API Overview
Uapi provides a high-performance, non-custodial crypto payment infrastructure for global merchants. Our API makes complex blockchain interactions as simple as traditional payments.
Base URL
https://uapi.io/api/v1
1 Authentication
All requests must include your API Key in HTTP headers. Keys are split into Test Key (sandbox) and Live Key (production).
X-API-KEY: sk_live_xxxxxxxxxxxxxxxxxxxxxxxx
Domain Security Validation
To prevent API abuse, your request domain must be bound in Merchant Console > Website Management. For direct backend requests (without Origin header), explicitly include the domain parameter in the payload. Unbound domains will be rejected.
Integration Flow
Create Order
Merchant calls the API with amount and network, then receives a payment link (payment_url).
User Pays
Redirect users to checkout, where they complete payment via QR scan or transfer.
Confirm & Callback
After on-chain confirmation, the system sends a webhook and updates order status automatically.
No-Code Integration
If you do not want to write code, you can use our Payment Link feature:
- Generate a dedicated payment page in one click from the merchant console.
- Set fixed amounts or allow customers to enter custom amounts.
- Share the link directly through social media, Telegram, or WhatsApp.
- After successful payment, settlement details remain available in your dashboard.
Create Order
POSTCreate a brand-new payment order and receive a checkout link.
Endpoint
/order/create.php
| Parameter | Type | Required | Description |
|---|---|---|---|
| amount | Float | YES | Order amount (USDT) |
| chain | String | YES | Network: trc20, erc20, bsc, solana, polygon, etc. |
| merchant_order_id | String | YES | Your merchant order number (unique) |
| notify_url | String | NO | Webhook URL. A POST callback will be sent after successful payment. |
| domain | String | YES* | Required for server-to-server requests (e.g., curl/backend SDK). Use your bound website domain, e.g. yoursite.com. It can be omitted if Origin/Referer is present. |
{
"status": "success",
"data": {
"order_no": "PAY2024...", // System-generated payment order number "amount": "100.001234", // Payable amount with anti-collision random decimal "payment_url": "https://...", // Checkout URL "expire_in": 600 // Order validity period (seconds) }
}Check Status
GETPoll or query the latest order payment status on demand.
Endpoint
/order/status.php?order_no=PAY...
// Paid response{
"status": "paid",
"tx_hash": "0x123abc...", // On-chain transaction hash "amount_paid": "100.001234"
}Webhook Callback
Once the on-chain transaction is confirmed, the system immediately sends a POST callback to your notify_url.
If notify_url is omitted when creating an order, the system will automatically use the default webhook URL in Merchant Console > API Settings.
Signature Verification
X-UAPI-Signature: hmac_sha256(order_no + amount + merchant_order_id + timestamp, api_key)
sign: md5(order_no + amount + merchant_order_id + api_key)
Response requirement: your receiver must return HTTP 200, or include success in response body. Otherwise the system retries up to 3 times (about 1s and 2s backoff).
Order State Machine
| Status | Description |
|---|---|
| pending | Created and waiting for user payment with the exact amount. |
| paid | On-chain amount and address matched; tx hash recorded and callback sent. |
| expired | Not paid within validity period (usually 10-20 minutes); automatically marked as expired. |
Rate Limits & Idempotency
- API Rate Limit: The free plan is limited to 100 calls per day. Pro and Enterprise provide higher concurrency quotas.
- Idempotency: Ensure
merchant_order_idis unique in your system. Re-submitting the same order ID returns existing order data instead of creating a new order. - Concurrency Handling: Use distributed locks when consuming webhooks to prevent duplicate processing caused by concurrent callbacks.
Supported Networks & Precision
| Network (Slug) | Precision | Token | Notes |
|---|---|---|---|
| trc20 | 6 | USDT | Tron network with fast confirmation and very low fees. |
| bsc | 18 | USDT/BNB | Binance Smart Chain. |
| erc20 | 18 | USDT/ETH | Ethereum mainnet (higher gas fees). |
| polygon | 6/18 | USDT/MATIC | Layer 2 scaling network. |
| solana | 6/9 | USDT/USDC | High-performance non-EVM chain. |
| arbitrum | 18 | USDT | Ethereum L2 rollup network. |
Tools & Versions
TLS Requirement
For security, our API requires TLS 1.2 or higher. Older SSL/TLS versions cannot establish a connection.
Data Encoding
All request and response bodies must use UTF-8. Ensure your Content-Type is set to application/json.
Developer FAQ
Can order expiration be customized?
Default validity is 10-20 minutes. For longer expiration, contact support or configure it in Merchant Console > API Settings. Longer windows may increase amount-collision probability.
Why does the actual payable amount include random decimals?
This enables precise order matching in non-custodial wallets. Since multiple transfers may share the same integer amount on-chain, adding a tiny random decimal (e.g., 100.001234) keeps each order unique under your wallet address.
Multi-language Integration Examples
$apiKey = 'sk_live_xxx';
$data = [
'amount' => 100.0,
'chain' => 'trc20',
'merchant_order_id' => 'MY_ORDER_001',
'notify_url' => 'https://yoursite.com/callback',
'domain' => 'yoursite.com'
];
$ch = curl_init('https://www.uapi.io/api/v1/order/create.php');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'X-API-KEY: ' . $apiKey,
'Content-Type: application/json'
]);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$result = json_decode($response, true);
echo $result['data']['payment_url'] ?? 'Create order failed';const axios = require('axios');
const createOrder = async () => {
const { data } = await axios.post('https://www.uapi.io/api/v1/order/create.php', {
amount: 100.0,
chain: 'trc20',
merchant_order_id: 'MY_ORDER_001',
notify_url: 'https://yoursite.com/callback',
domain: 'yoursite.com'
}, {
headers: {
'X-API-KEY': 'sk_live_xxx',
'Content-Type': 'application/json'
}
});
console.log(data.data.payment_url);
};