> ## Documentation Index
> Fetch the complete documentation index at: https://dev.moonpay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Using the Platform API

> Get started with the MoonPay Platform API

<Info>
  Looking for the widget API? Take a look at the [reference
  here](/api-reference/widget).
</Info>

## Base URL

```bash theme={null}
https://api.moonpay.com
```

<Info>
  Test mode vs live mode is determined by the API key you use, not the URL. Use
  test API key (`sk_test_...`) for test mode and live API keys (`sk_live_...`)
  for production.
</Info>

## Authentication

Authentication depends on whether you’re calling an endpoint from your server or from the client.

### Server-side Authentication

For server-side requests, send your [secret key](/platform/guides/api-and-sdk-credentials#secret-key) in the `X-Api-Key` header.

<CodeGroup>
  ```ts fetch theme={null}
  const URL = "https://api.moonpay.com/platform/v1/sessions";

  const res = await fetch(URL, {
    headers: {
      "Content-Type": "application/json",
      "X-Api-Key": "sk_test_123",
    },
    method: "POST",
    body: JSON.stringify({
      externalCustomerId: "your_user_id",
      deviceIp: "203.0.113.1",
    }),
  });
  ```

  ```sh curl theme={null}
  curl -X POST "https://api.moonpay.com/platform/v1/sessions" \
    -H "Content-Type: application/json" \
    -H "X-Api-Key: sk_test_123" \
    -d '{
      "externalCustomerId": "customer1",
      "deviceIp": "203.0.113.1"
    }'
  ```
</CodeGroup>

### Client-side Authentication

For client-side API requests, use the [`accessToken`](/platform/guides/api-and-sdk-credentials#access-token) returned from a connection as a [Bearer token](https://swagger.io/docs/specification/v3_0/authentication/bearer-authentication/).

<CodeGroup>
  ```ts fetch theme={null}
  await fetch("https://api.moonpay.com/platform/v1/quotes", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      Authorization: `Bearer ${accessToken}`,
    },
    body: JSON.stringify({
      // ... request body ...
    }),
  });
  ```
</CodeGroup>

## Response Format

Responses are returned as `JSON` with the `content-type: application/json` header.

## Pagination

Some requests, like [listing transactions](/api-reference/platform/endpoints/transactions/list), return paginated results using cursor-based pagination. Each response includes a cursor string that you pass to the next request to fetch the next page.

The response includes a `pageInfo` object. If `pageInfo.nextCursor` is `null`, there are no more pages. For example:

```json theme={null}
{
  "data": [],
  "pageInfo": {
    "nextCursor": "tr_123e4567-e89b-12d3-a456-426614174000"
  }
}
```

## Rate limits

Currently, requests for this integration are limited to 30 per second.

## Debugging

Each API response includes a request ID header. Use this ID when working with support:

```bash Example theme={null}
X-Request-Id: some-value
```

## Error Handling

When a request fails (4xx), the API returns an error object with details:

```json Example error response theme={null}
{
  "code": 400,
  "type": "Invalid request",
  "message": "Invalid request. sourceAmount must be greater than 0."
}
```

## OpenAPI

The API follows the [OpenAPI 3.1](https://swagger.io/specification/) specification. You can use the spec to generate typed clients for any language.

See the [OpenAPI Spec](/platform/guides/openapi-codegen) page for the full specification and code generation instructions.