Quick Start

Want to get up and running quickly? Check out our quickstart guide which will walk you through the core concepts and help you set up your app. https://docs.assetlayer.com/getting-started/quick-start

Authentication

To access resources via the Asset Layer API, you will need an App Secret. You can find your App Secret in the Asset Layer app once you create your app. Do not expose your App Secret on the client-side.

In order to access resources owned by individual users, they will need to authenticate with your app using their HandCash account. When you create your app, you will need to provide a HandCash App ID. This HandCash App must have Asset Layer turned on as an app extension. Once the Asset Layer app extension is turned on, then Asset Layer will automatically receive an authentication token directly from HandCash when a user logs into your app. When you make a request to the API to access resources owned by this users, we will use the auth token that we received from HandCash to verify that the user is still authenticated and then use that token to perform the request if necessary.

Making Requests

In order to access the Asset Layer API, you will need to use an App Secret which can be accessed from the creator dashboard.
As per RESTful design patterns, the Asset Layer API implements standard HTTP actions: GET, POST, PUT, DELETE. When making requests, arguments can be passed as params, form data or JSON with correct content-type header.
Requests must be made over HTTPS. Any non-secure requests are not redirected (HTTP 302) to the HTTPS equivalent URI.

Errors

Our API returns standard HTTP success or error status codes. For errors, we will also include extra information about what went wrong encoded in the response as JSON.
Additionally, different API endpoints have specific errors and error codes related to that endpoint. These endpoint-specific errors are covered in more detail as part of our full API reference.
Common HTTP Responses