Skip to main content

Production Base URL

https://api.solifyn.com/v1

Sandbox Base URL

https://sanbox-api.solifyn.com/v1

Base URLs

EnvironmentBase URLPurpose
Productionhttps://api.solifyn.com/v1Real customers & live payments
Sandboxhttps://sanbox-api.solifyn.com/v1Safe testing & integration work
The sandbox environment is fully isolated—data, users, tokens, and businesss created there do not affect production. Create separate tokens in each environment.
Read more: Sandbox Environment

API Key Management & Deployment

1

Access API Keys Console

Navigate to Developer → API Keys inside your Solifyn administrator dashboard to manage, monitor, and revoke your programmatic access keys.
2

Generate a New Secret Key

Select Add API Key, provide a clear descriptive name indicating its intended backend destination, and precisely configure its write permissions boundary toggle:
  • Enable Write Access (Checked): Grants full read and write permissions across the entire platform matrix, authorizing the key to perform all API operations.
  • Enable Write Access (Unchecked): Puts the key into a strict Read-Only validation loop. This scope can only fetch current data states (such as processing payments, active subscriptions, customer indexes, or product catalogs) and is completely blocked from creating, modifying, or terminating platform resources.
Uncheck “Enable write access” for external dashboard integrations, secondary analytics ingestion pipelines, and any monitoring tool that only needs telemetry visibility without execution permissions.
3

Store Your Vault Key Securely

Copy the newly generated secret key immediately upon generation. For structural safety, our system encrypts this token instantly post-display; you will not be able to view or copy this key sequence again after closing the modal panel.
4

Authenticate Your API Requests

Apply your generated API key string directly within the HTTP request header layer to authenticate your server-to-server operations. Every call to a Solifyn API endpoint must include the following authorization token format:
        Authorization: Bearer YOUR_API_KEY
Never expose your secret API keys in client-side code or public repositories.

Quick Examples

curl https://api.solifyn.com/v1/products/ \
  -H "Authorization: Bearer $YOUR_API_KEY" \
  -H "Accept: application/json"

Using SDKs

All official SDKs accept a server parameter for sandbox usage: 
import { Solifyn } from "solifyn";

const solifyn = new Solifyn({
  apiKey: process.env.API_KEY!,
  server: "sandbox", // omit or use 'production' for live
});

Pagination

List endpoints in the Solifyn API support pagination to help you efficiently retrieve large datasets. Use the page and limit query parameters to control pagination.

Query Parameters

ParameterTypeDefaultMaxDescription
pageinteger1-Page number, starting from 1
limitinteger10100Number of items to return per page (window size)
The page parameter works as a window offset. For example, page=2&limit=10 means the API will skip the first 10 elements and return the next 10.

Response Format

All paginated responses include a pagination object with metadata about the current page and total results:
FieldTypeDescription
total_countintegerTotal number of items matching your query across all pages
max_pageintegerTotal number of pages available, given the current limit value

Example

Let’s say you want to fetch products with a limit of 100 items per page: 
curl https://api.solifyn.com/v1/products/?page=1&limit=100 \
  -H "Authorization: Bearer $YOUR_API_KEY" \
  -H "Accept: application/json"
In this example:
  • total_count=250 indicates there are 250 total products
  • limit=100 means each page contains up to 100 products
  • max_page=3 means you need to make 3 requests to retrieve all products (pages 1, 2, and 3)
To retrieve all pages, increment the page parameter from 1 to max_page. Our SDKs provide built-in pagination helpers to automatically iterate through all pages.

Rate Limits

Solifyn API has rate limits to ensure fair usage and maintain performance. The limits are as follows:
  • 300 requests per minute per business/customer or OAuth2 Client.
  • 3 requests per second for unauthenticated license key validation, activation, and deactivation endpoints.
If you exceed the rate limit, you will receive a 429 Too Many Requests response. The response will include a Retry-After header indicating how long you should wait before making another request.
businesss requiring higher rate limits for production workloads may contact our support team to discuss elevated limits.