API Reference
Base URL: https://xrplre.quest/api/v1
Authentication
All API requests require an API key passed as a Bearer token:
Authorization: Bearer xrplr_live_...Alternatively, pass it as a query parameter: ?api_key=xrplr_live_...
API keys are created per project in the dashboard.
Keep your API key secret. It should only be used server-side — never expose it in browser code.
Payloads
POST /api/v1/payloads
Create a new signing payload.
Request body:
{
"type": "signAndSubmit",
"transaction": {
"TransactionType": "Payment",
"Destination": "rXXX...",
"Amount": "1000000"
},
"options": {
"expiresIn": 300,
"returnUrl": "https://yourapp.com/done",
"customInstructions": "Optional note shown to user"
}
}| Field | Type | Required | Description |
|---|---|---|---|
type | string | ✓ | connect | sign | signAndSubmit | signMessage |
transaction | object | For sign/signAndSubmit | Raw XRPL transaction fields |
message | string | For signMessage | UTF-8 string to sign |
options.expiresIn | integer | TTL in seconds. Default 300. Max: 300 (Free), 86400 (Pro) | |
options.returnUrl | string | URL to redirect after signing | |
options.customInstructions | string | Shown to user on sign page (max 200 chars) |
Response 201:
{
"uuid": "550e8400-e29b-41d4-a716-446655440000",
"type": "signAndSubmit",
"status": "pending",
"signingUrl": "https://xrplre.quest/sign/550e8400-...",
"expiresAt": "2026-05-08T20:00:00.000Z",
"createdAt": "2026-05-08T19:55:00.000Z"
}GET /api/v1/payloads/{uuid}
Get the current state of a payload.
Response 200:
{
"uuid": "550e8400-...",
"type": "signAndSubmit",
"status": "signed",
"signerAddress": "rXXX...",
"txHash": "ABC123...",
"walletAdapter": "crossmark",
"expiresAt": "2026-05-08T20:00:00.000Z",
"createdAt": "2026-05-08T19:55:00.000Z",
"resolvedAt": "2026-05-08T19:56:12.000Z"
}Status values:
| Status | Meaning |
|---|---|
pending | Waiting for user action |
signed | User signed (and submitted, if signAndSubmit) |
rejected | User rejected in their wallet |
expired | TTL elapsed without resolution |
DELETE /api/v1/payloads/{uuid}
Cancel a pending payload. Transitions it to expired.
Response 200:
{ "uuid": "550e8400-...", "status": "expired" }GET /api/v1/payloads
List payloads for your project, newest first.
Query params: limit (max 100, default 20), offset (default 0)
Response 200:
{
"payloads": [ ... ],
"limit": 20,
"offset": 0
}Webhooks
POST /api/v1/webhooks
Register a webhook endpoint.
{
"url": "https://yourapp.com/xrplrequest-webhook",
"events": ["payload.signed", "payload.rejected", "payload.expired"]
}Response 201:
{
"id": "wh_abc123",
"url": "https://yourapp.com/xrplrequest-webhook",
"secret": "f3a9c...",
"events": ["payload.signed", "payload.rejected", "payload.expired"]
}The secret is shown once. Store it securely — you need it to verify incoming webhook requests.
GET /api/v1/webhooks
List webhooks for your project.
DELETE /api/v1/webhooks/{id}
Remove a webhook.
Projects
These endpoints use dashboard session auth (Clerk), not API key auth.
POST /api/v1/projects
Create a project. Returns an API key (shown once).
{ "name": "My Discord Bot" }Response 201:
{
"id": "proj_abc123",
"name": "My Discord Bot",
"apiKey": "xrplr_live_..."
}GET /api/v1/projects/{id}/keys
List API keys for a project (key prefix only — not the full key).
POST /api/v1/projects/{id}/keys
Create a new API key. Returns the full key once.
GET /api/v1/projects/{id}/analytics
Get 30-day (or 7-day) usage stats.
Query params: period=30d (default) or period=7d
Response 200:
{
"period": "30d",
"totals": {
"total": 412,
"signed": 389,
"rejected": 14,
"expired": 9,
"pending": 0,
"signingRate": 94
},
"walletBreakdown": [
{ "walletAdapter": "crossmark", "count": 201 },
{ "walletAdapter": "xaman", "count": 188 }
],
"daily": [
{ "day": "2026-04-09", "total": 12, "signed": 11, "rejected": 1, "expired": 0 },
...
]
}Rate limits
| Plan | Requests/min | Min poll interval |
|---|---|---|
| Free | 20 | 3s |
| Pro | 200 | 1s |
Exceeded requests return 429 Too Many Requests.
Errors
All errors return JSON:
{ "error": "Payload not found" }| Status | Meaning |
|---|---|
400 | Invalid request body |
401 | Missing or invalid API key |
403 | Forbidden |
404 | Resource not found |
409 | Conflict (e.g., payload already resolved) |
410 | Gone (payload expired) |
422 | Validation error (includes details) |
429 | Rate limit exceeded |