}]
In order to get Dapp balances you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/balance/app?contract=someusername
This resource is public and not require header authorization.
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string | Yes | Account of contract |
GET /actions/my
Get contract actions of current user
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/actions/my?contract=someusername
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/actions/my?contract=someusername', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
[{
"global_action_seq": 3,
"account_action_seq": 2,
"block_num": 1,
"block_time": "2019-10-25T11:23:56.000",
"action_trace": {
"receipt": {},
"act": {},
"context_free": false,
"elapsed": 4,
"console": "Delayed transaction has been triggered",
"trx_id": "{TX_ID}",
"block_num": 1,
"block_time": "2019-10-25T11:23:56.000",
"producer_block_id": "{BLOCK_ID}",
"account_ram_deltas": [],
"except": null,
"inline_traces": []
}
}]
In order to get contract actions of current user you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/actions/my?contract=someusername
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string | Yes | Account of contract |
GET /actions/all
Get all contract actions
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/actions/all?contract=someusername
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/actions/all?contract=someusername', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
[{
"global_action_seq": 3,
"account_action_seq": 2,
"block_num": 1,
"block_time": "2019-10-25T11:23:56.000",
"action_trace": {
"receipt": {},
"act": {},
"context_free": false,
"elapsed": 4,
"console": "Delayed transaction has been triggered",
"trx_id": "{TX_ID}",
"block_num": 1,
"block_time": "2019-10-25T11:23:56.000",
"producer_block_id": "{BLOCK_ID}",
"account_ram_deltas": [],
"except": null,
"inline_traces": []
}
}]
In order to get all actions you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/actions/all?contract=someusername
This resource is public and not require header authorization.
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string | Yes | Account of contract |
GET /fees
Get fees
curl
-X GET
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/fees?username=someusername&tokenCode=USDP
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
xhr.open('GET', 'https://app.plasmapay.com/plasma/api/v1/fees?username=someusername&tokenCode=USDP', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send();
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"plasma": {
"balance": "0",
"minFee": 1,
"decimals": 18,
"currencyRate": 0.741291,
"feePercents": 0.00005,
"exchangeFeePercents": 0.001
},
"currency": {
"balance": "924683170189709970998",
"minFee": 1,
"plasmaRate": 1.348997,
"decimals": 18,
"feePercents": 0.0001,
"exchangeFeePercents": 0.001
}
}
In order to get contract actions of current user you must make a GET request to
GET https://app.plasmapay.com/plasma/api/v1/fees?username=someusername&tokenCode=USDP
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string | Yes | Username of user account | |
| string | Yes | Token code of one of user tokens |
POST /send-tx
Send tx to blockchain
curl
-X POST
-H "content-type: application/json"
-H "authorization: JWT <ACCESS_TOKEN>"
https://app.plasmapay.com/plasma/api/v1/send-tx
-d '{"actions":[{"account":"{CONTRACT}","name":"{CONTRACT_ACTION_NAME}","authorization":[{"actor":"{USERNAME}","permission":"{CONTRACT_PERMISSION_ACCUOUNT_NAME}"}],"data":{"contractParam1":1,"contractParam2":"2","contractParam3":{},"quantity":"10.001000100010001000 USDP"}}]}'
const xhr = new XMLHttpRequest();
xhr.onload = function () {
// Handle xhr.status and xhr.responseText
};
const data = {
"actions": [{
"account": "{CONTRACT}",
"name": "{CONTRACT_ACTION_NAME}",
"authorization": [{
"actor": "{USERNAME}",
"permission": "{CONTRACT_PERMISSION_ACCUOUNT_NAME}"
}],
"data": {
"contractParam1": 1,
"contractParam2": "2",
"contractParam3": {},
"quantity": "10.001000100010001000 USDP"
}
}]
}
xhr.open('POST', 'https://app.plasmapay.com/plasma/api/v1/send-tx', true);
xhr.withCredentials = true;
xhr.setRequestHeader('authorization',JWT {ACCESS_TOKEN});
req.setRequestHeader('content-type','application/json');
xhr.send(data);
RESPONSE
200 Ok
Content-Type: application/json
BODY
{
"rawTx": {
"transaction_id": "{TX_HASH}",
"processed": {
"id": "{HASH}",
"block_num": 25784543,
"block_time": "2019-10-25T12:00:59.500",
"producer_block_id": null,
"receipt": {
"status": "executed",
"cpu_usage_us": 10141,
"net_usage_words": 18
},
"elapsed": 10141,
"net_usage": 144,
"scheduled": false,
"action_traces": [{
"receipt": {},
"act": {},
"context_free": false,
"elapsed": 7344,
"console": "",
"trx_id": "{HASH}",
"block_num": 25784543,
"block_time": "2019-10-25T12:00:59.500",
"producer_block_id": null,
"account_ram_deltas": [{}],
"except": null,
"inline_traces": [{
"receipt": {},
"act": {},
"context_free": false,
"elapsed": 2306,
"console": "",
"trx_id": "{HASH}",
"block_num": 25784543,
"block_time": "2019-10-25T12:00:59.500",
"producer_block_id": null,
"account_ram_deltas": [],
"except": null,
"inline_traces": [{},{}]
}]
}],
"except": null
}
},
"parsedTx": {
"id": "{TX_HASH}",
"blockNum": 25784543,
"blockTime": "2019-10-25T12:00:59.500",
"blockId": null,
"actions": [{
"actionId": "{HASH}",
"name": "{CONTRACT_ACTION_NAME}",
"account": "{CONTRACT}",
"data": {
"contractParam1": 1,
"contractParam2": "2",
"contractParam3": {},
"quantity": "10.001000100010001000 USDP"
},
"console": "",
"actors": ["{USERNAME}"],
"subactions": [{
"actionId": "{HASH}",
"name": "transfer",
"account": "{CONTRACT}",
"data": {
"from": "{USERNAME}",
"to": "{CONTRACT}",
"quantity": "10.001000100010001000 USDP",
"memo": "Staked"
},
"console": "",
"actors": ["{CONTRACT}"],
"subactions": [],
"events": []
}],
"events": [{
"type": "transfer",
"from": "{USERNAME}",
"to": "{CONTRACT}",
"quantity": "10.001000100010001000",
"currency": "USDP",
"actionId": "{HASH}",
"fee": {
"quantity": 0,
"currency": "PLASMA"
}
}]
}],
"events": [{
"type": "transfer",
"from": "{USERNAME}",
"to": "{CONTRACT}",
"quantity": "10.001000100010001000",
"currency": "USDP",
"actionId": "{HASH}",
"fee": {
"quantity": 0,
"currency": "PLASMA"
},
"mainAction": {
"actionId": "{HASH}",
"name": "open",
"account": "{CONTRACT}",
"data": {
"contractParam1": 1,
"contractParam2": "2",
"contractParam3": {},
"quantity": "10.001000100010001000 USDP"
},
"console": "",
"actors": ["{USERNAME}"]
},
"blockNum": 25784543,
"timestamp": "2019-10-25T12:00:59.500",
"blockId": null,
"txId": "{TX_HASH}",
"actionNum": 0
}],
"legacyEvents": [{
"type": "transfer",
"from": "{USERNAME}",
"to": "{CONTRACT}",
"currency": "USDP",
"actionNum": 0,
"txId": "{TX_HASH}",
"blockNum": 25784543,
"blockId": null,
"timestamp": "2019-10-25T12:00:59.500",
"feePlasma": 0,
"feeCurrency": 0,
"quantity": "10.001000100010001000"
}]
},
"moneyActions": [{
"type": "transfer",
"from": "{USERNAME}",
"to": "{CONTRACT}",
"quantity": "10.001000100010001000",
"currency": "USDP",
"actionId": "{HASH}",
"fee": {
"quantity": 0,
"currency": "PLASMA"
},
"mainAction": {
"actionId": "{HASH}",
"name": "open",
"account": "{CONTRACT}",
"data": {
"contractParam1": 1,
"contractParam2": "2",
"contractParam3": {},
"quantity": "10.001000100010001000 USDP"
},
"console": "",
"actors": ["{USERNAME}"]
},
"blockNum": 25784543,
"timestamp": "2019-10-25T12:00:59.500",
"blockId": null,
"txId": "{TX_HASH}",
"actionNum": 0
}]
}
In order to get balances by all or some user tokens you must make a GET request to
POST https://app.plasmapay.com/plasma/api/v1/send-tx
with the JWT {ACCESS_TOKEN} as authorization header.
Headers
| Header | Meaning |
|---|---|
| The ACCESS_TOKEN received from OAuth2 provider Authentication |
Query string parameters
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| Object[] | No | Array of actions |
Action object
| Parameter | Type | Required | Meaning |
|---|---|---|---|
| string | Yes | Account name of your contract | |
| string | Yes | Action name of contract method | |
| string | Yes | Username/account of current user | |
| string | Yes | Name of your contract permission | |
| object | Yes | Custom parameters for your method of contract |