The Prism Gateway API handles payment settlement, payment requirement generation, and merchant profile management. For most x402 integrations, the server-side SDKs wrap these endpoints automatically. Use the API directly for custom integrations or when building on top of UCP.
Base URLs Environment URL Production https://prism-gw.fd.xyz
Authentication Authenticate by including your API key in the X-API-Key header:
curl https://prism-gw.fd.xyz/api/v2/merchant/payment-profile \ -H "X-API-Key: your-api-key"
Get your API key from the Prism Console under API Keys .
Keep your API key secret. Never expose it in client-side code, browser
requests, or public repositories.
Endpoint Groups The API is organized into three groups:
Group Auth Purpose x402 Settlement X-API-KeyGenerate payment requirements, verify authorizations, settle payments Merchant X-API-KeyUCP checkout helpers: get your payment profile for discovery, convert fiat amounts to x402 payment handler entries Gateway Public UCP handler reference files: JSON schema and handler spec
x402 Settlement Facilitator endpoints for the x402 payment flow. The SDKs call these under the hood.
Method Endpoint Description POST/api/v2/payment/requirementsGenerate x402 payment requirements for a resource POST/api/v2/payment/verifyVerify a signed x402 payment authorization POST/api/v2/payment/settleSettle a verified payment on-chain
Merchant For UCP merchants. Call these from your server to build your UCP profile and prepare checkout sessions.
Method Endpoint Description GET/api/v2/merchant/payment-profileGet the payment_handlers block for your UCP discovery profile POST/api/v2/merchant/checkout-prepareConvert a fiat amount into x402 payment handler entries with resolved token amounts
Gateway Public endpoints serving the UCP handler reference. No authentication required.
Method Endpoint Description GET/ucp/schema.jsonUCP handler JSON schema GET/ucp/prism.mdUCP handler specification
See Endpoints for full request/response documentation.
Content-Type: application/json
All request bodies are JSON
Standard HTTP methods: GET, POST
Errors follow the RFC 7807 Problem Details format:
{ "type" : "https://tools.ietf.org/html/rfc7807" , "title" : "Bad Request" , "status" : 400 , "detail" : "Amount is required" }
HTTP Status Meaning 400 Bad Request (invalid input) 401 Unauthorized (missing or invalid API key) 404 Not Found (merchant not configured) 502 Bad Gateway (upstream settlement failure)
When rate limited, the API returns 429 Too Many Requests . Back off and retry after the reset time.
SDKs For most integrations, use a server-side SDK instead of calling the API directly. The SDKs handle authentication, x402 protocol flow, payment verification, and type safety:
TypeScript Express, NestJS, Next.js, Fastify, and more
Python FastAPI, Flask, Django
Java Servlet-based applications
