Live REST API · v1

Buy from any VaultifyVIP shop with a single API call.

Generate a personal API key inside the Telegram bot, top up your wallet, and purchase instantly — connect your own site, script, or agent in minutes.

Base URL: https://vaultifyvip.lovable.app/api/public/v1
Auth: X-API-Key: vk_...
Rate limit: 60 req / min

Quickstart

Three steps to your first purchase.

01
Get your key

Open any VaultifyVIP bot → 🔑 API → Generate. Copy your key (starts with vk_).

02
Top up wallet

Fund your wallet in-bot with CryptoBot, Binance Pay, or USDT (BEP20) — pollers auto-credit within a minute.

03
Call the API

Send your key in the X-API-Key header on every request. That's it.

How auto-credit works (Binance Pay & BEP20)

Both pollers run every minute and are strictly idempotent — replaying the same event never credits twice.

binance-pay-poll
  • • Pulls last 6h of Binance Pay history per seller key.
  • • Matches an intent by provider_order_id, else by exact expected_amount_cents.
  • • DB enforces UNIQUE(bot_id, provider_order_id) on binance_pay_intents — duplicate order ids are rejected.
  • • Credit runs in one transaction with .neq('status','paid') guard, so a second poll for the same order is a no-op.
bep20-poll
  • • Watches BscScan for USDT transfers to the seller's wallet.
  • • Matches an intent by tx_hash, else by exact amount to that wallet.
  • • Requires ≥1 confirmation before crediting; still-pending txs are skipped and re-checked next tick.
  • • DB enforces UNIQUE(bot_id, tx_hash) on bep20_deposits; the same hash can never credit twice, and cross-bot writes are blocked by RLS.

Every bot's keys, wallets, intents and deposits are scoped by bot_id under row-level security — no seller can read or write another seller's rows, even through the API.

🤖 Connect with AI — no coding needed

Paste the prompt below into Claude Code or Cursor. Replace the last two lines. Ship.

I want to integrate the VaultifyVIP Buyer API into my project.

API base URL: https://vaultifyvip.lovable.app/api/public/v1
Auth: send my key on EVERY request in the header  ->  X-API-Key: <MY_KEY>
(I get the key from any VaultifyVIP Telegram bot: tap "🔑 API" -> Generate new key.)

Endpoints:
- GET  /balance                 -> { balance, currency: "USD", loyalty_tier }
- GET  /products                -> { products: [ { id, name, price, stock, in_stock, category, image_url } ] }
- GET  /orders                  -> { orders: [ ... ] }
- GET  /orders/{id}             -> { order: { ..., codes: [...] } }
- GET  /wallet/transactions     -> { transactions: [ ... ] }
- POST /purchase                -> buy with wallet balance
      body:   { "product_id": "<uuid from /products>", "quantity": 1 }
      header: Idempotency-Key: <any-unique-id>   (optional; safe retries, never double-charges)
      success -> { success, order_id, codes: [...], balance_remaining }

Rules:
- Send X-API-Key on every request.
- Branch on JSON "code" for errors:
  NO_KEY / INVALID_KEY (401), VALIDATION (400), INSUFFICIENT_BALANCE (402),
  FORBIDDEN (403), PRODUCT_NOT_FOUND (404), OUT_OF_STOCK (409),
  RATE_LIMITED (429 -> wait retry_after_seconds), BOT_OFFLINE (503).
- Rate limit: 60 requests/minute.
- Purchases require wallet balance (top up inside the Telegram bot).

Now please build this for me:
>>> DESCRIBE WHAT YOU WANT, e.g. "a Node.js script that lists products and buys one by id" <<<

Use my API key: >>> PASTE_YOUR_API_KEY_HERE <<<

Endpoints

Six endpoints. One key. Every VaultifyVIP shop.

MethodPathDescriptionScope
GET
/balanceYour live wallet balancebalance.read
GET
/productsActive catalog with live stockproducts.read
POST
/purchaseBuy with wallet · idempotentpurchase.write
GET
/ordersRecent ordersorders.read
GET
/orders/{id}Order details + delivered codesorders.read
GET
/wallet/transactionsWallet ledgerbalance.read

Full example

Balance → products → purchase in three calls.

# 1) Balance
curl -s "https://vaultifyvip.lovable.app/api/public/v1/balance" -H "X-API-Key: YOUR_KEY"

# 2) Products
curl -s "https://vaultifyvip.lovable.app/api/public/v1/products" -H "X-API-Key: YOUR_KEY"

# 3) Purchase (idempotent — retry-safe)
curl -s -X POST "https://vaultifyvip.lovable.app/api/public/v1/purchase" \
  -H "X-API-Key: YOUR_KEY" \
  -H "Content-Type: application/json" \
  -H "Idempotency-Key: order-001" \
  -d '{"product_id":"<uuid from /products>","quantity":1}'

Errors & handling

Stable machine-readable code field on every error.

StatuscodeMeaningWhat to do
401NO_KEY / INVALID_KEYMissing or revoked keyRegenerate via Telegram bot 🔑 API
400VALIDATIONBad body (quantity 1–10)Fix the request body
402INSUFFICIENT_BALANCEWallet too lowTop up in-bot; see required/available
403FORBIDDENAccount suspended or missing scopeContact seller / regenerate key
404PRODUCT_NOT_FOUNDUnknown product / order idRe-fetch /products
409OUT_OF_STOCKNot enough stockLower quantity or retry later
429RATE_LIMITEDOver 60 req/minBack off `retry_after_seconds`
503BOT_OFFLINEShop paused by sellerRetry later
Idempotency
Pass an Idempotency-Key header on POST /purchase. Retrying with the same key within 24h replays the original result instead of charging twice.