xAdmin API Reference
Complete API endpoint documentation for xAdmin authentication and billing service.
POST /v1/verify
Verify token validity, check expiration and balance, and automatically deduct quota.
Request
Headers
| Header | Type | Required | Description |
|---|---|---|---|
Authorization | String | ✅ | Bearer token in format Bearer <Token> |
Content-Type | String | ✅ | Must be application/json |
Body Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
count | Integer | ❌ | 1 | Consumption multiplier |
Query Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
dry_run | Boolean | ❌ | false | If true, only validate without deducting quota |
Request Example
bash
curl -X POST "https://api.xadmin.com/v1/verify" \
-H "Authorization: Bearer your-token-here" \
-H "Content-Type: application/json" \
-d '{"count": 1}'Response
Success Response (200 OK)
json
{
"status": "ok",
"remaining": "check-admin",
"balance": 997768,
"expires_at": 1735516800000
}| Field | Type | Description |
|---|---|---|
status | String | ok indicates verification passed |
balance | Integer | Remaining available balance (points) |
expires_at | Integer | null | Expiration timestamp in milliseconds, null means never expires |
Error Responses
| HTTP Status | Error Code | Description |
|---|---|---|
| 401 | Missing Token | Authorization header not provided |
| 403 | Invalid Token | Token format is incorrect or token does not exist |
| 403 | Token Expired | Token has passed its expiration date |
| 403 | Quota Exceeded or Banned | Balance depleted or account is banned |
Error Response Example
json
{
"error": "Invalid Token",
"message": "The provided token does not exist or has been revoked"
}Response Codes Summary
| Status Code | Meaning | Action Required |
|---|---|---|
200 | Verification successful | Proceed with business logic |
401 | Authentication missing | Prompt user to provide token |
403 | Access denied | Block request, show error to user |
500 | Server error | Retry or fail gracefully |
Rate Limiting
xAdmin does not impose hard rate limits for authenticated requests. However, best practices recommend:
- Implement client-side request throttling
- Cache verification results for identical requests (with caution)
- Monitor your usage through the xAdmin dashboard
Idempotency
The /v1/verify endpoint is not idempotent by default—each call deducts quota. Use dry_run=true for validation-only checks that don't affect balance.