Skip to main content
Once your Specter instance is provisioned (see Plans & Access), you reach the API at your dedicated instance URL, where {instance} is your unique instance slug and eu1 is the current environment: 
https://{instance}.eu1.on-hellgate.cloud

Authentication

Every API request must carry an OAuth2 access token — a signed JSON Web Token (JWT) — in the Authorization header: 
Authorization: Bearer <access_token>
You request the token with the client-credentials grant — see Authentication for the token endpoint, audiences, and scopes. Your instance’s audience is its instance name (for example, my-lovely-specter-42).

Scopes

Each endpoint requires a specific scope. Request only the scopes a given integration needs through the scope parameter when you request a token.
ScopeGrants
decisions:createPOST /api/decisions
decisions:readGET /api/decisions/{id}
decisions:writePOST /api/decisions/{id}/resolve
events:createPOST /api/events
events:readGET /api/events/{id}
interceptors:executePOST /api/interceptors/{ref}
admin:rulesets:readGET /api/admin/rulesets
GET /api/admin/rulesets/{id}
admin:rulesets:createPOST /api/admin/rulesets
admin:rulesets:writePATCH /api/admin/rulesets/{id}
POST /api/admin/rulesets/{id}/activate
POST /api/admin/rulesets/{id}/rollback
admin:interceptors:readGET /api/admin/interceptors
GET /api/admin/interceptors/{id}
admin:interceptors:writePOST /api/admin/interceptors
PATCH /api/admin/interceptors/{id}
POST /api/admin/interceptors/{id}/activate
POST /api/admin/interceptors/{id}/rollback
DELETE /api/admin/interceptors/{id}
admin:blacklist:readGET /api/admin/blacklist
GET /api/admin/blacklist/{id}
admin:blacklist:writePOST /api/admin/blacklist
DELETE /api/admin/blacklist/{id}
Runtime scopes (decisions:*, events:*, interceptors:execute) belong to your payment integration. The admin:* scopes are for configuration and operations, and should be issued to operator or back-office clients only.

Next steps

API

Send your first decision request.