Connectivity
This is the single reference for where to connect to Senticore. For how to authenticate and sign requests, see Authentication; this page does not restate credentials or signing.
Connection model
Senticore exposes one host per environment, path-routed. All HTTP, WebSocket, and (where provisioned) FIX surfaces live behind that single host and are differentiated by URL path or port — not by separate hostnames per surface.
- REST under
{host}/api/v1/... - WebSocket under
wss://{host}/api/v1/ws/... - FIX at
{host}:9878over TLS (provisioned per session; see the FIX note below)
There is no testnet host. Public mainnet endpoints are reachable today only by whitelisted private-beta accounts.
| Environment | Host |
|---|---|
| mainnet | https://api.sentico-labs.xyz |
| local / dev | http://localhost:8080 |
TLS: mainnet is HTTPS/WSS only; FIX runs over TLS (server TLS enforced in guarded environments, mutual TLS available when a client CA bundle is provisioned). The local/dev host is plain HTTP/WS for development.
Endpoints
Every surface for both environments. {host} is the host from the table above.
| Surface | mainnet | local / dev |
|---|---|---|
| REST base | https://api.sentico-labs.xyz/api/v1 | http://localhost:8080/api/v1 |
| Public WebSocket | wss://api.sentico-labs.xyz/api/v1/ws/public | ws://localhost:8080/api/v1/ws/public |
| Private WebSocket | wss://api.sentico-labs.xyz/api/v1/ws/private/{account} | ws://localhost:8080/api/v1/ws/private/{account} |
| Order Entry — JSON batch | https://api.sentico-labs.xyz/api/v1/order-entry/orders | http://localhost:8080/api/v1/order-entry/orders |
| Order Entry — compact/binary batch | https://api.sentico-labs.xyz/api/v1/order-entry/orders/compact | http://localhost:8080/api/v1/order-entry/orders/compact |
| FIX (TCP/TLS, FIX 4.4) | api.sentico-labs.xyz:9878 (provisioned) | localhost:9878 (when enabled) |
The private WebSocket requires a short-lived token obtained from a single signed
REST call to POST /api/v1/ws/token; the token is sent in the socket auth
frame. See Authentication.
FIX endpoint caveat
FIX is a separate TCP/TLS listener, not an HTTPS route. Cloudflare HTTPS routing
does not proxy raw FIX/TCP unless a dedicated TCP proxy (e.g. Cloudflare Spectrum
or a direct listener) is configured, so do not assume the HTTPS host can be
reused as a FIX endpoint. Live ops commonly exposes port 9878 when FIX is
enabled, but the host, port, TLS mode, CompIDs, account, and credential bundle
are delivered as one provisioned onboarding bundle. See
FIX Gateway Overview.
Rate-limit tiers
Limits are enforced per surface. The table below is the per-surface tier summary; see Rate Limits for WebSocket/FIX subject limits, response headers, and burst behavior.
| Surface tier | Anonymous | Retail | Pro | Institutional |
|---|---|---|---|---|
| Public-read (market data) | 60 req/min | 600 req/min | 6,000 req/min | Custom |
| Trading-write (actions) | n/a | 100 req/min | 1,000 req/min | Custom |
| Order-entry-write (batches) | n/a | per builder/agent policy | per builder/agent policy | Custom / provisioned |
Order-entry throughput is governed by API-agent policy and builder plan rather
than a single flat number (Builder Basic maps to ~600/min, Builder Pro to
~3,000/min while active). Read the live limits before starting a quote engine:
GET /api/v1/order-entry/limits. Rate-limit responses carry X-RateLimit-*
headers and return HTTP 429 with Retry-After on overflow.
How the SDK targets an environment
The SDK selects the environment from a single enum; it derives every URL and port in the tables above from that one value. One credential triple is reused across REST, WebSocket, and FIX — access is differentiated by scopes, not by separate credentials.
import { SenticoreClient } from "@sentico-labs/sdk";
const client = new SenticoreClient({
environment: "mainnet", // or "local"
credential: {
apiKey: process.env.SENTICORE_API_KEY!, // spk_...
apiSecret: process.env.SENTICORE_API_SECRET!, // sps_...
apiPassphrase: process.env.SENTICORE_API_PASSPHRASE!, // spp_...
},
// baseUrl is optional and overrides the environment host (e.g. a staging edge).
});
// Namespaces: .public (no auth), .trading, .orderEntry, .ws
const markets = await client.public.listMarkets();
Public market data and account reads keyed by address need no credential and are
available via the .public namespace.
Legacy route names
Professional/institutional order entry is canonically Order Entry. The names MM, BSL, and binary are legacy aliases only. Currently-live aliases that still resolve to the canonical Order Entry routes:
POST /api/v1/bsl/orders/compactPOST /api/v1/bsl/orders/batchPOST /api/v1/mm/orders/batch.binPOST /api/order-entry/binary
New integrations should use the canonical /api/v1/order-entry/... paths.
Next
- Order Entry Lanes — choose JSON, compact/binary, or FIX
- Authentication — credentials, scopes, and signing
- Rate Limits — full per-subject limits and headers
- HTTP API Reference — every endpoint