Quickstart
Create a key, get a token, place an order and receive the webhook — end to end
This is the fastest path from zero to a fulfilled order. You’ll create an API key, exchange it for an access token, place an order, and receive the terminal result on your webhook. Every request goes to the single base URL:
Base URL — https://api.voodoo.center (HTTPS only). Auth endpoints live
under the same host at /api/v1/auth.
Prerequisites
- A Voodoo Center account with a funded balance.
- Access to the dashboard API page (to create a key and set your webhook).
- An item to buy — you get its
item_id, product type, quantity bounds and input fields from the catalog export (see Placing orders).
Create an API key
In the dashboard, open the API page and create a key. The raw key
(format ak_...) is shown once, at creation — copy it immediately and
store it as a secret. You can revoke and re-create keys here at any time.
Set your webhook (recommended)
On the same API page, set your Webhook URL (publicly reachable over
HTTPS) and copy the signing secret (whsec_..., also shown once). This
is where terminal order results are pushed. You can skip this and poll
instead, but the webhook is the lower-latency path.
Exchange the key for an access token
Trade your ak_ key for a short-lived Bearer token (valid 2 hours):
Send access_token as Authorization: Bearer <access_token> on every
other request. Re-exchange the key when the token expires.
Place your first order
Buy a key item. POST /api/v1/orders charges your balance and returns 201
immediately with status: "pending" — fulfillment runs in the background.
Always send a unique merchant_order_id — it makes retries idempotent.
Receive the result on your webhook
When the order settles, Voodoo Center POSTs a signed event to your webhook
URL. Verify the X-Webhook-Signature against the raw body, then read the
terminal status, delivered codes and any refund_amount:
Prefer not to run a webhook yet? Poll
GET /api/v1/orders/{id} until status is terminal instead.
Try it without leaving the docs
The API Reference tab has a live API Explorer for every
endpoint. It’s wired to obtain the access token for you — enter only your
ak_ API key once, run any endpoint, and the Explorer fetches a fresh Bearer
token behind the scenes and attaches it automatically. You never paste a JWT.