RIP.BET Docs

Authentication

RIP.BET uses two kinds of proof:

ProofWhat it proves
JWTThe caller is an authenticated user
Wallet or agent signatureThe user approved a trading action

Send JWTs with:

Authorization: Bearer <jwt>

When waitlist access is enabled, protected routes also check whether the user is allowed to trade or read gated data.

Access state

Use /v1/access/self to check the current identity and access level.

curl -s "{API_BASE_URL}/v1/access/self" \
  -H "Authorization: Bearer $JWT"

Users who are not allowed can submit an access request:

curl -s -X POST "{API_BASE_URL}/v1/access/request" \
  -H "Authorization: Bearer $JWT" \
  -H "Content-Type: application/json" \
  -d '{"email":"sam@example.com","note":"API integration"}'

Wallet identity

Routes that act on a wallet require the JWT to resolve to a wallet address. Email-only identities can use identity routes, but they cannot trade.

Wallet addresses are normalized to lowercase 0x format.

Direct signed orders

Some scalar trading routes accept a user-signed EIP-712 payload. The direct order envelope contract is SignedOrderRequest { order: ClientOrder, signature }:

{
  "order": {
    "asset": "NYCTMP1",
    "side": "buy",
    "size": "10.0000",
    "price": "575.00",
    "tif": "GTC",
    "nonce": 1710000000000,
    "timestamp": 1710000000000,
    "reduce_only": false
  },
  "signature": "0x..."
}

Use exact decimal strings. For scalar orders:

FieldExpected shape
assetScalar asset expected by the deployment
sidebuy or sell
priceEncoded mark as a decimal string
sizeSize string using the market precision
tifTime in force, such as GTC, IOC, or ALO
reduce_onlytrue for closes and risk-reducing orders
timestampMillisecond timestamp within the server freshness window
nonceMonotonically increasing value

Reused nonces are rejected.

Agent wallet flows

Agent flows split trading into prepare and submit steps:

  1. Client calls a prepare endpoint.
  2. API returns the canonical action, connection id, EIP-712 domain, and message.
  3. The approved agent wallet signs the returned message.
  4. Client calls the matching submit endpoint.

Scalar agent routes:

StepEndpoint
Prepare orderPOST /v1/orders/prepare
Submit orderPOST /v1/orders/submit
Prepare leveragePOST /v1/leverage/prepare
Submit leveragePOST /v1/leverage/submit
Approve agentPOST /v1/agent/approve

Outcome routes use the same pattern:

StepEndpoint
Prepare orderPOST /v1/outcomes/orders/prepare
Submit orderPOST /v1/outcomes/orders/submit
Prepare cancelPOST /v1/outcomes/cancel/prepare
Submit cancelPOST /v1/outcomes/cancel/submit

Outcome prepare routes also require allowlist access and an active approved agent wallet — see Outcome markets for the prerequisite.

Prepared outcome actions expire. If a submit fails because the prepared payload is stale, prepare a new action and sign the new message.

WebSocket auth

When waitlist access is enabled, WebSocket connections require the same JWT. Prefer Authorization: Bearer <jwt> on the upgrade request.

Use ?token=<jwt> only when the client platform cannot set headers. URL tokens must be short-lived, scoped to WebSocket use when possible, and redacted from access logs, metrics, traces, crash reports, and analytics.

On this page