SDK Reference
All symbols are importable from the bare package name. Your bundler or runtime resolves the correct entry automatically via conditional exports.
import { configureApi, getSDKInfo, SDK_NAME, SDK_VERSION, api } from '@coin-communities/sdk';For React apps, @coin-communities/sdk/react-query re-exports everything below plus pre-baked hooks. See the React Query page.
Functions
configureApi()
Configures the shared HTTP client used by all api.* functions. Call this once at
application startup — typically before any API call is made.
Signature
function configureApi(options: ConfigureApiOptions): voidParameters
options(ConfigureApiOptions, required) — seeConfigureApiOptions.
Example
import { configureApi } from '@coin-communities/sdk';
configureApi({
baseUrl: 'https://api.coin-communities.xyz',
headers: { 'x-api-key': 'YOUR_API_KEY' },
});baseUrl is the API origin. The generated client paths already include
/api/v1/..., so don't append it.
getSDKInfo()
Returns metadata describing the SDK and the runtime it was bundled for.
Signature
function getSDKInfo(): SDKInfoPlatform-divergent behaviour — the platform field reflects the conditional export resolved at bundle time.
| Runtime | platform value |
|---|---|
| Browser (React) | 'react' |
| React Native | 'react-native' |
| Node.js / default | 'node' |
Returns SDKInfo
Example
import { getSDKInfo } from '@coin-communities/sdk';
const info = getSDKInfo();
// { name: '@coin-communities/sdk', version: '0.0.8', platform: 'react' }Authentication
The API uses two authentication schemes. Configure the right one via configureApi.
API key (x-api-key)
Most read and write operations on communities, users, and the feed accept an API key
sent as the x-api-key request header. Create a key in the business dashboard or via
api.createApiKey().
configureApi({
baseUrl: 'https://api.coin-communities.xyz',
headers: { 'x-api-key': process.env.CC_API_KEY },
});Bearer JWT (Authorization: Bearer)
Business management operations (API keys, members, callbacks, audit logs) require a JWT
obtained by calling api.login() with business email + password credentials.
configureApi({
baseUrl: 'https://api.coin-communities.xyz',
auth: () => sessionStorage.getItem('token') ?? '',
});Set auth to a function returning the JWT string. It is called per-request and may be
async. If you need both schemes simultaneously, put the API key in headers and the
JWT in auth.
Unauthenticated endpoints
Only the platform health probes require no authentication:
| Endpoint | Description |
|---|---|
GET /health | Liveness check |
GET /ping | Latency probe |
The */public operations (getTopCommunities, getMessagesPublic, getFeedPublic)
read data anonymously — they don't need a user JWT — but they still require an
x-api-key. Pass it via configureApi({ headers: { 'x-api-key': ... } }).
Types
ConfigureApiOptions
Options accepted by configureApi().
type ConfigureApiOptions = Pick<Config, 'baseUrl' | 'fetch' | 'headers' | 'auth'>;Fields
baseUrl(string) — API origin. Defaults to'https://api.coin-communities.xyz'. Don't include/api/v1— operation paths already carry it.fetch(typeof globalThis.fetch) — customfetchimplementation. Useful in environments where you need a polyfill or want to intercept requests.headers(HeadersInit) — default headers merged into every request. Use this to passx-api-key.auth(string | ((auth: Auth) => string | undefined | Promise<string | undefined>)) — bearer token or a function (sync or async) that returns one. Attached to each request that declaresjwt_authsecurity.
SDKInfo
The object shape returned by getSDKInfo().
interface SDKInfo {
name: string;
version: string;
platform: Platform;
}Platform
type Platform = 'react' | 'react-native' | 'node';| Value | Resolved when |
|---|---|
'react' | Bundled for browser environments (the browser conditional export) |
'react-native' | Bundled for React Native (the react-native conditional export) |
'node' | Running in Node.js or when no other condition matches (default) |
Constants
SDK_NAME
const SDK_NAME: stringThe package name string. Value: '@coin-communities/sdk'.
SDK_VERSION
const SDK_VERSION: stringThe current SDK version string.
HTTP API (api.*)
All generated API operations are exported as a namespace called api. Configure the
client once with configureApi(), then call operations directly.
Call pattern
By default operations return { data, error, response }. Pass { throwOnError: true }
to throw on HTTP errors instead.
import { configureApi, api } from '@coin-communities/sdk';
configureApi({
baseUrl: 'https://api.coin-communities.xyz',
headers: { 'x-api-key': 'YOUR_KEY' },
});
const { data, error } = await api.getCommunity({
path: { token_address: '7eYw...' },
});
if (error) {
console.error('failed', error.message);
} else {
console.log(data.community.tokenAddress);
}Operations that take a request body, path params, or query params accept them under the matching keys:
// Path params
await api.getCommunity({ path: { token_address: '7eYw...' } });
// Query params
await api.getMessages({ path: { token_address: '7eYw...' }, query: { limit: 50 } });
// Body
await api.postMessage({
path: { token_address: '7eYw...' },
body: { content: 'gm', chainId: 'solana', walletAddress: 'YourWalletPubkey' },
});Type names
The generated types follow each operation's name. For an operation xxx() you get:
XxxData— request shape (body / path / query / url)XxxResponses— map of status code → response bodyXxxResponse— union of success response bodiesXxxErrors— map of status code → error bodyXxxError— union of error bodies (where applicable)
Refer to types.gen.ts and openapi.json in the SDK package for the full schema.
Operations by domain
Diagnostics
| Operation | HTTP | Auth | Description |
|---|---|---|---|
health | GET /health | none | Liveness check. Returns { status: 'ok' }. |
ping | GET /ping | none | Latency probe. |
Business — Auth
Manages business accounts (the team-level entity that owns API keys, callbacks, and members). Business endpoints use email + password credentials; calls return a JWT used as the bearer token.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
me | GET /api/v1/business/me | jwt | Returns the authenticated business profile. |
login | POST /api/v1/business/login | none | Email + password login. Returns a JWT. |
logout | POST /api/v1/business/logout | jwt | Invalidates the current session. |
register | POST /api/v1/business/register | none | Create a new business account. |
verifyEmail | POST /api/v1/business/verify-email | none | Confirm email via verification code. |
resendVerification | POST /api/v1/business/resend-verification | none | Re-send verification email. |
forgotPassword | POST /api/v1/business/forgot-password | none | Trigger password-reset email. |
resetPassword | POST /api/v1/business/reset-password | none | Complete password reset with code. |
Business — API Keys
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getApiKeys | GET /api/v1/business/api-keys | jwt | List API keys for the business. |
createApiKey | POST /api/v1/business/api-keys | jwt | Create a new API key (key shown once). |
rotateApiKey | POST /api/v1/business/api-keys/{id}/rotate | jwt | Rotate an API key's secret. |
revokeApiKey | DELETE /api/v1/business/api-keys/{id} | jwt | Revoke an API key permanently. |
listApiKeyOrigins | GET /api/v1/business/api-keys/{id}/origins | jwt | List allowed browser origins for an API key. |
addApiKeyOrigin | POST /api/v1/business/api-keys/{id}/origins | jwt | Add an allowed origin. Returns 409 if already present. |
removeApiKeyOrigin | DELETE /api/v1/business/api-keys/{id}/origins/{origin_id} | jwt | Remove an allowed origin. |
Business — Callbacks
Webhook URLs the platform POSTs to on community events.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
listCallbacks | GET /api/v1/business/callbacks | jwt | List registered callback URLs. |
addCallback | POST /api/v1/business/callbacks | jwt | Register a callback URL. |
removeCallback | DELETE /api/v1/business/callbacks/{id} | jwt | Remove a callback URL. |
Business — Members
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getMembers | GET /api/v1/business/members | jwt | List team members. |
addMember | POST /api/v1/business/members | jwt | Invite a new team member by email. |
deleteMember | DELETE /api/v1/business/members/{id} | jwt | Remove a team member. |
Business — Logs
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getLogs | GET /api/v1/business/logs | jwt | Read API call audit logs. Accepts GetLogsParams query filters. |
Communities
A community is keyed by its on-chain token_address. Most community operations accept
either jwt_auth or api_key_auth.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getTopCommunities | GET /api/v1/communities/top | none | List top communities by activity. |
getCommunity | GET /api/v1/communities/{token_address} | api key | Fetch community metadata. |
getMessages | GET /api/v1/communities/{token_address}/messages | api key | List messages. Accepts GetMessagesQuery. |
getMessagesPublic | GET /api/v1/communities/{token_address}/messages/public | none | Read messages without authentication. |
postMessage | POST /api/v1/communities/{token_address}/messages | api key | Post a new message. Requires body PostMessageRequest. |
likeMessage | POST /api/v1/communities/{token_address}/messages/{message_id}/like | api key | Like a message. |
unlikeMessage | DELETE /api/v1/communities/{token_address}/messages/{message_id}/like | api key | Remove a like. |
getLikeCount | GET /api/v1/communities/{token_address}/messages/{message_id}/likes | api key | Read the like count for a message. |
getReplies | GET /api/v1/communities/{token_address}/messages/{message_id}/replies | api key | List replies. Accepts GetRepliesQuery. |
postReply | POST /api/v1/communities/{token_address}/messages/{message_id}/replies | api key | Post a reply. Body shape identical to postMessage. |
reportMessage | POST /api/v1/communities/{token_address}/messages/{message_id}/report | api key | Report a message. Accepts ReportMessageRequest. |
getCommunityMembers | GET /api/v1/communities/{token_address}/members | api key | List members. Accepts limit and offset query params. |
getWsTicket | POST /api/v1/communities/{token_address}/ws/ticket | api key | Obtain a short-lived WebSocket ticket for realtime subscriptions. |
Community media
| Operation | HTTP | Auth | Description |
|---|---|---|---|
uploadCommunityMedia | POST /api/v1/communities/media | api key | Upload an image for use in a message. Returns a media URL. |
getMediaProviders | GET /api/v1/communities/media-providers | api key | List supported upload providers. |
getSupportedChains | GET /api/v1/communities/chains | api key | List blockchain networks the platform supports. |
Feed
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getFeed | GET /api/v1/feed | api key | Cross-community activity feed (authenticated). |
getFeedPublic | GET /api/v1/feed/public | none | Cross-community activity feed without authentication. |
Users
End-user (not business) profile management. Users authenticate via Twitter OAuth — see Twitter.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
userMe | GET /api/v1/users/me | api key | Returns the authenticated user profile. |
updateUsername | PATCH /api/v1/users/me/username | api key | Change the user's display name. |
uploadPfp | POST /api/v1/users/me/pfp | api key | Upload a profile picture (base64 encoded). |
refreshToken | POST /api/v1/users/token/refresh | api key | Exchange a refresh token for a new access token. |
Wallets
Link EVM and Solana wallets to a user account via a signed challenge.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getWallets | GET /api/v1/users/me/wallets | api key | List linked wallets. |
walletChallenge | POST /api/v1/users/me/wallets/challenge | api key | Request a sign-in challenge for the wallet. |
linkWallet | POST /api/v1/users/me/wallets | api key | Link a wallet using the signed challenge nonce. |
unlinkWallet | DELETE /api/v1/users/me/wallets/{id} | api key | Unlink a wallet. |
User authentication flows. These endpoints require api_key_auth.
| Operation | HTTP | Auth | Description |
|---|---|---|---|
twitterAuthUrl | GET /api/v1/users/twitter/auth-url | api key | Get the Twitter OAuth authorization URL. |
twitterCallback | POST /api/v1/users/twitter/callback | api key | Complete the OAuth flow (legacy token-in-redirect path). |
twitterChallengeExchange | POST /api/v1/users/twitter/challenge/exchange | api key | Exchange a one-time challengeCode for access + refresh tokens. Preferred over twitterCallback. |
User social graph
| Operation | HTTP | Auth | Description |
|---|---|---|---|
getUserProfile | GET /api/v1/users/{user_id}/profile | api key | Fetch a user's public profile. |
getFollowers | GET /api/v1/users/{user_id}/followers | api key | List a user's followers. Accepts limit and offset. |
getFollowing | GET /api/v1/users/{user_id}/following | api key | List users that a user follows. |
followUser | POST /api/v1/users/{user_id}/follow | api key | Follow a user. |
unfollowUser | DELETE /api/v1/users/{user_id}/follow | api key | Unfollow a user. |
Realtime
The SDK ships a WebSocket client for live community updates.
import { CommunityRealtimeClient } from '@coin-communities/sdk/react-query';
// or
import { CommunityRealtimeClient } from '@coin-communities/sdk/react';CommunityRealtimeClient
A shared WebSocket client per (baseUrl, tokenAddress) pair. Call getOrCreate to
get or lazily spin up a connection; CommunityRealtimeClient handles reconnection with
exponential back-off automatically.
const client = CommunityRealtimeClient.getOrCreate({
baseUrl: 'https://api.coin-communities.xyz',
tokenAddress: '7eYw...',
auth: async () => {
const { data } = await api.getWsTicket({ path: { token_address: '7eYw...' } });
return data?.ticket ?? null;
},
});
const dispose = client.subscribe({
onMessage: (event) => console.log('new message', event),
onLike: (event) => console.log('like update', event),
onConnect: () => console.log('connected'),
onDisconnect: () => console.log('disconnected'),
});
// Later:
dispose(); // unsubscribe this handler (connection shared with other subscribers)useCommunityEvents (React hook)
import { useCommunityEvents } from '@coin-communities/sdk/react-query';
useCommunityEvents(tokenAddress, {
auth: async () => { /* return ws ticket */ },
onMessage: (event) => { /* ... */ },
onLike: (event) => { /* ... */ },
});The hook wires up and tears down the subscription with the component lifecycle. Handler callbacks are wrapped in refs so you can pass inline functions without churning the connection.
Entity types
Community
type Community = {
id: string;
tokenAddress: string;
createdAt: string;
};id— unique community identifier.tokenAddress— on-chain token mint address that keys this community.createdAt— ISO-8601 creation timestamp.
TopCommunity
Returned by getTopCommunities.
type TopCommunity = {
tokenAddress: string;
tokenSymbol?: string | null;
tokenImageUrl?: string | null;
memberCount: number;
postCount: number;
totalLikes: number;
latestPostAt: number; // Unix ms
};Message
A community message posted by a user.
type Message = {
id: string;
communityId: string;
businessId: string;
userId: string;
tokenAddress: string;
content: string;
mediaUrl?: string | null;
walletAddress: string;
username: string;
userTwitterUrl: string;
profileImageUrl?: string | null;
followerCount: number;
likeCount: number;
liked: boolean;
replyCount: number;
parentMessageId?: string | null;
isSpam: boolean;
isHarmful: boolean;
createdAt: string;
};walletAddress— the wallet the message was posted from.liked— whether the currently authenticated user has liked this message.parentMessageId— non-null when this message is a reply.isSpam/isHarmful— server-side content classification flags.
FeedItem
A cross-community feed entry returned by getFeed / getFeedPublic.
type FeedItem = {
id: string;
communityId: string;
tokenAddress: string;
tokenSymbol?: string | null;
tokenImageUrl?: string | null;
content: string;
mediaUrl?: string | null;
username: string;
profileImageUrl?: string | null;
userTwitterUrl: string;
followerCount: number;
likeCount: number;
liked: boolean;
replyCount: number;
createdAt: string;
};User
An end-user (community participant), authenticated via Twitter OAuth.
type User = {
id: string;
twitterId: string;
username: string;
profileImageUrl?: string | null;
followerCount: number;
followerCountSyncedAt?: string | null;
nativeFollowerCount: number;
nativeFollowingCount: number;
createdAt: string;
};followerCount— Twitter follower count (synced periodically).nativeFollowerCount/nativeFollowingCount— in-platform social graph counts.
UserProfile
Public profile. Returned by getUserProfile and inside FollowListResponse.
type UserProfile = {
id: string;
username: string;
profileImageUrl?: string | null;
followerCount: number;
nativeFollowerCount: number;
nativeFollowingCount: number;
createdAt: string;
};CommunityMember
A community participant. Returned by getCommunityMembers.
type CommunityMember = {
userId: string;
username: string;
profileImageUrl?: string | null;
twitterUrl: string;
followerCount: number;
messageCount: number;
};WalletLink
A wallet address linked to a user account.
type WalletLink = {
id: string;
userId: string;
businessId: string;
address: string;
chainType: ChainType;
createdAt: string;
};ApiKey
type ApiKey = {
id: string;
businessId: string;
createdBy: string;
name: string;
keyPrefix: string;
keyHash: string;
lastUsedAt?: string | null;
revokedAt?: string | null;
createdAt: string;
};The full key string is only returned once — in the key field of CreateApiKeyResponse
or RotateApiKeyResponse. Store it immediately; it cannot be retrieved again.
ApiKeyOrigin
An allowed-origin entry for an API key.
type ApiKeyOrigin = {
id: string;
apiKeyId: string;
origin: string;
createdAt: string;
};WhitelistedCallback
A registered callback (webhook) URL belonging to a business.
type WhitelistedCallback = {
id: string;
businessId: string;
url: string;
createdAt: string;
};MediaProvider
A platform-approved media host. URLs from approved providers are accepted by postMessage.
type MediaProvider = {
id: string;
name: string;
logoUrl: string;
searchUrl: string;
domains: string[];
};ApiLogEvent
A single API call log entry returned by getLogs.
type ApiLogEvent = {
apiKeyId: string;
businessId: string;
method: string;
path: string;
statusCode: number;
latencyMs: number;
createdAt: string;
};Enums
ChainId
type ChainId = 'solana' | 'ethereum' | 'base' | 'bsc';Identifies the blockchain for a message. Required field in PostMessageRequest.
ChainType
type ChainType = 'evm' | 'svm';Wallet signing scheme. 'svm' = Solana; 'evm' = Ethereum / EVM-compatible chains.
Used in LinkWalletRequest and WalletChallengeRequest.
MessageSortField
type MessageSortField = 'time' | 'likes';Controls the sort field for getMessages. Default 'time'.
MessageSortOrder
type MessageSortOrder = 'desc' | 'asc';Sort direction for getMessages. Default 'desc'.
ReportReason
type ReportReason =
| 'spam'
| 'harassment'
| 'hate_speech'
| 'inappropriate_content'
| 'other';Required field in ReportMessageRequest. When 'other', include a text field.
Request and query types
PostMessageRequest
type PostMessageRequest = {
content: string; // required
chainId: ChainId; // required
walletAddress: string; // required — must be a linked wallet
mediaUrl?: string | null; // must be a URL from uploadCommunityMedia
};Errors — 400 invalid body; 403 wallet not linked or insufficient token balance.
GetMessagesQuery
Query parameters accepted by getMessages.
type GetMessagesQuery = {
before?: string | null; // cursor (message id) for time-sorted pagination
offset?: number | null; // offset for likes-sorted pagination
limit?: number | null; // default 50, max 100
sort?: MessageSortField | null; // default 'time'
order?: MessageSortOrder | null; // default 'desc'
filterIsSpam?: boolean | null; // exclude spam-classified messages
filterIsHarm?: boolean | null; // exclude harm-classified messages
};GetRepliesQuery
Query parameters accepted by getReplies.
type GetRepliesQuery = {
before?: string | null; // cursor (reply id) for pagination
limit?: number | null;
order?: MessageSortOrder | null; // default 'desc'
};ReportMessageRequest
type ReportMessageRequest = {
reason: ReportReason; // required
text?: string | null; // required when reason is 'other'
};GetLogsParams
Query parameters accepted by getLogs.
type GetLogsParams = {
apiKeyId?: string | null; // filter to a specific API key
method?: string | null; // HTTP method e.g. 'GET'
path?: string | null; // request path prefix
statusClass?: number | null; // 2 = 2xx, 4 = 4xx, 5 = 5xx
startTime?: string | null; // ISO-8601 lower bound
endTime?: string | null; // ISO-8601 upper bound
limit?: number;
offset?: number; // default 0
};LinkWalletRequest
type LinkWalletRequest = {
address: string; // required — wallet public address
chainType: ChainType; // required
signature: string; // required — signature over the nonce from walletChallenge
};Errors — 400 no pending challenge; 401 invalid signature; 409 wallet already linked.
WalletChallengeRequest
type WalletChallengeRequest = {
address: string; // required
chainType: ChainType; // required
};Returns { message: string; nonce: string }. The wallet must sign the message; pass
the resulting signature + address + chainType to linkWallet.
TwitterAuthUrlQuery
type TwitterAuthUrlQuery = {
redirectUrl: string; // required — must be whitelisted in your business dashboard
};The server appends either accessToken+refreshToken (legacy) or a one-time
challengeCode to the redirect URL. Exchange the code via twitterChallengeExchange.
Errors — 400 redirectUrl not whitelisted.
TwitterChallengeExchangeRequest
type TwitterChallengeExchangeRequest = {
challengeCode: string; // single-use, short-lived
};Returns { accessToken, refreshToken, user }. Errors — 404 code expired.
UploadMediaRequest / UploadPfpRequest
type UploadMediaRequest = {
contentType: string; // e.g. 'image/jpeg'
data: string; // base64-encoded file content
};Both types share the same shape. uploadCommunityMedia returns { mediaUrl };
uploadPfp returns { imageUrl }.
AddOriginRequest
type AddOriginRequest = {
origin: string; // e.g. 'https://app.example.com' — no path, no trailing slash
};Errors — 404 API key not found; 409 origin already allowed.