The Dakota Platform API is a RESTful API that enables you to programmatically manage customers, wallets, transactions, and money movement.
Quick Start
To start making API requests, you need:
- Get Dashboard Access — Contact sales if you don’t have an account yet
- Create an API Key — Log into the Dakota Dashboard and navigate to API Keys to create a new key
- Make Your First Request — Use your API key with the sandbox base URL
curl -X GET https://api.platform.sandbox.dakota.xyz/customers \
-H "x-api-key: YOUR_API_KEY"
API Versioning
The Dakota API uses a stable versioning approach:
| Aspect | Details |
|---|
| Current Version | 1.0.0 |
| Version Location | No URL prefix required - all endpoints use the current stable version |
| Breaking Changes | Announced via email and changelog with migration guides |
| Deprecation Policy | Deprecated endpoints remain available for 6 months minimum |
OpenAPI Specification
OpenAPI 3.0.3 spec available - The complete machine-readable API specification can be downloaded for SDK generation, Postman import, or AI agent integration.
| Format | URL |
|---|
| OpenAPI 3.0 (YAML) | /openapi.yaml |
| OpenAPI 3.0 (JSON) | /openapi.json |
| Specification Version | 3.0.3 |
- Generate client SDKs in any language (openapi-generator)
- Import into Postman, Insomnia, or Swagger UI
- Power AI agents and code generation tools
- Automated API testing and validation
Base URLs
| Environment | API Base URL | Dashboard URL |
|---|
| Sandbox | https://api.platform.sandbox.dakota.xyz | platform.sandbox.dakota.xyz |
| Production | https://api.platform.dakota.xyz | platform.dakota.xyz |
Start with Sandbox — We recommend building and testing your integration in the sandbox environment first. Sandbox uses simulated data and won’t process real transactions.
Authentication
All API requests require authentication via the x-api-key header:
curl -X GET https://api.platform.dakota.xyz/customers \
-H "x-api-key: YOUR_API_KEY"
curl -X POST https://api.platform.dakota.xyz/customers \
-H "x-api-key: YOUR_API_KEY" \
-H "x-idempotency-key: unique-request-id" \
-H "Content-Type: application/json" \
-d '{"customer_type": "business", "name": "Acme Corp"}'
Code Examples
The following examples demonstrate common API operations in JavaScript, Python, and Go.
Create a Customer
const response = await fetch('https://api.platform.dakota.xyz/customers', {
method: 'POST',
headers: {
'x-api-key': 'YOUR_API_KEY',
'x-idempotency-key': 'unique-request-id',
'Content-Type': 'application/json'
},
body: JSON.stringify({
customer_type: 'business',
name: 'Acme Corp',
external_id: 'your-internal-id'
})
});
const customer = await response.json();
console.log('Customer ID:', customer.id);
console.log('Application URL:', customer.application_url);
async function listAllCustomers(apiKey) {
const customers = [];
let startingAfter = null;
while (true) {
const url = new URL('https://api.platform.dakota.xyz/customers');
url.searchParams.set('limit', '100');
if (startingAfter) {
url.searchParams.set('starting_after', startingAfter);
}
const response = await fetch(url, {
headers: { 'x-api-key': apiKey }
});
const result = await response.json();
customers.push(...result.data);
if (!result.meta.has_more_after) break;
startingAfter = result.data[result.data.length - 1].id;
}
return customers;
}
Create an Onramp Account
const response = await fetch('https://api.platform.dakota.xyz/accounts/onramp', {
method: 'POST',
headers: {
'x-api-key': 'YOUR_API_KEY',
'x-idempotency-key': 'unique-request-id',
'Content-Type': 'application/json'
},
body: JSON.stringify({
capabilities: ['ach'],
source_asset: 'USD',
destination_asset: 'USDC',
destination_id: '2hCjxJzUAW6JVRkZqaF9E0KpM3a'
})
});
const account = await response.json();
console.log('Onramp Account ID:', account.id);
console.log('Bank Account:', account.bank_account);
Create a Webhook Target
const response = await fetch('https://api.platform.dakota.xyz/webhook-targets', {
method: 'POST',
headers: {
'x-api-key': 'YOUR_API_KEY',
'x-idempotency-key': 'unique-request-id',
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://your-server.com/webhooks/dakota',
global: false,
event_types: ['customer.created', 'customer.updated', 'auto_account.created']
})
});
const target = await response.json();
console.log('Webhook Target ID:', target.id);
Rate Limits
| Authentication Type | Rate Limit |
|---|
| API Key | 60 requests per minute |
| JWT (Dashboard) | 600 requests per minute |
| Unauthenticated | 10 requests per minute |
| Application Token | 100 requests per hour |
X-RateLimit-Limit - Maximum requests allowedX-RateLimit-Remain - Requests remaining in windowX-RateLimit-Reset - Seconds until window resets
See Rate Limiting for handling strategies.
All responses are JSON. List responses include pagination:
{
"data": [ ... ],
"meta": {
"total_count": 100,
"has_more_after": true,
"has_more_before": false
}
}
limit - Items per page (default: 20, max: 100)starting_after - Cursor for next pageending_before - Cursor for previous page
Error responses follow a consistent format:
{
"code": "invalid_request",
"message": "Human readable error message",
"details": {
"field": "amount",
"issue": "must be greater than 0"
}
}
Data Model
The Dakota API is organized around the following core resources and their relationships:
Client (Your Organization)
├── Customers
│ ├── Applications (KYB/KYC onboarding)
│ │ ├── Business Entity
│ │ └── Individual Entities (beneficial owners, controllers)
│ ├── Recipients (payment destinations)
│ │ └── Destinations (bank accounts, crypto wallets)
│ └── Transactions
├── Auto Accounts (onramp, offramp, swap)
│ └── Auto Transactions
├── Wallets
└── One-off Transactions
Resource Relationships
| Parent Resource | Child Resource | Relationship | Access Pattern |
|---|
| Customer | Application | One-to-one | GET /customers/{id} includes application_id |
| Customer | Recipient | One-to-many | GET /customers/{id}/recipients |
| Customer | Transaction | One-to-many | GET /customers/{id}/transactions |
| Recipient | Destination | One-to-many | GET /recipients/{id}/destinations |
| Auto Account | Auto Transaction | One-to-many | GET /auto-transactions?auto_account_id={id} |
| Application | Business | One-to-one | Nested in application response |
| Application | Individual | One-to-many | Nested in application entities.individuals |
Resource Identifiers
All resources use KSUID (K-Sortable Unique Identifier) for IDs:
- Format: 27-character base62 string (e.g.,
2hCjxJzUAW6JVRkZqaF9E0KpM3a)
- Properties: Lexicographically sortable by creation time, globally unique
- Usage: Used for pagination cursors (
starting_after, ending_before)
Filtering and Sorting
List endpoints support filtering via query parameters. Common patterns:
Customers
# Filter by external ID
GET /customers?external_id=your-external-id
# Search by name, email, or customer ID (case-insensitive)
GET /customers?search=acme
Auto Transactions
# Filter by auto account
GET /auto-transactions?auto_account_id=2hCjxJzUAW6JVRkZqaF9E0KpM3a
# Filter by status
GET /auto-transactions?status=completed
# Filter by date range (Unix timestamps in seconds)
GET /auto-transactions?start_date=1704067200&end_date=1706745600
# Filter by transaction type
GET /auto-transactions?type=onramp
# Filter by asset
GET /auto-transactions?input_asset=USD&destination_asset=ETH
# Filter by blockchain details
GET /auto-transactions?source_network_id=ethereum&destination_crypto_address=0x...
Applications
# Filter by type
GET /applications?type=business
# Filter by status
GET /applications?status=submitted
Available Filter Parameters
| Endpoint | Parameter | Type | Description |
|---|
/customers | external_id | string | Exact match on external ID |
/customers | search | string | Search name, email, or ID |
/auto-transactions | auto_account_id | KSUID | Filter by auto account |
/auto-transactions | status | enum | pending, processing, completed, failed, canceled, reversed, in_progress, awaiting_confirmation, broadcasted, rejected, invalid, timed_out, not_started |
/auto-transactions | type | enum | onramp, offramp, swap |
/auto-transactions | start_date | integer | Unix timestamp (seconds) |
/auto-transactions | end_date | integer | Unix timestamp (seconds) |
/auto-transactions | input_asset | string | Asset symbol (e.g., USD) |
/auto-transactions | destination_asset | string | Asset symbol (e.g., ETH) |
/auto-transactions | source_network_id | string | Blockchain network ID |
/auto-transactions | destination_network_id | string | Blockchain network ID |
/auto-transactions | transaction_hash | string | Blockchain transaction hash |
/applications | type | enum | individual, business |
/applications | status | enum | pending, submitted, completed |
Bulk Operations
The API provides bulk endpoints for specific use cases:
Bulk Risk Rating Calculation
Calculate risk ratings for multiple entities in a single request:
POST /onboarding/risk-ratings/bulk
- Does NOT persist data - calculation only
- All-or-nothing validation: if any item fails, returns detailed errors for all invalid items
- Returns
risk_rating object with score, level, factors, and more
See the OpenAPI specification for complete request/response schemas.
| Parameter | Default | Maximum | Description |
|---|
limit | 20 | 100 | Items per page |
| File upload | - | 500 MB | Maximum file size |
List Response Structure
All list endpoints return a paginated response:
{
"data": [...],
"meta": {
"total_count": 100,
"has_more_after": true,
"has_more_before": false
}
}
GET /customers?starting_after={last_item_id}&limit=20
Error Response Structure
All errors return:
{
"code": "error_code",
"message": "Human readable error message"
}
