Quick-lookup tables for the constants you'll reference most. For the
full operation-by-operation spec, see the live OpenAPI reference
— every endpoint with full type info and code samples.
Public API surface — what to call, what to avoid
A consumer app talks to this allow-list of public surfaces:
| Public surface | For |
|---|
POST auth.yieldfabric.com/auth/** (REST) | Sign-in (/auth/login, /auth/signature/signin, /auth/api-key, /auth/<provider>/exchange), token refresh, /protected/jwt lookup, /auth/users/me, API-key issuance. |
GET pay.yieldfabric.com/api/users/{user_id}/messages/{message_id} (REST) | Message status polling for on-chain operations. Status flips from Pending / Validating / Executing to Completed / Failed / ManualSignature when executed is non-null. |
POST api.yieldfabric.com/graphql (GraphQL gateway) | All public GraphQL reads and mutations — entity lookups, walletFlow.activity, joined wallet / contract / payment listings, deal-flow reads, instant, deposit, withdraw, obligations, swaps, and composed payment operations. Same JWT. |
agents.yieldfabric.com (REST/SSE) | Working groups, threads, documents, pipelines, workflow streams, and agent conversation state when your app uses the AI collaboration surface. |
Public surface
POST auth.yieldfabric.com/auth/** (REST)
For
Sign-in (/auth/login, /auth/signature/signin, /auth/api-key, /auth/<provider>/exchange), token refresh, /protected/jwt lookup, /auth/users/me, API-key issuance.
Public surface
GET pay.yieldfabric.com/api/users/{user_id}/messages/{message_id} (REST)
For
Message status polling for on-chain operations. Status flips from Pending / Validating / Executing to Completed / Failed / ManualSignature when executed is non-null.
Public surface
POST api.yieldfabric.com/graphql (GraphQL gateway)
For
All public GraphQL reads and mutations — entity lookups, walletFlow.activity, joined wallet / contract / payment listings, deal-flow reads, instant, deposit, withdraw, obligations, swaps, and composed payment operations. Same JWT.
Public surface
agents.yieldfabric.com (REST/SSE)
For
Working groups, threads, documents, pipelines, workflow streams, and agent conversation state when your app uses the AI collaboration surface.
Don't call these from app code:
| Internal surface | Why |
|---|
POST pay.yieldfabric.com/api/mq/submit | Internal service-to-service write path. Bypasses GraphQL resolver input normalisation, idempotency, and entity resolution. Requires a vault-equipped caller — consumer JWTs get 403 Insufficient permissions: CryptoOperations. Use the corresponding GraphQL gateway mutation instead. |
GET pay.yieldfabric.com/api/chain/** | Internal helper for resolving on-chain constants. The GraphQL resolvers already do this for you. |
POST agents.yieldfabric.com/api/mcp/** | LLM tool-call surface, not data flow. |
Internal surface
POST pay.yieldfabric.com/api/mq/submit
Why
Internal service-to-service write path. Bypasses GraphQL resolver input normalisation, idempotency, and entity resolution. Requires a vault-equipped caller — consumer JWTs get 403 Insufficient permissions: CryptoOperations. Use the corresponding GraphQL gateway mutation instead.
Internal surface
GET pay.yieldfabric.com/api/chain/**
Why
Internal helper for resolving on-chain constants. The GraphQL resolvers already do this for you.
Internal surface
POST agents.yieldfabric.com/api/mcp/**
Why
LLM tool-call surface, not data flow.
Full rationale: Building with YieldFabric.
Base URLs
Substitute your deployment's URLs if different.
| Service | Default |
|---|
| Auth | https://auth.yieldfabric.com |
| Payments | https://pay.yieldfabric.com |
| Gateway (GraphQL) | https://api.yieldfabric.com |
| Agents | https://agents.yieldfabric.com |
Default
https://auth.yieldfabric.com
Default
https://pay.yieldfabric.com
Default
https://api.yieldfabric.com
Default
https://agents.yieldfabric.com
Asset IDs
| Asset ID | Description |
|---|
aud-token-asset | Australian Dollars (example asset) |
usd-token-asset | US Dollars (example asset) |
Description
Australian Dollars (example asset)
Description
US Dollars (example asset)
The IDs above are illustrative — the assets actually deployed are
specific to each environment. Use the federated asset queries or
deployment-provided config to enumerate what's available.
Chain IDs
| Chain ID | Network |
|---|
151 | Redbelly Mainnet (Governors) |
153 | Redbelly Testnet (Governors) |
Network
Redbelly Mainnet (Governors)
Network
Redbelly Testnet (Governors)
Don't hard-code chain addresses in browser code. Most mutations resolve
chain constants server-side; if your backend truly needs deployment
constants, load them from approved deployment config.
Error shapes
| Surface | Wire shape | How to route |
|---|
Auth REST (auth.yieldfabric.com) | Flat { "error": "<string>" } + HTTP status | Switch on HTTP status. The error string is human-readable and may change between releases. |
GraphQL gateway (api.yieldfabric.com/graphql) | Usually HTTP 200 + errors[].extensions.code in envelope | Switch on extensions.code, not message. |
Agents REST (agents.yieldfabric.com) | Same as auth (flat) | Same as auth. |
Surface
Auth REST (auth.yieldfabric.com)
Wire shape
Flat { "error": "<string>" } + HTTP status
How to route
Switch on HTTP status. The error string is human-readable and may change between releases.
Surface
GraphQL gateway (api.yieldfabric.com/graphql)
Wire shape
Usually HTTP 200 + errors[].extensions.code in envelope
How to route
Switch on extensions.code, not message.
Surface
Agents REST (agents.yieldfabric.com)
Wire shape
Same as auth (flat)
How to route
Same as auth.
Common HTTP status codes
| Status | When you see it |
|---|
| 200 / 201 / 204 | Success. |
| 400 | Validation failed, idempotency conflict, business-rule violation. Check the response body for the specific code. |
| 401 | Missing / expired / wrong-audience JWT. Refresh or re-login. |
| 403 | JWT valid but role / scope lacks the permission. The classic is Insufficient permissions: CryptoOperations on vault-touching ops. |
| 404 | Resource doesn't exist — or is visibility-scoped to a group you're not a member of. |
| 422 | Validation error (input parameters). |
| 429 | Rate-limited (login failures only at the moment; response delayed but still 401). |
| 5xx | Server-side; safe to retry with the same idempotencyKey. |
When you see it
Validation failed, idempotency conflict, business-rule violation. Check the response body for the specific code.
When you see it
Missing / expired / wrong-audience JWT. Refresh or re-login.
When you see it
JWT valid but role / scope lacks the permission. The classic is Insufficient permissions: CryptoOperations on vault-touching ops.
When you see it
Resource doesn't exist — or is visibility-scoped to a group you're not a member of.
When you see it
Validation error (input parameters).
When you see it
Rate-limited (login failures only at the moment; response delayed but still 401).
When you see it
Server-side; safe to retry with the same idempotencyKey.
GraphQL error codes you'll see most
| Code | Meaning |
|---|
INSUFFICIENT_BALANCE | The account doesn't have enough to fund the operation. |
IDEMPOTENCY_CONFLICT | Same key used with a different request body. |
CONTRACT_STATE_INVALID | Contract not in the right state for this transition. |
SWAP_STATE_INVALID | Swap not in the right state for this transition. |
DEAL_STATE_INVALID | Deal not in the right state for this transition. |
COUNTERPART_NOT_FOUND | The destination party isn't resolvable. |
FORBIDDEN | Caller lacks permission. |
Meaning
The account doesn't have enough to fund the operation.
Meaning
Same key used with a different request body.
Code
CONTRACT_STATE_INVALID
Meaning
Contract not in the right state for this transition.
Meaning
Swap not in the right state for this transition.
Meaning
Deal not in the right state for this transition.
Code
COUNTERPART_NOT_FOUND
Meaning
The destination party isn't resolvable.
Meaning
Caller lacks permission.
Message status (on-chain operations)
Long-running on-chain operations (deposit, send, swap, mint
obligation) submit a message, return a messageId, then execute
asynchronously. Poll GET /api/users/{user_id}/messages/{message_id}
on the payments service (not the gateway):
| Status | Meaning |
|---|
Pending | In queue, not yet picked up by the validator. |
Validating | Validator is checking balances, building unsigned tx. |
ManualSignature | Waiting for the user to sign from their wallet UI. |
Executing | Signed; on-chain submission in flight. |
Completed | On-chain receipt landed. executed is non-null. |
Failed | Did not settle; check response.error. |
Meaning
In queue, not yet picked up by the validator.
Meaning
Validator is checking balances, building unsigned tx.
Meaning
Waiting for the user to sign from their wallet UI.
Meaning
Signed; on-chain submission in flight.
Meaning
On-chain receipt landed. executed is non-null.
Meaning
Did not settle; check response.error.
Terminal when executed is non-null. Poll at 2-second intervals,
cap at 300s, then surface failure to the user.
Status enums
Payment status
| Status | Meaning |
|---|
PENDING | Submitted, not yet on-chain. |
PROCESSING | On-chain execution in progress. |
COMPLETED | Settled on-chain. |
FAILED | Did not settle; check the message for the reason. |
Meaning
Submitted, not yet on-chain.
Meaning
On-chain execution in progress.
Meaning
Did not settle; check the message for the reason.
Contract status
| Status | Meaning |
|---|
PENDING | Created but not yet accepted by the counterparty. |
ACTIVE | Accepted and in force. |
COMPLETED | All payments settled. (For self-counterpart pure-agreement obligations, this is set in one message via the auto-accept fast path.) |
CANCELLED | Terminated before completion. |
Meaning
Created but not yet accepted by the counterparty.
Meaning
Accepted and in force.
Meaning
All payments settled. (For self-counterpart pure-agreement obligations, this is set in one message via the auto-accept fast path.)
Meaning
Terminated before completion.
Swap status
| Status | Meaning |
|---|
PENDING | createSwap landed; awaiting completeSwap. |
ACTIVE | completeSwap settled; repurchase window open (if any). |
COMPLETED | One-shot exchange finished. |
REPURCHASED | repurchaseSwap settled; collateral returned. |
CANCELLED | cancelSwap landed before completion. |
EXPIRED | Expiry passed but expireCollateral not yet called. |
FORFEITED | expireCollateral settled; collateral transferred. |
Meaning
createSwap landed; awaiting completeSwap.
Meaning
completeSwap settled; repurchase window open (if any).
Meaning
One-shot exchange finished.
Meaning
repurchaseSwap settled; collateral returned.
Meaning
cancelSwap landed before completion.
Meaning
Expiry passed but expireCollateral not yet called.
Meaning
expireCollateral settled; collateral transferred.
Deal status
See the DMS guide for the full state
machine. Briefly: Draft → Proposed → Accepted → Active → Completed with
CounterOffered / Rejected / Cancelled / Defaulted /
FailedAfterPartialExecution detours.
Amounts — integer strings, no decimals.
| ✓ | ✗ |
|---|
"100" | 100 (must be a string) |
"100" | "100.00" (no decimal points) |
✗
"100.00" (no decimal points)
Timestamps — ISO 8601.
| ✓ | Notes |
|---|
"2026-11-01T00:00:00+00:00" | Full RFC 3339 |
"2026-11-01" | Date-only is also accepted |
✓
"2026-11-01T00:00:00+00:00"
Notes
Date-only is also accepted
Wallet IDs — UUIDv4 (canonical). Resolve from
/protected/jwt (default_wallet_id claim) or
entitiesByName queries on the federation gateway.
Idempotency keys — omit the field or pass a fresh UUIDv4 for each submission.
- Same key + same body = same response (no double-execution).
- Same key + different body =
400 IDEMPOTENCY_CONFLICT.
- Generate as a fresh UUIDv4 per submission when you provide one. Never deterministic
(
sha256(user || action) is the classic foot-gun — a retry after
a stuck message returns the stuck messageId again without
re-enqueueing).
Quick links