Environments
Use the environment that matches your integration stage.
| Environment | Base URL | Recommended use |
|---|
| Staging | https://staging.qash.ai | Testing and pre-production validation |
| Production | https://app.qash.ai | Live client traffic |
The interactive reference lets you switch between staging and production before running a request.
Authentication
QASH currently documents two authentication models in this reference.
| API area | Authentication |
|---|
| Exchange rates / TRM | None |
| Cards | Authorization: Bearer <token> |
Request conventions
- Send
Content-Type: application/json for POST requests
- Use numeric values for amounts
- Read timestamps as ISO 8601 values
- Request a fresh quote immediately before executing a transaction
Try the API from the docs
Every endpoint page includes the interactive Mintlify playground.
- Open an endpoint under API reference.
- Choose the server you want to call.
- Review or edit the example request.
- Click
Run.
- Inspect the live response in the same page.
Current documented endpoints
| Method | Endpoint | Authentication | Description |
|---|
GET | /api/v1/exchanges/assets | None | Return the assets currently supported for conversion |
POST | /api/v1/exchanges/quote/public | None | Return a real-time exchange quote with TRM applied |
GET | /api/v1/cards/status | Bearer JWT | Return the current card status |
GET | /api/v1/cards/details | Bearer JWT | Return masked details for the primary card |
POST | /api/v1/cards/lock | Bearer JWT | Temporarily block the primary card |
POST | /api/v1/cards/unlock | Bearer JWT | Reactivate a previously locked card |
PATCH | /api/v1/cards/limit | Bearer JWT | Update the primary card spending limit |
GET | /api/v1/cards/balance | Bearer JWT | Return the current card balance by currency |
GET | /api/v1/cards/transactions | Bearer JWT | Return card transaction history |
Quote validity
Quotes expire 30 seconds after they are created. If you are about to execute a transaction, request a new quote immediately before processing it.
Idempotency
x-idempotency-key is required for the following Cards operations:
POST /api/v1/cards/lockPOST /api/v1/cards/unlockPATCH /api/v1/cards/limit
Use a unique UUID for each operation to prevent duplicate processing.