Skip to main content

Base URL

https://api.totalis.trade

Authentication

Programmatic clients send their API key in the X-API-Key header. Generate keys from the Totalis Dashboard, then include the key on every request: 
X-API-Key: <your-api-key>
The web dashboard authenticates via Privy and sends Authorization: Bearer <jwt> instead. Either auth scheme is accepted on every authenticated endpoint unless explicitly noted (for example, POST /user/api-keys requires Privy JWT — you cannot mint new keys with an existing key). The same X-API-Key works for the WebSocket auth message; see the Authentication guide for details.

Response envelope

Successful responses are wrapped: 
{ "data": { /* resource */ } }
List endpoints add cursor-based pagination metadata: 
{
  "data": { "rfqs": [/* ... */] },
  "meta": { "cursor": "opaque-string-or-null", "has_more": false }
}
Pass the previous response’s meta.cursor as the ?cursor= query parameter to fetch the next page. Cursors are opaque — do not parse or construct them client-side.

Endpoint Groups

Quote Service

Create live quote requests, stream real-time pricing from market makers, and commit the best quote.

Market Maker

Stream live quote requests, submit draft quotes, manage heartbeats, and confirm trades.

Markets

Browse cached prediction markets across Kalshi and Polymarket.

User

Manage your profile, API keys, and Solana wallet.

Error Format

All errors follow a consistent envelope: 
{
  "error": {
    "code": "ERROR_CODE",
    "message": "Human-readable error message",
    "details": {}
  }
}
The error.code values are drawn from a fixed set: VALIDATION_ERROR, UNAUTHORIZED, FORBIDDEN, NOT_FOUND, CONFLICT, RATE_LIMITED, PAYLOAD_TOO_LARGE, INTERNAL_ERROR, and SERVICE_UNAVAILABLE. On rate-limited responses (429), error.retry_after is set to the number of seconds to wait before retrying.