|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loading prices...
Polyblock
API Reference

API Overview

Polyblock provides a comprehensive API for accessing market data, managing orders, and receiving real-time updates via WebSocket. All endpoints return JSON responses.

WebSocket Service Required: Most API endpoints require the WebSocket service to be running. See the Configuration section for setup instructions.

Base URLs

Polyblock uses multiple endpoints for different services:

Next.js API (Port 3000)

Frontend API routes for market data and user information.

http://localhost:3000/api

WebSocket Service HTTP (Port 8081)

Direct access to the WebSocket service HTTP endpoints.

http://localhost:8081

WebSocket Connection (Port 8081)

Real-time data streaming via WebSocket protocol.

ws://localhost:8081/ws

Response Format

All API responses follow a consistent JSON format:

// Success response
{
  "data": { ... },
  "success": true
}

// Error response
{
  "error": "Error message description",
  "success": false
}

Rate Limits

API endpoints have rate limits to ensure fair usage:

Public Endpoints

100 requests per minute per IP address. Market data and prices.

Authenticated Endpoints

300 requests per minute per API key. Trading and user data.

Check response headers for X-RateLimit-Remaining andX-RateLimit-Reset to monitor your usage.

Error Handling

The API uses standard HTTP status codes:

200 OK — Request succeeded. Response body contains the requested data.
400 Bad Request — Invalid request parameters. Check the error message for details.
401 Unauthorized — Missing or invalid authentication. Verify your API credentials.
429 Too Many Requests — Rate limit exceeded. Wait before retrying.
500 Internal Server Error — Server-side error. Retry with exponential backoff.

Local development vs production

The sample URLs on this page use localhost ports for the Next.js app and the WebSocket service. In production, replace hosts with your deployed domains, terminate TLS at your edge, and use wss:// for websocket URLs. Keep secrets out of client bundles—only NEXT_PUBLIC_* variables belong in browser code.

When you add new integrations, log request IDs or timestamps server-side so you can correlate user reports with API traces. Rate-limit your own workers to stay inside the authenticated tier and backoff when you receive HTTP 429 responses.

Suggested reading order

If you call private endpoints, read Authentication next, then Market Data for public polling patterns, then WebSocket Connection and Subscriptions for streaming. Finish with User Data if you build account-specific dashboards.