API Reference
The hexCore API is organized around REST. Our API has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.
Base URLs
The hexCore API provides two environments. The Sandbox environment allows you to test your integration without affecting live data, while the Production environment processes real financial transactions.
| Environment | Base URL |
|---|---|
| PRODUCTION | https://api.hexcore.io/v2 |
| SANDBOX | https://sandbox.hexcore.io/v2 |
Authentication
The hexCore API uses API keys to authenticate requests. You can view and manage your API keys in the Developer Dashboard.
Authentication to the API is performed via HTTP Bearer Auth. Provide your API key as the bearer token value in the Authorization header.
Keep your keys safe
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Content Type
All requests must be encoded as JSON and carry the Content-Type: application/json header. If this header is missing, the API will reject your request with a 415 Unsupported Media Type status code.
Authentication Example
curl https://api.hexcore.io/v2/accounts \
-H "Authorization: Bearer sk_live_..." \
-H "Content-Type: application/json"
Successful Response
{
"status": true,
"message": "Accounts retrieved",
"data": [
{
"account_number": "1234567890",
"balance": 10500.00
}
]
}