Integration Checklist
Business API — production readiness
- Issue a key with the right permissions
- Generate a fresh nonce for every request
- Generate the timestamp immediately before sending
- Keep the exact JSON body stable between signing and sending
- Send
Idempotency-Keyon every mutation - Store webhook signing secrets safely
x402 API — production readiness
- Build a clean
402retry path aroundPAYMENT-REQUIREDandPAYMENT-SIGNATURE - Keep request query/body and any idempotency token stable between challenge and replay
- Treat the live x402 challenge as the source of truth for pricing and payment requirements
- Use
SIGN-IN-WITH-Xonly for wallet-bound GET reads - Keep
X-Onchain-Execution-Access-Tokenfor onchain execution status reads - Parse and log
PAYMENT-RESPONSE
Bottom line
MindSwap exposes one external architecture through two very different edges:https://mindswap.fun/api/v3 is a classic signed partner API and https://mindswap.fun/api/x402 is the paid x402 edge with SIWX wallet-bound reads. Same quote vocabulary, same normalized order model, same core routing — different trust and billing models at the edge.