Authentication
API keys are created in the dashboard. Every request to /api/v2/sdk/* must send X-API-Key. Quota is enforced per account after the key resolves to a device. You can only read data for your own wallets and wallets you already track in Sendy; there is no access to arbitrary on-chain addresses. Use GET /sdk/wallets to list eligible addresses.
Supported routes
Keys are intended for /sdk/* and the documented Socket.IO wallet namespace only. Successful REST responses increment usage on the presented key. Use official SDKs or raw HTTPS from your backend. Do not ship the secret in browsers or mobile binaries where it can be extracted.
Headers
Send the key only as X-API-Key: sendy_…. JSON bodies require Content-Type: application/json.
Quota
Successful SDK responses consume quota from the aggregate of all keys belonging to your account (identified after resolving the key). The included allowance is 500 successful requests per account. When exhausted, the API returns 403 with {"error":"quota_exceeded"}. Validation failures before business logic generally do not consume quota. Opening a validated WebSocket connection (all trades or filtered to one tokenMint) counts as one successful request toward the same quota.
Wallet eligibility
Whenever a route takes a walletAddress, that address must be one of your associated wallets or a wallet on your Tracking list. Otherwise the API returns 400 with invalid_wallet.
Errors
Errors use JSON bodies with an error code.
Common status codes
401—missing_api_keyorinvalid_api_key403—quota_exceeded400—invalid_timeframe,invalid_wallet,invalid_address
Dashboard
Create and revoke keys under API keys. Run a sample request there to verify headers and routing before wiring backend code.
Example
curl -sS -X GET "https://api.sendy.lol/api/v2/sdk/wallets" \
-H "X-API-Key: $SENDY_API_KEY"