Skip to main content
This is the full consumer API surface. Use this when you are building an agent or automation for a Machines user account with consumer API keys.

Auth and key lifecycle

Bootstrap, key management, and scoped sessions.

Crypto helpers

Encrypt and decrypt labels for consumer-safe display.

Base URL

https://api.machines.cash Consumer routes are under \/consumer\/v1.

Authentication

  • Consumer API key header (for session minting): X-Consumer-Key
  • Consumer session bearer (for operations): Authorization: Bearer <token>
  • Web session bearer (for first-party helper): POST /identity/consumer-api-keys

Idempotency

For state-changing financial writes, include idempotency-key. Common required operations include:
  • deposits create and transfer
Preview and poll-style operations do not require idempotency.

Compatibility paths

Canonical paths are shown in this reference. Compatibility behavior to know:
  • GET /consumer/v1/users resolves current user profile (no raw user id required).
  • GET /consumer/v1/agreements and POST /consumer/v1/agreements map to application agreement state/actions.
  • GET /consumer/v1/kyc/status resolves current user KYC status.

Blocked endpoint on consumer surface

GET /consumer/v1/identity/data-key is intentionally blocked (403). Use:
  • POST /consumer/v1/crypto/encrypt
  • POST /consumer/v1/crypto/decrypt
for encryption/decryption workflows.

Partner API

Partner routes are documented separately: