Admin Operations
Propose destructive admin action
Returns dry-run details and a short-lived confirmation token. Call confirm with a reason to execute.
POST
Authorizations
User JWT access token issued by POST /api/auth/verify or POST /api/auth/social/verify. Routes that accept both auth modes declare api-key and bearer-jwt security schemes.
Headers
HMAC-SHA256 signature: HMAC-SHA256(secretKey, timestamp + METHOD + path + body). Optional -- when omitted, HMAC verification is skipped.
Request timestamp in epoch milliseconds. Required when x-signature is provided. Rejected if drift exceeds 5 minutes.
Path Parameters
Available options:
suspend_user, unsuspend_user, force_close_strategies, freeze_wallet, unfreeze_wallet, issue_refund, pause_all_trades Body
application/json