API Reference
The Skalor API is hosted on Supabase Edge Functions. All endpoints accept JSON and return JSON.
Base URL: https://augvmbhpuchkqqowxmrk.supabase.co/functions/v1
Authentication
All authenticated endpoints require a zc_ API key in the Authorization header:
Authorization: Bearer zc_your_api_key_hereKeys are SHA-256 hashed server-side and matched against the api_keys table.
Endpoints
/authorizeAuthorize a payment through the 5 fiduciary gates. Records spend and logs the transaction.
Bearer zc_...Request Body
{
"amount_usd": 0.05,
"merchant": "api.openai.com",
"intent": "Purchasing GPT-4o tokens for lead scoring",
"execute_on_chain": false,
"currency": "USDC",
"network": "solana"
}Response
{
"approval_status": "approved",
"transaction_id": "a1b2c3d4-...",
"amount_usd": 0.05,
"merchant": "api.openai.com",
"remaining_daily_limit": 9.95,
"message": "Transaction approved"
}/x402-payPay an HTTP 402 invoice. Validates the agent, enforces mandates, and returns a signed JWT payment receipt.
Bearer zc_...Request Body
{
"amount_usd": 0.05,
"destination": "vendor-api.example.com/pay",
"intent": "Clearing paywall for real-time market data",
"network": "solana",
"currency": "USDC"
}Response
{
"approval_status": "approved",
"transaction_id": "e5f6g7h8-...",
"amount_usd": 0.05,
"protocol": "x402",
"payment_receipt": "eyJhbGciOiJIUzI1NiJ9...",
"remaining_daily_limit": 9.90
}/skalor-payAgent-to-Agent payment. Enforces mandate, settles in PathUSD on Tempo, returns a signed JWT receipt.
Bearer zc_...Request Body
{
"agent_id": "sender-uuid",
"receiver_agent_id": "recipient-uuid",
"amount": 2.50,
"currency": "PathUSD",
"intent": "Purchasing weather data",
"vendor": "Weather API"
}Response
{
"status": "APPROVED",
"transaction_id": "i9j0k1l2-...",
"gross_amount_usd": 2.50,
"platform_fee_usd": 0.0725,
"net_amount_usd": 2.4275,
"settlement": {
"network": "tempo-moderato",
"token": "PathUSD",
"tx_hash": "0xabc..."
},
"receipt": "eyJhbGciOiJIUzI1NiJ9..."
}/agent-apiUnified endpoint for SDK operations. Use the 'action' field to select the operation.
Bearer zc_... (varies by action)Request Body
{
"action": "check_budget"
}
// Other actions:
// "get_mandate"
// "list_transactions" (+ limit, status)
// "register_agent" (+ agent_name, platform) - no auth
// "create_api_key" (+ key_name)Response
// check_budget response:
{
"agent": "Research Assistant",
"agent_id": "uuid",
"status": "active",
"is_active": true,
"budget": {
"daily_limit_usd": 10.00,
"spent_today_usd": 2.50,
"remaining_usd": 7.50,
"per_transaction_limit_usd": 1.00,
"human_approval_above_usd": 5.00
},
"can_spend": true,
"max_single_payment_usd": 1.00
}/register-agentRegister a new agent with an organization. Returns pending status for CFO approval.
None (public)Request Body
{
"agent_name": "My Research Agent",
"origin_platform": "LangChain",
"public_key": "ed25519_hex_public_key",
"organization_id": "org-uuid",
"description": "Market research agent",
"metadata": { "version": "1.0" }
}Response
{
"success": true,
"message": "Agent registered. Pending enterprise approval.",
"registration": {
"skalor_id": "uuid",
"agent_name": "My Research Agent",
"status": "pending_approval"
}
}Error Codes
| HTTP | Code | Gate | Description |
|---|---|---|---|
401 | INVALID_API_KEY | - | API key not found or deactivated |
403 | AGENT_KILLED | 1 | Agent is deactivated (kill switch) |
403 | VENDOR_NOT_AUTHORIZED | 2 | Merchant not in vendor allowlist |
403 | EXCEEDS_TRANSACTION_LIMIT | 3 | Amount exceeds per-transaction limit |
403 | EXCEEDS_DAILY_LIMIT | 4 | Would exceed daily budget |
403 | REQUIRES_HUMAN_APPROVAL | 5 | Amount requires CFO sign-off |
429 | RATE_LIMIT | - | Too many requests (retry after header) |
500 | INTERNAL_ERROR | - | Server error |
Rate Limits
When rate-limited, the response includes a Retry-After header indicating how many seconds to wait before retrying.