​

Authentication

• Public Key (sy_pub_*) — for creating and managing payments
• Wallet Auth (sy_auth_*) — for managing your account settings

​

Public Key

curl -X POST https://api.stableyard.fi/v2/sessions \
  -H "Authorization: Bearer sy_pub_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{ "amount": 10000000, "destination": "shop@stableyard" }'

​

What Public Keys Can Do

• Create payment sessions
• Preview and commit quotes (get deposit addresses)
• Read session status
• Submit transaction hashes

​

What Public Keys Cannot Do

• Cancel or refund sessions
• Manage webhooks
• Create deposit addresses
• Change account settings

​

Wallet Auth

1. POST /v2/auth/challenge { wallet, chainType }
   → Returns challenge message + nonce

2. User signs the challenge in their wallet

3. POST /v2/auth/verify { wallet, chainType, signature, nonce }
   → Returns sy_auth_* token + accountId

4. Use the token for account operations

​

What Wallet Auth Can Do (sy_auth_*)

• View own sessions and transaction history
• Manage account settings (username, settlement preferences)
• View and regenerate API keys
• Deploy and activate vault

​

What Wallet Auth Cannot Do

• See other accounts’ data
• Create sessions (use public key for that)

​

No Auth Required

• GET /sessions/:id — read payment status (for checkout pages)
• GET /network/chains — supported chains
• GET /network/portfolio — wallet balances

​

Sandbox Mode

​

Rate Limits