# API overview {% hint style="danger" %} This API version is deprecated and will no longer be supported after December 1, 2025. Refer to [API v3](https://docs.b2binpay.com/api-guide/api-overview) for updated descriptions. {% endhint %} ## General information The B2BINPAY API is organized in accordance with JSON API paradigm. For a better understanding of the paradigm principles, read the [JSON API Specification](https://jsonapi.org/format/). We use conventional HTTP response codes, OAuth 2.0 protocol for authentication, and HMAC-SHA256 algorithm for encryption. All methods are private. All requests except for [Obtain token](https://docs.b2binpay.com/authentication#obtain-token) and [Refresh token](https://docs.b2binpay.com/authentication#refresh-token) should contain HTTP header: `Authorization: Bearer `. According to [JSON API Specification](https://jsonapi.org/format/), all requests should contain HTTP header: `Content-Type: application/vnd.api+json`. ## Filtering Filters by object parameters can be applied to any `GET`-method according to the [JSON API Specification](https://jsonapi.org/format/). ## Callbacks The B2BINPAY API also provides flexible options for callback — an asynchronous notification about changing statuses of deposits and payouts. To learn more, refer to [Callback](https://docs.b2binpay.com/references/key-terms#callback). To receive callbacks, specify a callback URL when sending a [Create deposit](https://docs.b2binpay.com/deposit-methods#create-deposit) or [Create payout](https://docs.b2binpay.com/payout-methods#create-payout) request. When a transaction receives the required number of confirmation blocks, the callback is sent via an HTTP `POST`-request to the specified URL. If you also want to be notified when the number of confirmations received for a transaction doesn’t reach a specific threshold or exceeds it, indicate the required number of confirmations in the request. ## Date-time values All date-time values are specified as per [ISO 8601-1:2019](https://www.iso.org/standard/70907.html), with milliseconds precision and timezone included: `YYYY-MM-DDThh:mm:ss[.SSSSSS]±hh:mm`. ## Destination object The object contains the following fields: * `address_type` (string or null)\ For wallets denominated in BTC, LTC, BCH, XRP: the address type. Refer to [Address types](https://docs.b2binpay.com/references/address-types) for supported values.\ For other wallets the value is null. * `address` (string)\ The deposit address.\ For payments in XRP, an array of objects is returned containing the `x-address` and `address` (with a destination `tag` additionally specified): {% code overflow="wrap" %} ```json "destination": [ { "address_type": "x-address", "address": "X7dBkB9KmvUh6GGHbjhxdu4LfkwhJ74oVWbGRoy7VLnHdJ6" }, { "address_type": "address", "address": "rsxXXvBXmKUkCyCeNCHUFpfCX9pQdxQhv5", "tag": "0" } ] ``` {% endcode %} For payments in XLM, the `destination` object is as follows: {% code overflow="wrap" %} ```json "destination": { "address_type": "address", "address": "GCZJFWB5NVQHVBMV4U6CCJIXXBGINGYF2W33PMD5REBD5VQ6H6BLCJR5", "tag_type": 0, "tag": "" } ``` {% endcode %} where: * `address_type` is always `"address"`. * `address` is a string value containing the wallet address. * `tag_type` is a number value containing tag or memo type. Possible values: * `0` — no memo * `1` — a 64-bit unsigned integer * `tag` is a string value containing the tag. ## API rate limits and accessibility The number of requests to the endpoint without prior authentication is limited to 15 per 1 minute. To check the network availability of the system, use the `/ping` endpoint without authorization headers. ## Base URLs
CodeProductionSandbox
[base]https://api.it.b2binpay.comhttps://api-sandbox.b2binpay.com