Getting Started
Welcome to the CryptoGate Merchant API Reference. CryptoGate enables online stores, SaaS platforms, and digital businesses to easily accept 10+ major cryptocurrencies across 8 leading blockchains with zero processing fees.
The gateway operates fully serverless on Vercel and uses MongoDB to store invoices, transactions, and webhook logs. Integrating the gateway requires only a few lines of code.
Authentication
To authenticate API requests, you must pass your merchant API key in the headers of each request. You can locate your API Key and Secret inside your merchant settings dashboard.
{
"X-API-Key": "your_merchant_api_key"
}
Create Payment
Generates a new on-chain invoice with a unique wallet address derived via HD Wallet (BIP44) and returns a visual QR Code for checkout.
You can define the amount directly in cryptocurrency or in fiat USD (fiat amount is auto-calculated using the live Binance Public API).
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| currency | string | Yes | Payment asset symbol (e.g. USDT_TRC20, BTC, ETH, SOL, USDC_POLYGON) |
| amount | number | No | Asset token value. Required if fiatAmount is omitted. |
| fiatAmount | number | No | USD value. Payment calculates matching crypto units based on live Binance conversion. |
| fiatCurrency | string | No | Required if fiatAmount is set. Value: USD. |
| orderId | string | No | Merchant reference id (max 100 chars). |
| callbackUrl | string | No | Webhook URL target for payment notifications. |
Sample Implementation
curl -X POST https://yourgateway.vercel.app/api/v1/payments \
-H "Content-Type: application/json" \
-H "X-API-Key: your_api_key" \
-d '{
"fiatAmount": 100.0,
"fiatCurrency": "USD",
"currency": "USDT_TRC20",
"orderId": "order_77491",
"callbackUrl": "https://yoursite.com/webhooks"
}'
Get Payment Details
Query the current confirmation status, expire timer, amounts, and on-chain addresses for any created payment ID.
{
"success": true,
"data": {
"id": "pay_9a2f1c8b...",
"amount": 100,
"currency": "USDT_TRC20",
"status": "COMPLETED",
"walletAddress": "TXZ198sY...",
"fiatAmount": 100,
"fiatCurrency": "USD",
"exchangeRate": 1.0,
"paidAmount": 100,
"paidAt": "2026-07-05T12:00:00.000Z",
"expiresAt": "2026-07-05T12:30:00.000Z"
}
}
Webhook Notifications
When a transaction changes status (detected, confirming, completed, or expired), CryptoGate dispatches an HTTP POST payload to the configured merchant callbackUrl.
The webhook payload includes the transaction hash and a verification signature. If delivery fails (recipient server offline or 500 error), the system logs it and schedules retries automatically with exponential backoff (1 min, 5 min, 15 min, 60 min, 240 min).
{
"event": "payment.updated",
"paymentId": "pay_d7b88e1a...",
"timestamp": 1783339200000,
"data": {
"orderId": "order_77491",
"status": "COMPLETED",
"amount": 100.00,
"currency": "USDT_TRC20",
"txHash": "a67b2fc91..."
}
}
Verifying Webhook Signatures
To confirm webhooks were legitimately dispatched by your CryptoGate instance and not intercepted/forged, verify the X-Webhook-Signature request header using your merchant API Secret.
const crypto = require('crypto');
function verifySignature(reqBody, headerSignature, apiSecret) {
const payload = JSON.stringify(reqBody);
const expectedSignature = crypto
.createHmac('sha256', apiSecret)
.update(payload)
.digest('hex');
return `sha256=${expectedSignature}` === headerSignature;
}