Skip to main content
This is the full consumer API surface. Use this when you are building an agent or automation for a Machines account.

Auth and key lifecycle

Bootstrap, key management, and scoped sessions.

Crypto helpers

Encrypt and decrypt labels for user-safe display.

Base URL

https://api.machines.cash Canonical consumer routes are under /consumer/v1. MCP runtime compatibility:
  • tools are under machines.consumer.*
  • resources are under machines://consumer/*
  • machines.user.cards.list is the user-friendly cards listing tool

Authentication

  • Consumer API key header (for session minting): X-Consumer-Key
  • Consumer session bearer (for operations): Authorization: Bearer <token>
  • Web session helper: POST /identity/consumer-api-keys

Bootstrap Signing Message

POST /consumer/v1/bootstrap accepts either template below (exact line order and newlines). Preferred (simpler): 
Machines Cash Bootstrap
Address: <address>
Nonce: <nonce>
Issued At: <issuedAt ISO timestamp>
Expires At: <expiresAt ISO timestamp>
Legacy (still accepted): 
Machines Cash Consumer Agent Bootstrap
Address: <address>
Nonce: <nonce>
Issued At: <issuedAt ISO timestamp>
Expires At: <expiresAt ISO timestamp>
Connector: <connector or unknown>
Chain ID: <chainId or unknown>
Wallet Label: <walletLabel or unknown>
Notes:
  • Address may be lowercase or checksum.
  • Keep bootstrap windows short (recommended around 60 seconds).

Idempotency

For state-changing financial writes, include idempotency-key. Common required operations include:
  • deposits create and transfer
Preview and poll-style operations do not require idempotency.

Compatibility behavior

  • GET /consumer/v1/users resolves current user profile (no raw user id required).
  • GET /consumer/v1/agreements and POST /consumer/v1/agreements map to application agreement state/actions.
  • GET /consumer/v1/kyc/status resolves current user KYC status.

Blocked endpoint on consumer surface

GET /consumer/v1/identity/data-key is intentionally blocked (403). Use:
  • POST /consumer/v1/crypto/encrypt
  • POST /consumer/v1/crypto/decrypt
for encryption/decryption workflows.

Partner API

Partner routes are documented separately: