Option A — Shared sandbox key (instant, no sign-up)
Use the pre-populated shared sandbox API key to get a token immediately:
curl -X POST 'https://crypto-sandbox.yativo.com/api/auth/token' \
-H 'Content-Type: application/json' \
-d '{
"api_key": "yativo_e072b3ef7e30fcb420183aa86ddd8452abd28a9ac8f5d04d",
"api_secret": "df8da4d6b855c7e89bd3b4216dd0a1f4b30de1963c9bff0dcd666b15a0f836a5"
}'
{
"success": true,
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}
access_token as Authorization: Bearer <token> on every request. Tokens expire in 60 minutes — call /auth/token again with the same key to refresh. The API key itself never expires.
This is a shared public sandbox key. Any developer following these docs can read and write to the shared sandbox account. For private isolated testing, use Option B below.
Option B — Your own sandbox account
For isolated sandbox data with your own wallets and transactions:
- Sign up at sandbox-crypto.yativo.com — sign-up is passwordless, you’ll receive a one-time code by email
- Go to Settings → API Keys and create a sandbox API key
- Use your key with the token endpoint:
curl -X POST 'https://crypto-sandbox.yativo.com/api/auth/token' \
-H 'Content-Type: application/json' \
-d '{
"api_key": "yativo_<your_sandbox_key>",
"api_secret": "<your_sandbox_secret>"
}'
Using the token
Pass the token on every sandbox request:
curl 'https://crypto-sandbox.yativo.com/api/accounts/get-accounts' \
-H 'Authorization: Bearer YOUR_ACCESS_TOKEN'
Refreshing a token
Simply call /auth/token again with the same API key credentials — there is no separate refresh endpoint:
curl -X POST 'https://crypto-sandbox.yativo.com/api/auth/token' \
-H 'Content-Type: application/json' \
-d '{ "api_key": "yativo_...", "api_secret": "..." }'
