Authentication
How ZenithPay authenticates REST, MCP, and onboarding flows
ZenithPay supports three integration surfaces:
- REST API (Bearer token)
- MCP server (Bearer + agent header)
- Agent skill bootstrap (
/skill.md)
Base URL
https://api.usezenithpay.xyzREST API (Bearer auth)
All protected REST endpoints require:
Authorization: Bearer $ZENITHPAY_API_KEYNotes:
GET /healthand seller challenge route are public.- API key is scoped to the owner account.
- Owner can have multiple linked agent wallets.
Auth matrix
| Endpoint family | Auth mode |
|---|---|
GET /health | None |
GET /skill.md, GET /references/api_docs.md | None |
| `GET | POST /sell/agent-intel` |
POST /pay | Bearer API key |
POST /wallet/genesis | Bearer API key |
GET /wallet/*, GET /limits, POST /limits, GET /ledger, GET /approvals, POST /approvals/* | Bearer API key |
Example: POST /pay
curl -X POST https://api.usezenithpay.xyz/pay \
-H "Authorization: Bearer $ZENITHPAY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"agentAddress": "0xcadf...1a9",
"serviceUrl": "https://exa.ai/search",
"maxAmount": "0.25",
"intent": "Research DeFi trends on X Layer"
}'MCP server auth
MCP requests are authenticated with:
Authorization: Bearer <api-key>X-Agent-Address: <agent-address>
MCP URL:
https://api.usezenithpay.xyz/mcpExample config:
{
"mcpServers": {
"zenithpay": {
"url": "https://api.usezenithpay.xyz/mcp",
"env": {
"AGENT_ADDRESS": "0xcadf...1a9",
"ZENITHPAY_API_KEY": "your_api_key_here"
}
}
}
}Agent skill bootstrap
Skill URL:
https://api.usezenithpay.xyz/skill.mdThe skill performs one-session onboarding and prepares persistent MCP usage.
Human approvals (REST-only)
Approval actions are intentionally restricted to human-operated REST calls:
GET /approvalsPOST /approvals/:id/approvePOST /approvals/:id/deny
Agents cannot self-approve pending payments.