Getting Started
Learn the basics of integrating with the Skyline Digital API
Welcome to the Skyline Digital API
Skyline Digital provides digital asset infrastructure for businesses. The platform enables organisations to manage digital asset transactions, handle compliance workflows such as KYC and KYB verification, and integrate payment rails -- all through a single REST API.
This guide introduces the core concepts you need to begin integrating with the API: the base URL, authentication methods, request structure, and error handling.
Base URL
The API is available in two environments:
| Environment | Base URL | Purpose |
|---|---|---|
| Production | https://api.skylinedigital.io | Live transactions and operations |
| Sandbox | Contact Skyline Digital for your sandbox URL | Development and testing |
All API requests use the same endpoints relative to the base URL. The sandbox environment mirrors production behaviour but does not process real transactions.
To request sandbox access, reach out to the Skyline Digital team (see Getting Help below).
Authentication Overview
The API supports two authentication methods. Both produce a Bearer token that you include in the Authorization header of every authenticated request.
JWT Authentication (Email and Password)
JWT authentication is designed for interactive users. You provide your email address and password to the login endpoint, and the API returns an access token and a refresh token. The access token is short-lived and used for making API requests. The refresh token is longer-lived and used to obtain a new token pair without re-entering credentials.
If two-factor authentication is enabled for your account, an additional verification step is required after the initial login.
API Key Authentication (Machine-to-Machine)
API key authentication is designed for server-to-server integrations where there is no interactive user. You first create an API key through the authenticated API, which provides a client ID and a secret. You then exchange these credentials for a Bearer token via a dedicated token endpoint.
API keys are useful for background services, scheduled jobs, and automated workflows that need persistent access without user interaction.
Using the Bearer Token
Once you have obtained a token through either method, include it in the Authorization header of every request:
Authorization: Bearer your-token-here
Request and Response Structure
The API follows standard REST conventions:
| Aspect | Detail |
|---|---|
| Content type | All request and response bodies use JSON |
| HTTP methods | GET for reading, POST for creating and actions, PATCH for updating, DELETE for removing |
| Authorization | Bearer token in the Authorization header for authenticated endpoints |
| Public endpoints | Some endpoints (such as registration and login) do not require a token |
Rate Limiting
The API enforces rate limits to ensure fair usage and platform stability. If you exceed the allowed number of requests within a given time window, the API returns a 429 (Too Many Requests) status code. When this happens, wait before retrying your request.
Error Handling
When a request fails, the API returns a JSON response with an appropriate HTTP status code and a descriptive error message. Common status codes include:
| Status Code | Meaning |
|---|---|
| 400 | Bad Request -- the request body is malformed or missing required fields |
| 401 | Unauthorized -- the token is missing, expired, or invalid |
| 403 | Forbidden -- the authenticated user does not have permission for this action |
| 404 | Not Found -- the requested resource does not exist |
| 409 | Conflict -- a resource with the same unique identifier already exists |
| 422 | Unprocessable Entity -- validation failed on one or more fields |
| 429 | Too Many Requests -- rate limit exceeded |
| 500 | Internal Server Error -- an unexpected error occurred on the server |
Each error response includes a message field describing the issue. Some validation errors also include details about which fields failed validation.
Getting Help
If you run into issues during integration or need access to a sandbox environment, the Skyline Digital team is available to help:
- Telegram: Skyline OTC
- Email: Contact your account manager or reach out through the Skyline Digital platform
For API-specific questions, include your request details (endpoint, parameters, and the error response) to help the team diagnose issues quickly.
What's Next
Now that you understand the API basics, proceed to the Authentication and API Keys tutorial to learn how to register an account, log in, manage tokens, and set up API keys for your integration.