REST API v1

Semua path di bawah ini relatif terhadap base /api (tanpa trailing slash di dokumentasi). Method HTTP mengikuti definisi routes/api.php.

Ringkasan perlindungan

Publik / tanpa auth.xtoken — registrasi, konten, market data, webhook, dll.
auth.xtoken + verified:api — akun pengguna, KYC, withdraw, order setelah login, dll.

Default & Sanctum

Method	Path	Controller@method	Catatan
GET	`/user`	Closure	`auth:sanctum`
GET	`/auth/email-verify/{email}`	AuthController@verifyEmail
GET	`/auth/email-resend`	AuthController@resendEmail

Autentikasi & akun (publik / terbatas)

Method	Path	Middleware	Controller@method
POST	`/auth/register`	grecaptcha	AuthController@register
POST	`/inquiries`	grecaptcha	InquiryController@submitInquiry
POST	`/auth/check-account`	throttle.custom	AuthController@checkAccount
POST	`/email/otp-code`		AuthController@requestEmailOtp
POST	`/auth/password-reset`		AuthController@resetPassword
POST	`/auth/password-token`		AuthController@sendResetPasswordToken
POST	`/auth/refresh-token`	throttle.custom (REFRESH_TOKEN)	AuthController@refreshToken
POST	`/auth/login`	throttle.custom	AuthController@login
POST	`/pin/status_pin`		PinController@statusPin

Webhook (biasanya `leader.only`)

Method	Path	Controller@method
POST	`/webhook/fireblock`	WebhookController@fireblock
POST	`/webhook/fireblock-v2`	WebhookController@fireblockV2
POST	`/webhook/binance`	WebhookController@binance
POST	`/webhook/duitku-deposit`	WebhookController@duitkuDeposit
POST	`/webhook/duitku/inquiry`	WebhookController@duitkuInquiry
POST	`/webhook/duitku/notify`	WebhookController@duitkuNotify
POST	`/webhook/xendit/handle-created-va`	WebhookXenditController@handleCreatedVA
POST	`/webhook/xendit/handle-deposit-paid`	WebhookXenditController@handleDepositPaid
POST	`/webhook/xendit/handle-deposit-paid-qris`	WebhookXenditController@handleDepositPaidQris
POST	`/webhook/xendit/handle-withdrawal`	WebhookXenditController@handleWithdrawal
POST	`/webhook/micro-queuing/report`	WebhookMicroQueuingController@handleReport

Publik: konten & konfigurasi

Method	Path	Controller@method
GET	`/wallet-status`	GeneralController@walletConfigurationStatus
GET	`/country`	CountryController@getAllCountry
GET	`/news`	NewsController@getAllNews
GET	`/news-categories`	NewsController@getAllCategories
GET	`/news/{slug}`	NewsController@getNews
GET	`/news/tag/{tag}`	NewsController@getNewsByTags
GET	`/banner`	BannerController@getAllBanner
GET	`/currency/exchange-rate`	CurrencyController@exchangeRate
GET	`/price/get-category`	TxPairController@getTxPairCategory
GET	`/fee-list`	CoinController@getFeeList
GET	`/transaction/{provider}/{txId}`	TransactionController@retrieveTransaction
GET	`/xendit/payment-method/{type}`	XenditController@paymentMethod
GET	`/payment-methods/va/{code}/{lang}`	XenditController@vaDetail
GET	`/duitku/disbursement/list-bank`	DuitkuController@disbursementBankList
GET	`/banks`	BanksController@listBank
GET	`/setting/get-value/{key}`	SettingController@searchByKey
GET	`/setting/get-all`	SettingController@getAllSetting
GET	`/setting/get-multiple-values`	SettingController@getMultipleValues
GET	`/asset-information/{symbol}`	AssetInformationController@show
GET	`/cashOrder/get-price`	CashOrderController@getPrice

Market: Binance spot (publik)

Prefix: /exchange/binance/

Method	Path	Controller@method
GET	`/exchange/binance/exchangeInfo`	BinanceSpotController@exchangeInformation
GET	`/exchange/binance/config`	BinanceSpotController@config
GET	`/exchange/binance/time`	BinanceSpotController@time
GET	`/exchange/binance/symbols`	BinanceSpotController@symbols
GET	`/exchange/binance/history`	BinanceSpotController@candlestickData
POST	`/exchange/binance/testOrder`	BinanceSpotController@testNewOrder

Market: coin & pair (prefix `/coin`)

Method	Path	Controller@method
GET	`/coin/coin`	CoinController@getCoin
GET	`/coin/allCoin`	CoinController@getAllCoin
GET	`/coin/txPair`	CoinController@getTxPair
GET	`/coin/allTxPair`	CoinController@getAllTxPair
POST	`/coin/allTxPair`	CoinController@activeAllTxPair
DELETE	`/coin/allTxPair`	CoinController@suspendAllTxPair

Terautentikasi: `auth.xtoken` + `verified:api`

Sesi & profil

Method	Path	Controller@method
DELETE	`/auth`	AuthController@logout
GET	`/auth`	AuthController@getInfo

Bank & pengguna

Method	Path	Controller@method
GET	`/user/bank`	UserController@getBankList
POST	`/user/bank`	UserController@addBank
PUT	`/user/bank`	UserController@editBank
DELETE	`/user/bank/{id}`	UserController@deleteBank
POST	`/phone/otp`	PhoneController@requestOtp
POST	`/users/phone-bind`	UserController@bindPhone
POST	`/users/twofa-bind`	UserController@bindTwoFA
POST	`/users/twofa-unbind`	UserController@unBindTwoFA
PATCH	`/users/language`	UserController@updateLanguage
PATCH	`/users/currency`	UserController@updateCurrency
POST	`/user/suspend`	UserController@suspend

Dompet & riwayat

Method	Path	Controller@method
GET	`/users/coins`	UserController@listCoin
GET	`/users/wallet`	UserController@retrieveWallet
POST	`/users/wallet-address-check`	UserController@walletAddressCheck
GET	`/users/transaction-histories`	UserController@listTransactionHistory
GET	`/users/history/v2/deposit-withdraw`	UserController@listDepositWithdrawalHistory
GET	`/users/history/deposit-withdraw`	UserController@v2ListDepositWithdrawalHistory
GET	`/users/history/tax`	UserController@listTaxHistory
GET	`/users/history/tax/report`	UserController@listTaxHistoryReport

KYC & Privy & Google Vision

Method	Path	Controller@method
POST	`/user/kyc-bind`	KycController@bindKyc
GET	`/kyc/employments`	KycController@getAllEmployment
GET	`/kyc/annual-incomes`	KycController@getAnnualIncomeList
GET	`/kyc/trade-sums`	KycController@getTradeSumList
GET	`/kyc/industry`	KycController@getAllIndustry
GET	`/kyc/reason`	KycController@getAllReason
GET	`/kyc/income`	KycController@getAllIncome
POST	`/privy/ocr`	PrivyController@privy_ocr
POST	`/privy/liveness-register`	PrivyController@prive_liveness_and_register
POST	`/google-vision/verification`	GoogleVisionController@storeVerification
PUT	`/google-vision/verification/{requestId}`	GoogleVisionController@updateVerification
GET	`/google-vision/verifications`	GoogleVisionController@getVerifications
GET	`/google-vision/verification/{requestId}`	GoogleVisionController@getVerificationDetail
GET	`/google-vision/statistics`	GoogleVisionController@getStatistics

Pesan & withdraw & deposit

Method	Path	Middleware tambahan	Controller@method
GET	`/user-messages`		MessageController@listMessage
GET	`/user-messages/read`		MessageController@readMessages
POST	`/user-messages/read-all`		MessageController@readAllMessages
DELETE	`/user-messages/delete-multiple`		MessageController@deleteMultipleMessages
GET	`/withdraws/otp`		WithdrawController@requestOtp
POST	`/withdraw/withdraw-coin`		WithdrawController@withdrawCoin
POST	`/withdraw/withdraw-fiat`	walletStatus:WD	WithdrawController@withdrawFiat
POST	`/deposit/cash`	grecaptcha, walletStatus:DEPO	DepositController@depositCash
GET	`/deposit/get-digit-transfer`		DepositController@getDigitTransfer

Cash order & API key & dict

Method	Path	Controller@method
POST	`/cashOrder/place-order`	CashOrderController@placeCashOrder
GET	`/cash-orders`	CashOrderController@listCashOrder
GET	`/dicts`	DictController@getDictList
POST	`/collect`	CollectController@collect
POST	`/user/api-key`	UserController@addApiKey
PUT	`/user/api-key`	UserController@editApiKey
DELETE	`/user/api-key`	UserController@deleteApiKey
GET	`/user/api-key`	UserController@listApiKey

Duitku & Xendit & FCM

Method	Path	Controller@method
GET	`/duitku/fix-va/number`	DuitkuController@fixedVaNumber
POST	`/duitku/withdraw/cash-out`	DuitkuController@withdrawCashOut
GET	`/xendit/payment-method`	XenditController@paymentMethod
POST	`/xendit/create-qris`	XenditController@createQris
GET	`/xendit/status-qris/{qr_id}`	XenditController@statusQris
GET	`/xendit/fix-va/number`	XenditController@fixedVaNumber
POST	`/fcm/token`	FcmController@storeOrUpdateToken
DELETE	`/fcm/delete-user-tokens`	FcmController@clearToken

PIN & biometrik

Method	Path	Controller@method
POST	`/pin/create`	PinController@createPin
POST	`/pin/validate`	PinController@validatePin (throttle.custom)
POST	`/pin/update`	PinController@updatePin (throttle.custom)
POST	`/biometric/create-or-update`	BiometricController@createOrUpdate

Terautentikasi: trading Binance (prefix `/exchange/binance/`)

Method	Path	Controller@method
GET	`/exchange/binance/historyTrade`	OrderController@historyTrades
GET	`/exchange/binance/historyOrder`	OrderController@historyOrders
GET	`/exchange/binance/currentOrder`	OrderController@currentOrders
POST	`/exchange/binance/order`	OrderController@createOrder
DELETE	`/exchange/binance/order/{orderNo}`	OrderController@cancelOrder
POST	`/exchange/binance/order/{exchangeOrderId}/{userId}/delete`	OrderController@deleteOrder
DELETE	`/exchange/binance/symbolOrders`	OrderController@cancelSymbolOrders
DELETE	`/exchange/binance/allOrders`	OrderController@cancelAllOrders
GET	`/exchange/binance/accountInfo`	BinanceSpotController@accountInformation

Endpoint uji / internal

Method	Path	Catatan
GET	`/test-kki`	Closure menguji `KKILibrary` — tidak untuk produksi

Untuk detail body request dan response, lihat controller di app/Http/Controllers/Api/ atau dokumentasi OpenAPI/Swagger jika diaktifkan.

Ringkasan perlindungan​

Default & Sanctum​

Autentikasi & akun (publik / terbatas)​

Webhook (biasanya leader.only)​

Publik: konten & konfigurasi​

Market: Binance spot (publik)​

Market: coin & pair (prefix /coin)​

Terautentikasi: auth.xtoken + verified:api​

Sesi & profil​

Bank & pengguna​

Dompet & riwayat​

KYC & Privy & Google Vision​

Pesan & withdraw & deposit​

Cash order & API key & dict​

Duitku & Xendit & FCM​

PIN & biometrik​

Terautentikasi: trading Binance (prefix /exchange/binance/)​

Endpoint uji / internal​