API Reference

CryptoLins provides a REST API that proxies crypto payments through our enterprise Cryptomus merchant account. Each registered user gets their own API key and secret. Requests are authenticated via custom HTTP headers.

Base URL

https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1

API is live. No approval required to start receiving payments.

Authentication

Every request requires two HTTP headers. Generate them in your dashboard. The secret is shown only once when generated — store it in an environment variable.

Header	Description
X-CryptoLins-Key	Your 32-character hex API key.
X-CryptoLins-Secret	Your 64-character hex API secret (raw, never hashed by you).
Content-Type	Must be `application/json`

Security Warning: Never expose your API Secret in frontend or client-side code. All API calls must be made server-side.

How Signing Works

Internally, CryptoLins signs each request to Cryptomus using md5(base64_encode(json_encode($payload)) . $paymentApiKey). This is done transparently — you never touch the master API key or the signing logic.

PHP — Platform handles this automatically

// Platform does this for you internally:
$data  = json_encode($payload);
$sign  = md5(base64_encode($data) . $cryptomus_payment_api_key);

// Headers sent to Cryptomus:
// merchant: YOUR_CRYPTOMUS_UUID
// sign:     $sign

POST

/payment

Creates a payment invoice via Cryptomus. Returns a url to redirect your customer to the Cryptomus-hosted payment page.

Request Body

Field	Type	Required	Notes
amount	string	Yes	Numeric string. e.g. "10.50"
currency	string	Yes	USD, EUR, USDT, BTC, ETH, LTC, TRX…
order_id	string	No	Alphanumeric + dash/underscore. Auto-generated if omitted.
url_callback	string	No	Your webhook URL for status updates.
url_return	string	No	User redirect after payment page (back button).
url_success	string	No	User redirect after successful payment.

cURL Example

Shell

curl -X POST https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1/payment \
  -H "X-CryptoLins-Key: YOUR_API_KEY" \
  -H "X-CryptoLins-Secret: YOUR_API_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"amount":"49.99","currency":"USD","order_id":"ORDER-2024-001","url_callback":"https://yourserver.com/webhook","url_success":"https://yourstore.com/thank-you"}'

Response — 200 OK

JSON · 200 OKSuccess

{
  "success": true,
  "result": {
    "uuid":             "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "order_id":         "ORDER-2024-001",
    "amount":           "49.99",
    "payment_amount":   "50.39",
    "currency":         "USD",
    "payment_currency": "USDT",
    "url":              "https://pay.cryptomus.com/pay/xxxxxxxx-...",
    "expired_at":       1713456789,
    "status":           "check",
    "is_final":         false
  }
}

POST

/payment/info

Check the current status of a payment by uuid or order_id. Send one of the two fields.

Shell

curl -X POST https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1/payment/info \
  -H "X-CryptoLins-Key: YOUR_API_KEY" \
  -H "X-CryptoLins-Secret: YOUR_API_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"order_id": "ORDER-2024-001"}'

# OR by UUID:
  -d '{"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}'

POST

/payment/list

Returns a paginated list of your invoices. Optional limit (max 100) and cursor for pagination.

Shell

curl -X POST https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1/payment/list \
  -H "X-CryptoLins-Key: YOUR_KEY" \
  -H "X-CryptoLins-Secret: YOUR_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"limit": 20}'

Webhooks

When invoice status changes on Cryptomus, our server receives the event, verifies the signature, updates your invoice in the database, and forwards the payload to your url_callback with the original order_id restored.

Payment Status Values

check Awaiting payment

pending Partial received

confirm_check Confirming on-chain

paid Fully paid

paid_over Overpaid

wrong_amount Wrong amount

cancel Expired / cancelled

fail Payment failed

system_fail System failure

refund_paid Refunded

Example Webhook Payload

JSON — POST to your url_callback

{
  "order_id":         "ORDER-2024-001",
  "uuid":             "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "status":           "paid",
  "amount":           "49.99",
  "payment_amount":   "50.40",
  "currency":         "USD",
  "payment_currency": "USDT",
  "merchant_amount":  "49.19",
  "is_final":         true,
  "txid":             "abc123blockchain..."
}

Guide: Creating Invoices Manually

You don't need code to create a payment link. Use the Dashboard's built-in invoice generator — ideal for freelancers and one-off payments.

Register & Log In

Go to Login / Sign Up and create your free account.

Generate API Credentials

Dashboard → API Credentials tab → click "Regenerate". Save the secret — it won't be shown again.

Open Create Invoice Tab

Enter the amount, currency, an order ID (or leave blank), and optionally a webhook URL.

Click "Generate Payment Link"

A Cryptomus payment URL is created instantly. Share it via email, WhatsApp, or invoice software.

Customer Pays

The customer opens the URL, picks their preferred crypto, and completes payment.

Check Status

See status updates in your Transactions tab. Your webhook URL receives a POST notification on any status change.

Request Payout

When balance is ≥ $10, go to Payout tab and submit a withdrawal request. Processed within 24 hours.

Guide: Website Integration

Add crypto checkout to any website or app in minutes. Your backend calls our API, your customer sees the Cryptomus-hosted payment page.

PHP

$api_key    = getenv('CRYPTOLINS_API_KEY');
$api_secret = getenv('CRYPTOLINS_API_SECRET');
$base_url   = 'https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1';

function createCryptoPayment($amount, $currency, $order_id, $callback_url = '') {
    global $api_key, $api_secret, $base_url;
    $payload = json_encode([
        'amount'       => (string) $amount,
        'currency'     => strtoupper($currency),
        'order_id'     => $order_id,
        'url_callback' => $callback_url,
        'url_success'  => 'https://yourstore.com/thank-you',
    ]);
    $ch = curl_init($base_url . '/payment');
    curl_setopt_array($ch, [
        CURLOPT_POST           => true,
        CURLOPT_POSTFIELDS     => $payload,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_HTTPHEADER     => [
            'X-CryptoLins-Key: '    . $api_key,
            'X-CryptoLins-Secret: ' . $api_secret,
            'Content-Type: application/json',
        ],
    ]);
    $response = curl_exec($ch); curl_close($ch);
    return json_decode($response, true);
}

$result = createCryptoPayment('29.99', 'USD', 'ORDER-' . uniqid(), 'https://yourstore.com/webhook');
if ($result['success']) { header('Location: ' . $result['result']['url']); exit; }

Node.js

JavaScript (Node.js)

const BASE_URL = 'https://sonicfolio.sonicfolio.store/wp-json/cryptolins/v1';

async function createPayment(amount, currency, orderId, callbackUrl = '') {
  const res = await fetch(`${BASE_URL}/payment`, {
    method: 'POST',
    headers: {
      'X-CryptoLins-Key':    process.env.CRYPTOLINS_KEY,
      'X-CryptoLins-Secret': process.env.CRYPTOLINS_SECRET,
      'Content-Type':        'application/json',
    },
    body: JSON.stringify({
      amount:       String(amount),
      currency:     currency.toUpperCase(),
      order_id:     orderId,
      url_callback: callbackUrl,
      url_success:  'https://yourapp.com/payment-success',
    }),
  });
  return res.json();
}

// Usage in Express:
app.post('/checkout', async (req, res) => {
  const { amount, currency, orderId } = req.body;
  const data = await createPayment(amount, currency, orderId, 'https://yourapp.com/webhook');
  if (data.success) { res.json({ paymentUrl: data.result.url }); }
  else { res.status(400).json({ error: data.message }); }
});

Guide: Handling Webhooks

After creating an invoice with url_callback, your server receives a POST request whenever payment status changes. Respond with HTTP 200 to acknowledge.

PHP Webhook Handler

$raw  = file_get_contents('php://input');
$data = json_decode($raw, true);
if (!$data) { http_response_code(400); exit('bad request'); }

$order_id = $data['order_id'];
$status   = $data['status'];

switch ($status) {
    case 'paid':
    case 'paid_over':
        fulfillOrder($order_id); break;
    case 'cancel':
    case 'fail':
        cancelOrder($order_id); break;
    case 'wrong_amount':
        flagOrder($order_id, 'wrong_amount'); break;
}

http_response_code(200); echo 'ok';

Error Reference

HTTP	Code	Description
400	invalid_amount	amount is missing or not a positive number.
400	missing_param	uuid or order_id required for /payment/info.
400	missing_fields	email and password required for auth.
400	weak_password	Password must be at least 8 characters.
400	min_payout	Minimum payout is $10.00.
400	missing_address	Wallet address is required for payouts.
400	insufficient	Payout amount exceeds available balance.
401	missing_auth	X-CryptoLins-Key and/or X-CryptoLins-Secret headers missing.
401	invalid_key	API key not found or deactivated.
401	invalid_secret	API secret does not match key.
401	auth_failed	Email or password incorrect (login).
403	no_api_key	Generate an API key in dashboard before creating invoices.
409	duplicate_order	order_id already exists. Use a unique value.
409	email_exists	Email already registered.
502	gateway_error	Could not connect to Cryptomus API.
503	not_configured	CryptoLins gateway not configured by administrator.