Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.yativo.com/llms.txt

Use this file to discover all available pages before exploring further.

Step 1 — Create an account

Sign up and log in from the Yativo Crypto dashboard. Authentication is passwordless — you enter your email and receive a one-time code; no password required.
EnvironmentDashboard URL
Livecrypto.yativo.com
Sandboxsandbox-crypto.yativo.com
Once logged in, go to Settings → API Keys to generate your credentials.

Step 2 — Generate an API key

From the dashboard (or via POST /apikey/generate once you already have a token), create an API key:
  • Give it a name and assign the scopes it needs (e.g. wallets:read, transactions:write)
  • Optionally set an expiry and restrict it to specific IP addresses
  • Copy the API key and API secret — the secret is shown only once
Store the API secret securely (e.g. an environment variable or secrets manager). If you lose it, you must rotate the key.

Step 3 — Exchange for a Bearer token

All API endpoints require an Authorization: Bearer <token> header. Tokens expire after 60 minutes; your API key never expires. 
curl -X POST https://crypto-api.yativo.com/api/v1/auth/token \
  -H "Content-Type: application/json" \
  -d '{
    "api_key":    "yativo_...",
    "api_secret": "..."
  }'
Response
{
  "success": true,
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "expires_at": "2026-03-28T11:00:00.000Z"
}
For sandbox, use the sandbox base URL: 
curl -X POST https://crypto-sandbox.yativo.com/api/v1/auth/token \
  -H "Content-Type: application/json" \
  -d '{ "api_key": "yativo_...", "api_secret": "..." }'

Step 4 — Call the API

Pass the access token in every request: 
curl https://crypto-api.yativo.com/api/v1/accounts/get-accounts \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Auto-refresh pattern

Tokens expire after 60 minutes. Implement a refresh helper so your integration never hits a 401: 
class YativoAuth {
  private token: string | null = null;
  private expiresAt: number = 0;

  constructor(
    private readonly apiKey: string,
    private readonly apiSecret: string,
    private readonly baseURL = 'https://crypto-api.yativo.com/api'
  ) {}

  async getToken(): Promise<string> {
    // Reuse the token if it has more than 60 seconds left
    if (this.token && Date.now() < this.expiresAt - 60_000) {
      return this.token;
    }
    return this.refresh();
  }

  private async refresh(): Promise<string> {
    const res = await fetch(`${this.baseURL}/auth/token`, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ api_key: this.apiKey, api_secret: this.apiSecret }),
    });
    const { access_token, expires_in } = await res.json();
    this.token = access_token;
    this.expiresAt = Date.now() + expires_in * 1000;
    return access_token;
  }
}

// Usage
const auth = new YativoAuth(process.env.YATIVO_API_KEY, process.env.YATIVO_API_SECRET);
const token = await auth.getToken(); // automatically refreshes when near expiry
The SDKs handle this automatically — see SDKs.

Scopes

When generating an API key, assign only the scopes your integration needs:
ScopeAccess
wallets:readList wallets and balances
wallets:writeCreate wallets
transactions:readView transaction history
transactions:writeSend funds
cards:readView card details
cards:writeIssue and manage cards
swap:readGet swap quotes
swap:writeExecute swaps
webhooks:writeCreate and manage webhooks
apikey:writeGenerate and rotate API keys

Environments

LiveSandbox
Dashboardcrypto.yativo.comsandbox-crypto.yativo.com
API base URLhttps://crypto-api.yativo.com/apihttps://crypto-sandbox.yativo.com/api
Token endpointPOST /auth/tokenPOST /auth/token
Real fundsYesNo — testnet only
Use separate API keys for live and sandbox. See Sandbox for pre-populated test credentials.
Register and log in via the dashboard only. The API does not expose public sign-up or password-based login endpoints — account creation and access management happen through the Yativo Crypto web interface.