Vlexivo Documentation

HTTP 402 micropayments for any API, article, or AI application. Choose your path:

⚡ API Developer Quickstart

Monetize your API in 5 minutes. Install the SDK, add middleware, set price.

✍️ Content Publisher Quickstart

Paywall your blog or newsletter in 5 minutes. One <script> tag setup.

🏢 Creator Platform Guide

Pay-per-DM, tips, sessions. Non-custodial. Censorship-resistant.

🤖 AI Agent Guide

Headless billing for AI pipelines. API key auth, Python SDK, no browser needed.

⚡ API Developer Quickstart

Monetize your API in under 5 minutes. No billing system to build.

What you'll have at the end

A Node.js or Python API endpoint that returns 402 Payment Required to unpaid requests, accepts micropayments, and forwards authorized requests — with zero custom billing code.

Get your API key

Register at vlexivo.online/register. You'll get a key like vlx_live_abc123.... Save it as an environment variable:
```
export VLEXIVO_API_KEY=vlx_live_abc123...
```

Install the SDK

npm install @vlexivo/sdk

pip install vlexivo

Add the middleware

const express = require('express');
const { Vlexivo } = require('@vlexivo/sdk');

const app = express();
const mp = new Vlexivo({ apiKey: process.env.VLEXIVO_API_KEY });

// Protect any route — $0.01 per call
app.use('/api/data', mp.protect({ price: '0.01' }));

app.get('/api/data', (req, res) => {
  res.json({ result: 'your data here' });
});

app.listen(3000);

from fastapi import FastAPI, Request
from vlexivo.fastapi import require_payment
import os

app = FastAPI()

@app.get("/api/data")
@require_payment(
    api_key=os.environ["VLEXIVO_API_KEY"],
    price={"amount": "0.01", "currency": "USDC"},
    resource_id="/api/data",
)
async def get_data(request: Request):
    return {"result": "your data here"}

Test it

# Unpaid request → 402 Payment Required
curl http://localhost:3000/api/data
# { "challenge_nonce": "...", "payment_address": "0x...", "amount": "0.01" }

# Paid request (with valid entitlement token)
curl http://localhost:3000/api/data \
  -H "X-Entitlement: eyJ..."
# { "result": "your data here" }

Next steps

See the full JS SDK reference for per-resource pricing, callbacks, TypeScript types, and more.

✍️ Content Publisher Quickstart

Paywall any article, blog post, or newsletter in 5 minutes.

How it works

Add a single <script> tag to your page. Vlexivo automatically detects paywalled content, shows a payment modal, and reveals the content after the reader pays — without a page reload.

Get your publisher key

Register at vlexivo.online/register. Your key will look like vlx_live_....

Wrap your content

Wrap the premium portion of your article in a data-vlexivo div:

<!-- Free preview —show this to everyone -->
<p>This is the free part of your article...</p>

<!-- Paid content — hidden until payment -->
<div data-vlexivo
     data-price="0.05"
     data-resource-id="/posts/my-article">
  <p>This is the premium content revealed after payment.</p>
  <p>Can be as long as you like.</p>
</div>

Add the script tag

<script
  src="https://vlexivo.online/sdk/vlexivo.js"
  data-key="vlx_live_YOUR_KEY_HERE"
  data-auto-paywall="true">
</script>

That's it. Vlexivo finds all data-vlexivo elements and gates them automatically.

Preview the experience

Open your article in a browser. You'll see a blurred paywall overlay with a "Unlock for $0.05" button. Click it — the payment modal appears. After payment, the content is revealed instantly.

Try the live demo to see it in action.

WordPress / Ghost Integration

<!-- Add to your theme's footer (before </body>) -->
<script
  src="https://vlexivo.online/sdk/vlexivo.js"
  data-key="vlx_live_YOUR_KEY_HERE"
  data-auto-paywall="true">
</script>

Then wrap premium content in your posts with the data-vlexivo HTML block. Works with any CMS that lets you add custom HTML.

Revenue split

You keep 85% of every payment on the free tier, 92% on Pro. Payments settle to your account daily.

🏢 Creator Platform Guide

Add direct creator payments to your platform. Pay-per-DM, timed sessions, tips — non-custodial settlement. Your payment processor can cut you off. Vlexivo can't.

What you get

A censorship-resistant payment layer for creator platforms. Creators receive payments directly — you never custody funds. Works alongside or instead of your existing payment processor.

Payment Flow

Your platform generates 402 challenges when fans initiate paid actions. The Vlexivo widget renders payment UI — no install required for fans or creators.

1. Fan → Initiates paid action (DM, session request, tip)

2. Your platform → POST /v1/challenge with scope + creator_id

3. Your platform → Returns 402 + challenge to fan's browser

4. Vlexivo widget → Renders payment UI inline (zero install)

5. Fan pays → POST /v1/unlock → entitlement token issued

6. Creator receives → Direct non-custodial settlement

Generate a Challenge (Server-side)

# Generate a per-message challenge
curl -X POST https://vlexivo.online/v1/challenge \
  -H "Authorization: Bearer vlx_sec_YOUR_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "scope": "per-message",
    "amount": "1.00",
    "creator_id": "creator_abc",
    "tip_enabled": true
  }'

# Response
{
  "challenge_nonce": "a1b2c3d4-e5f6-...",
  "payment_address": "0xCreatorWallet...",
  "amount": "1.00",
  "currency": "USDC",
  "expires_at": "2026-04-01T14:35:00.000Z"
}

Supported Scope Types for Creator Platforms

Scope	Price Range	Use Case
per-message	$0.50–$5.00	Pay per DM to creator
per-session	$1.00–$25.00	Time-gated chat session (15min–1hr)
per-conversation	$1.00–$5.00	Thread access for 24 hours
tip	$0.25–$100+	Fan donation — no entitlement required
per-creator	$0.50–$5.00	All content by one creator for 24 hours

Creator Platform API Reference

Endpoint	Description
POST /v1/challenge	Generate a payment challenge for a fan action
POST /v1/unlock	Fan submits payment proof, gets entitlement token
POST /api/tip/:creatorId	Accept a fan tip (no entitlement needed)
GET /api/creators/:id/analytics	Creator earnings and fan analytics
GET /api/account/payouts	Platform consolidated payout history

Ready to integrate?

Email hello@vlexivo.dev to get a platform secret key and discuss volume pricing.

🤖 AI Agent Guide

Add pay-per-call billing to your AI agent or wrapper app. Headless — no browser, no OAuth, no subscription management.

Use case

Your AI agent calls a paid API endpoint (weather data, research tools, compute). Instead of pre-paying for a subscription your agent may not fully use, it pays exactly what it consumes — per call, per token, or per session.

How AI Agent Billing Works

1. Agent → GET /api/research?topic=X (no token)

2. API → 402 + challenge_nonce + payment_address + amount

3. Agent → POST /v1/unlock with agent_wallet_key + tx_hash

4. Vlexivo → Verifies payment, returns entitlement token (JWT)

5. Agent → Retries GET /api/research with X-Entitlement: JWT

6. API → 200 OK + data ✅

Python SDK — Headless Agent Client

import os
from vlexivo import AgentClient

# Your agent's wallet key (stored securely in env vars)
client = AgentClient(
    api_key=os.environ["AGENT_WALLET_KEY"],
    auto_fund=True,   # automatically top up wallet from balance
)

# Works like requests — auto-handles 402 flows transparently
response = client.get("https://api.example.com/research", params={"q": "AI trends"})
data = response.json()

# Multi-step agent workflow
with client.session() as session:
    step1 = session.get("https://api.example.com/data/step1")
    step2 = session.post("https://api.example.com/process", json=step1.json())
    # Each step pays only if needed; entitlements are cached for the session

JavaScript / Node.js Agent Client

const { AgentClient } = require('@vlexivo/sdk');

const client = new AgentClient({
  walletKey: process.env.AGENT_WALLET_KEY,
  autoFund: true,
});

// Auto-handles 402 — agent pays and retries transparently
const data = await client.fetch('https://api.example.com/research?q=AI+trends');
const json = await data.json();

// LangChain tool integration
const vlexivoTool = {
  name: 'paid_research_api',
  description: 'Query the research API. Costs $0.01 per call.',
  func: async (query) => {
    const res = await client.fetch(`https://api.example.com/research?q=${query}`);
    return await res.text();
  },
};

Funding Your Agent's Wallet

from vlexivo import AgentClient

client = AgentClient(api_key=os.environ["AGENT_WALLET_KEY"])

# Check balance
balance = await client.get_balance()
print(f"Balance: ${balance.usdc} USDC")

# Fund via API (requires pre-authorized on-ramp)
await client.fund(amount="10.00", currency="USDC")

# Set spending limit per session
client.set_spending_limit("1.00")   # max $1.00 per agent run

Environment Variables for Agents

Variable	Description
AGENT_WALLET_KEY	Your agent's Vlexivo API key (keep secret)
VLEXIVO_SPENDING_LIMIT	Optional max spend per agent run (e.g. "5.00")
VLEXIVO_AUTO_FUND	Auto top-up wallet from reserve (true/false)

LangChain / AutoGen integration

The AgentClient drop-in replaces requests and httpx in Python and fetch in Node. Any tool that makes HTTP calls works without modification.

Architecture Overview

Vlexivo is a three-layer system: the protocol layer (HTTP 402), the verification layer (on-chain), and the entitlement layer (JWT).

Layer 1 HTTP 402 Protocol — Challenge/response over standard HTTP headers

Layer 2 On-Chain Verification — USDC/ETH/Solana payment confirmed on-chain (or DEMO_MODE stub)

Layer 3 JWT Entitlement — Short-lived signed token, validated by your SDK

Settlement

Publisher balances accumulate in real-time. Settlement to your external wallet is available on-demand (manual) or automatically on a daily schedule (Pro/Enterprise). No minimum payout threshold.

Wallet Architecture

Consumers use a hosted wallet provisioned by Vlexivo — no MetaMask required. The wallet is a server-side ETH keypair encrypted with AES-256-GCM. Consumers top up via Stripe (card → USDC) and pay from balance. Full self-custody is also supported for power users.

Modes

Mode	Verification	Use case
DEMO_MODE	Stub verifier (instant)	Development, demos, testing
PROD_MODE	Real on-chain (EVM + Solana)	Live production with real payments

FAQ

Do users need a crypto wallet?

No. Users interact with a hosted wallet provisioned by Vlexivo. They top up with a credit card via Stripe and pay from their USDC balance. No MetaMask, no seed phrases, no crypto knowledge required. Power users can optionally use their own external wallet.

What currencies are supported?

USDC (Ethereum mainnet + Base L2), native ETH, USDT, and DAI. USDC on Base is recommended — low fees, instant finality, stable price. Solana support (USDC/SOL) is available in production mode.

Is there a minimum payment amount?

The minimum is $0.0001 (0.0001 USDC). There's no maximum. You set whatever price makes sense for your content.

How do payouts work?

Revenue accumulates in your publisher balance. On Free, you request manual payouts (no minimum). On Pro, payouts run daily automatically. Funds arrive as USDC to your registered wallet address.

What happens if payment fails?

The consumer sees an error in the payment modal. No charge is made. The 402 flow is stateless — they can retry immediately.

Is replay protection built in?

Yes. Each challenge nonce is single-use, expires after 5 minutes, and is stored in a server-side nonce registry. Reusing a nonce returns a 409 Conflict. See Replay Protection for details.

Can I use Vlexivo alongside Stripe or Patreon?

Yes. Vlexivo is additive — it doesn't replace your existing billing. Many publishers use Stripe for subscriptions and Vlexivo for one-time article unlocks or API calls from non-subscribers.

Is the source code available?

The JS and Python SDKs are open-source on GitHub. The server protocol engine is proprietary.

Overview

HTTP 402 micropayments for any API, article, or AI application. Add a paywall in 3 lines. No crypto knowledge required.

🚀 5-minute setup

Install the SDK, add one middleware line, add the browser SDK. Done.

⚡ Fractions of a cent

Charge $0.001 per API call, $0.50 per article, $0.01 per message.

🔒 Zero crypto UX

Consumers use the hosted wallet. No MetaMask, no seed phrases.

🌐 Any framework

Express, FastAPI, Django, Flask — or raw cURL for any language.

Try it live

See Vlexivo in action with real API calls at vlexivo.online/demo.

How It Works

Vlexivo implements the HTTP 402 ("Payment Required") status code — the forgotten standard for web payments.

01. Consumer → GET /api/premium/data (no token)

02. Your middleware → POST /v1/challenge to Vlexivo API

03. Vlexivo → Returns challenge_nonce + payment_address

04. Your server → 402 response with challenge body

05. Vlexivo.js → Intercepts 402, shows payment modal

06. Consumer → Pays via hosted wallet or MetaMask

07. Vlexivo.js → POST /v1/unlock with tx_hash + nonce

08. Vlexivo → Verifies on-chain, issues JWT entitlement

09. Vlexivo.js → Retries request with X-Entitlement: JWT

10. Your middleware → Validates JWT, calls next() ✅

Problems We Solve

The internet's payment infrastructure is broken in six fundamental ways. Vlexivo fixes each one at the protocol level.

1

Privacy Violation

What's broken today

Every online payment leaks personally identifiable information — name, email, card number, billing address — directly to the merchant. Consumers have no control over what data is shared or how it is stored. Data breaches at merchants expose millions of payment records every year, and even compliant merchants retain PII indefinitely for chargeback purposes.

How Vlexivo solves it

Vlexivo uses non-custodial wallets with signed JWTs. Zero PII reaches the merchant. When a consumer pays, the merchant receives a wallet ID and a proof-of-payment token (JWT) — nothing else. No name, no email, no card number, no address. The consumer's identity is decoupled from the transaction at the protocol level, not as an afterthought.

SDK / Integration

The POST /v1/challenge endpoint returns a challenge_nonce and payment_address without requiring any consumer PII. After payment, POST /v1/unlock issues a JWT entitlement token that your middleware validates via POST /entitlements/validate — the entire flow is identity-free. The JavaScript SDK and Python SDK handle this automatically through mp.protect() middleware.

2

Micropayment Gap

What's broken today

Traditional payment processors charge a fixed fee of $0.30 plus 2.9% per transaction. This makes any payment under roughly $10 uneconomical — a $0.10 article purchase loses 80% to processing fees. The result: the entire internet is locked into subscription bundles or ad-supported models because there is no viable way to charge small amounts for individual pieces of content or API calls.

How Vlexivo solves it

Vlexivo uses an off-chain ledger with batch settlement. Individual payments — even $0.001 API calls — are aggregated on Vlexivo's internal ledger before hitting the blockchain. Settlement to your wallet happens in batches, amortizing on-chain fees across thousands of transactions. The fee structure is a flat percentage with no fixed component, making sub-cent transactions viable for the first time.

SDK / Integration

Set any price from $0.0001 upward via Pricing Rules or directly in middleware: mp.protect({ price: '0.001' }). The POST /v1/challenge endpoint accepts sub-cent amount values. Revenue accumulates in your publisher balance (visible in Analytics), and settlement is configurable — manual on Free, automatic daily on Pro. See Settlement for batch details.

3

Censorship Risk

What's broken today

Payment processors like Stripe, PayPal, and traditional banks can freeze accounts, hold funds, or deplatform merchants overnight with no meaningful appeal process. Legal businesses in controversial but lawful industries — adult content, cannabis, firearms, crypto, independent journalism — face arbitrary payment cutoffs. Even mainstream creators have had funds held for weeks due to opaque risk algorithms.

How Vlexivo solves it

Vlexivo is non-custodial. Funds live in the user's wallet, not in Vlexivo's custody. No single entity can block payments between a willing buyer and a willing seller. The payment flow uses on-chain verification — once a transaction is confirmed on Ethereum, Base, or Solana, it is irreversible and uncensorable. Vlexivo's role is protocol infrastructure, not a financial gatekeeper.

SDK / Integration

Publishers register with a wallet address via POST /api/publishers and receive payouts directly to that address. The POST /v1/unlock endpoint verifies payment on-chain — Vlexivo confirms the transaction happened, it does not process or hold the funds. See Architecture for the three-layer verification model and Settlement for payout mechanics.

4

Chargeback Fraud

What's broken today

Digital goods cannot be "returned," yet credit card chargebacks happen anyway. Consumers dispute legitimate purchases with "I didn't authorize this," and the merchant bears the burden of proof. This costs merchants an estimated 1.5% of revenue plus $25-$100 per dispute in processor fees — and merchants lose the vast majority of disputes for digital goods regardless of evidence.

How Vlexivo solves it

Vlexivo entitlement tokens are cryptographically signed proof of purchase — irrefutable, on-chain, with no "I didn't authorize this" disputes possible. Every payment produces a verifiable transaction hash on-chain and a signed JWT entitlement. The consumer's wallet signed the transaction. The blockchain recorded it. There is no intermediary to file a dispute with, and no mechanism for reversal after confirmation.

SDK / Integration

After payment, POST /v1/unlock returns a JWT with the tx_hash embedded — this is your on-chain receipt. Validate entitlements server-side via POST /entitlements/validate to confirm purchase authenticity at any time. Webhooks (payment.confirmed event) provide real-time notification of verified payments. See Replay Protection for nonce-based anti-fraud measures.

5

Creator Deplatforming

What's broken today

When YouTube demonetizes a creator, Patreon bans them, or Substack changes its terms, the creator loses their entire revenue stream overnight. The audience relationship is mediated by a platform that can sever it at will. Creators have no portable payment identity — their monetization is locked to whichever platform they happen to use.

How Vlexivo solves it

Vlexivo wallet IDs are platform-independent. Fans pay to the creator's wallet address from any site or application. If one platform cuts you off, revenue continues through your own site, Ghost, Substack, WordPress, or anywhere else you embed the Vlexivo SDK. The payment relationship is between the fan's wallet and the creator's wallet — no platform can interrupt it.

SDK / Integration

Creators register once via POST /api/publishers with their wallet address. The same publisher key works across any site or platform. The Browser SDK (data-vlexivo attributes) drops into any HTML page. The Creator SDK adds tips and fan leaderboards. The WordPress Plugin and Python publisher plugin (Flask/Django) provide one-click integration for common platforms.

6

Subscription Fatigue

What's broken today

The average internet user pays $50+ per month across subscriptions they barely use — NYT, Spotify, Netflix, Medium, news sites, SaaS tools. The subscription model forces an all-or-nothing choice: pay $17/month for the NYT or read nothing. Most consumers want to read one article, watch one video, or make one API call — but the payment infrastructure does not support that granularity.

How Vlexivo solves it

Vlexivo enables per-article, per-video, per-API-call pricing alongside traditional subscriptions. Read one NYT article for $0.10 instead of $17/month. Watch one tutorial for $0.25. Make one API call for $0.001. Publishers can offer both subscription tiers and individual-item pricing, letting consumers choose the model that fits their usage pattern.

SDK / Integration

Configure per-resource pricing via Pricing Rules or inline: data-price="0.10" on individual content blocks with the Browser SDK, or mp.protect({ price: '0.001' }) per API route. Different resources can have different prices. See the pay-per-article blog example and pay-per-call API example for complete implementations. Scope Types define whether access is per-request, time-limited, or permanent.

Ready to integrate?

Pick the quickstart that matches your use case: API Developer for pay-per-call APIs, Content Publisher for article paywalls, Creator Platform for fan payments, or AI Agent for headless billing.

Quick Start

Get from zero to paid API in under 5 minutes.

Register as a publisher

Sign up at vlexivo.online/register or via the API:

curl -X POST https://vlexivo.online/api/publishers \
  -H "Content-Type: application/json" \
  -d '{
    "name": "My API",
    "wallet_address": "0xYourWalletAddress",
    "domain": "api.example.com"
  }'
# { "api_key": "vlx_live_...", "publisher": { "id": 1, ... } }

Save your api_key — you'll need it in the next step.

Install the SDK and add the middleware

npm install vlexivo

const vlexivo = require('vlexivo');

app.use('/api/premium', vlexivo.protect({
  apiKey: process.env.VLEXIVO_API_KEY,
  price: { amount: '0.001', currency: 'USDC' },
}));

pip install vlexivo

from vlexivo.fastapi import require_payment

@app.get("/api/premium")
@require_payment(price="0.001", resource_id="/api/premium")
async def premium(request: Request):
    return {"data": "premium content"}

# Step 1: Generate a challenge
curl -X POST https://vlexivo.online/v1/challenge \
  -H "X-Api-Key: vlx_live_..." \
  -H "Content-Type: application/json" \
  -d '{"resource_id":"/api/report","scope_type":"per-call","price":{"amount":"0.001","currency":"USDC"}}'

# Step 2: Return the challenge as 402 to the consumer
# Step 3: Consumer pays on-chain, POSTs to /v1/unlock
# Step 4: Validate the returned entitlement token
curl -X POST https://vlexivo.online/api/entitlements/validate \
  -H "X-Api-Key: vlx_live_..." \
  -H "Content-Type: application/json" \
  -d '{"token":"eyJ...","resource_id":"/api/report"}'

Add the browser SDK
```
<script src="https://vlexivo.online/sdk/vlexivo.js"></script>
<script>
  Vlexivo.init({ autoIntercept: true });
</script>
```
That's it. Vlexivo.js auto-intercepts all fetch() calls and shows the payment modal when a 402 is received.

JavaScript / Node.js SDK

Installation

npm install vlexivo

Requires Node.js ≥ 18 (uses built-in fetch). Express ≥ 4 as a peer dependency.

Basic Usage

const express = require('express');
const vlexivo = require('vlexivo');

const app = express();

// Protect all routes under /api/premium
app.use('/api/premium', vlexivo.protect({
  apiKey: process.env.VLEXIVO_API_KEY,
  price: { amount: '0.01', currency: 'USDC' },
}));

// Your protected endpoint
app.get('/api/premium/report', (req, res) => {
  const { entitlement } = req.vlexivo;
  res.json({
    data: 'Your premium report',
    paid_by: entitlement.buyer_wallet,
  });
});

All Options

vlexivo.protect({
  // Required
  apiKey: 'vlx_live_...',                // Your publisher API key

  // Default pricing
  price: {
    amount: '0.01',                     // Decimal string amount
    currency: 'USDC',                   // ETH | USDC | USDT | DAI
  },

  // Scope type (default: 'per-call')
  scope_type: 'per-call',               // per-call | per-article | per-message | per-session | tip

  // Per-resource pricing overrides
  resources: {
    '/api/reports/daily': {
      price: { amount: '0.05', currency: 'USDC' },
    },
    '/api/chat': {
      price: { amount: '0.001', currency: 'ETH' },
      scope_type: 'per-message',
    },
  },

  // Custom resource ID extractor (default: req.path)
  resourceId: (req) => req.path,

  // Vlexivo API URL (default: 'https://vlexivo.online')
  vlexivoUrl: 'https://vlexivo.online',

  // Auto-register pricing rules (default: true when price is set)
  autoRegister: true,

  // Callbacks
  onSuccess: (req, entitlement) => {},  // Called after valid token
  onChallenge: (req, resourceId) => {}, // Called when 402 is issued
})

TypeScript

import { protect, ProtectOptions, ValidatedEntitlement } from 'vlexivo';

app.get('/api/premium', protect({ apiKey: process.env.VLEXIVO_API_KEY! }), (req, res) => {
  const { entitlement } = req.vlexivo!;
  // entitlement is typed as ValidatedEntitlement
  console.log(entitlement.buyer_wallet, entitlement.scope_type);
  res.json({ ok: true });
});

Python SDK

Installation

pip install vlexivo

# With framework extras
pip install vlexivo[fastapi]   # FastAPI + Starlette middleware
pip install vlexivo[django]    # Django middleware + decorators
pip install vlexivo[jwt]       # PyJWT for local token verification
pip install vlexivo[async]     # aiohttp for async requests
pip install vlexivo[all]       # Everything

FastAPI

from fastapi import FastAPI, Request
from vlexivo.fastapi import require_payment, VlexivoMiddleware

app = FastAPI()

# Option 1: Decorator (per-endpoint)
@app.get("/api/premium/report")
@require_payment(
    api_key=os.environ["VLEXIVO_API_KEY"],
    price={"amount": "0.05", "currency": "USDC"},
    resource_id="/api/premium/report",
)
async def daily_report(request: Request):
    # request.state.vlexivo contains the entitlement
    return {"data": "premium report"}

# Option 2: Middleware (protects all routes under a prefix)
app.add_middleware(
    VlexivoMiddleware,
    api_key=os.environ["VLEXIVO_API_KEY"],
    protected_paths=["/api/premium"],
    default_price={"amount": "0.01", "currency": "USDC"},
)

Django

from django.http import JsonResponse
from vlexivo.django import require_payment

@require_payment(
    api_key=settings.VLEXIVO_API_KEY,
    price={"amount": "0.05", "currency": "USDC"},
    resource_id="/api/reports/daily",
)
def daily_report(request):
    entitlement = request.vlexivo
    return JsonResponse({"data": "premium report"})

Django REST Framework

from vlexivo.drf import VlexivoPermission

class PremiumReportView(APIView):
    permission_classes = [VlexivoPermission]
    vlexivo_price = {"amount": "0.05", "currency": "USDC"}

    def get(self, request):
        return Response({"data": "premium report"})

Raw Client (any framework)

from vlexivo import VlexivoClient, Price

client = VlexivoClient(api_key=os.environ["VLEXIVO_API_KEY"])

# Validate a token from a request header
token = request.headers.get("X-Entitlement") or request.headers.get("Authorization", "").removeprefix("Bearer ")

result = await client.validate_token(
    token=token,
    resource_id="/api/premium/data",
)

if result.valid:
    # serve content
    pass
else:
    # generate challenge and return 402
    challenge = await client.create_challenge(
        resource_id="/api/premium/data",
        scope_type="per-call",
        price=Price(amount="0.01", currency="USDC"),
    )
    return Response(challenge.dict(), status_code=402)

Browser SDK

Zero-dependency vanilla JS. Intercepts 402s, shows the payment modal, caches tokens in localStorage.

Installation

<!-- CDN -->
<script src="https://vlexivo.online/sdk/vlexivo.js"></script>

<!-- Or self-host: download from /sdk/vlexivo.js -->

Initialize

Vlexivo.init({
  // Auto-intercept all fetch() calls (recommended)
  autoIntercept: true,

  // Callbacks
  onTokenIssued: (token, challenge) => {
    console.log('Payment complete, token:', token);
  },
  onPaymentCancelled: () => {
    console.log('User cancelled payment');
  },
});

API Reference

Method	Description
Vlexivo.init(options)	Initialize the SDK. Call once on page load.
Vlexivo.fetchWithPayment(url, init?)	fetch() wrapper — handles 402 automatically. Returns the successful response.
Vlexivo.handleChallenge(response)	Handle a 402 Response object. Returns token string or null on cancel.
Vlexivo.getToken(resourceId)	Get cached entitlement token for a resource. Returns string or null.
Vlexivo.attachToken(headers, resourceId)	Append X-Entitlement header to a headers object if a token is cached.
Vlexivo.clearCache()	Clear all cached tokens (e.g. on logout).

Manual Usage (without autoIntercept)

const response = await fetch('/api/premium/data');

if (response.status === 402) {
  const token = await Vlexivo.handleChallenge(response);
  if (token) {
    // Retry with token
    const data = await fetch('/api/premium/data', {
      headers: { 'X-Entitlement': token }
    });
  }
}

API Reference

POST /v1/challenge Generate a payment challenge

Auth: X-Api-Key: vlx_live_... (secret key — server-side only, never expose client-side)

Called by your server-side middleware to generate a nonce + payment address for a protected resource. Return the response as a 402 Payment Required to the consumer; the browser SDK picks it up automatically.

{
  "resource_id": "/api/reports/daily",   // required — identifies the resource
  "scope_type": "per-call",              // optional — defaults to "per-call"
  "price": {                             // optional — omit to use saved pricing rule
    "amount": "0.01",
    "currency": "USDC"
  },
  "auto_register": true,                 // optional — save price as a reusable rule
  "require_age": 18                      // optional — age gate (13–100)
}

Response (200):

{
  "status": 402,
  "protocol": "vlexivo/1.0",
  "publisher_id": "42",
  "resource_id": "/api/reports/daily",
  "scope_type": "per-call",
  "price": { "amount": "0.01", "currency": "USDC" },
  "accept_currencies": ["ETH", "USDC", "SOL", "USDT", "DAI"],
  "payment_address": "0xYour...WalletAddress",
  "challenge_nonce": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "expires_at": "2026-04-01T14:45:00.000Z",
  "unlock_url": "https://vlexivo.online/v1/unlock"
}

Challenge expires in 15 minutes. Return this object directly as your 402 response body.

curl -X POST https://vlexivo.online/v1/challenge \
  -H "X-Api-Key: vlx_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{
    "resource_id": "/api/reports/daily",
    "scope_type": "per-call",
    "price": { "amount": "0.01", "currency": "USDC" }
  }'

Error responses:

Status	Code	Meaning
400	`MISSING_RESOURCE_ID`	resource_id missing or empty
400	`INVALID_PRICE`	price.amount invalid or price.currency missing
400	`NO_PRICING_RULE`	No pricing rule found and no inline price provided
401	—	Missing or invalid X-Api-Key

POST /v1/unlock Submit payment proof, receive entitlement JWT

Auth: None — proof is self-authenticating via the challenge nonce

Consumer submits the transaction hash after paying on-chain. Vlexivo verifies the transaction against the blockchain and issues a signed JWT entitlement. Supported chains: Ethereum mainnet, Base L2, Solana mainnet.

{
  "proof": {
    "tx_hash": "0xabc123...",          // EVM: 0x + hex; Solana: base58
    "buyer_wallet": "0xdef456...",    // wallet that sent the payment
    "nonce": "a1b2c3d4-e5f6-...",    // UUID from the challenge response
    "signature": "0x..."              // proof of wallet ownership
  },
  "currency": "USDC",                  // optional — defaults to challenge.accept_currencies[0]
  "age_proof": {                       // required only if challenge.require_age is set
    "credential_id": "cred-uuid-...",
    "proof_token": "hmac-sha256-..."
  }
}

Response (200 — granted):

{
  "status": "granted",
  "entitlement_token": "eyJhbGciOiJIUzI1NiJ9...",
  "resource_id": "/api/reports/daily",
  "scope_type": "per-call",
  "expires_at": "2026-04-01T15:30:00.000Z"
}

Pass entitlement_token as X-Entitlement: {token} or Authorization: Bearer {token} on subsequent protected requests.

curl -X POST https://vlexivo.online/v1/unlock \
  -H "Content-Type: application/json" \
  -d '{
    "proof": {
      "tx_hash": "0xabc123...",
      "buyer_wallet": "0xdef456...",
      "nonce": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
      "signature": "0x789abc..."
    },
    "currency": "USDC"
  }'

Error responses:

Status	Code	Meaning
400	`INVALID_PROOF`	proof object missing required fields
400	`INVALID_CURRENCY`	currency not one of ETH, USDC, SOL, USDT, DAI
400	`INVALID_AGE_PROOF`	age_proof malformed
402	—	On-chain verification failed (tx not found / wrong amount)
403	`AGE_PROOF_REQUIRED`	Challenge requires age verification
403	`AGE_BELOW_THRESHOLD`	Credential proves age below require_age
404	—	Nonce not found
409	—	Nonce already used (replay attack blocked)
410	—	Challenge expired

POST /v1/consumer-challenge Generate a challenge for direct browser/wallet payment

Auth: X-Publishable-Key: vlx_pub_... header or publisher_id in the request body. Use the publishable key — it is safe to embed in client-side code.

Called by the browser SDK (or your own frontend) to generate a payment challenge for direct crypto wallet payment. Unlike /v1/challenge, this requires no server-side API key — it is designed for client-side calls from embedded widgets and SDK flows.

{
  "resource_id": "article-123",           // required — identifies the content being unlocked
  "scope_type": "per-article",            // optional — defaults to "per-call"
  "price_amount": "0.05",                 // required — decimal string (e.g. "0.05")
  "price_currency": "USDC",              // optional — defaults to "USDC"
  "publisher_id": 42,                     // optional — use if not sending X-Publishable-Key
  "require_age": 18                       // optional — age gate (13–100)
}

Response (200):

{
  "success": true,
  "challenge": {
    "nonce": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
    "payment_address": "0xPublisherWalletAddress",
    "amount": "0.05",
    "currency": "USDC",
    "scope_type": "per-article",
    "resource_id": "article-123",
    "unlock_url": "https://vlexivo.online/v1/unlock",
    "expires_at": "2026-04-01T14:40:00.000Z",
    "require_age": 18
  }
}

Challenge TTL is 10 minutes. The consumer sends payment on-chain using payment_address and amount, then submits the nonce + tx_hash to /v1/unlock.

curl -X POST https://vlexivo.online/v1/consumer-challenge \
  -H "X-Publishable-Key: vlx_pub_abc123..." \
  -H "Content-Type: application/json" \
  -d '{
    "resource_id": "article-123",
    "scope_type": "per-article",
    "price_amount": "0.05",
    "price_currency": "USDC"
  }'

Error responses:

Status	Code	Meaning
400	`MISSING_RESOURCE_ID`	resource_id missing or empty
400	`MISSING_PRICE_AMOUNT`	price_amount missing
400	`INVALID_PRICE_AMOUNT`	price_amount not a positive decimal
400	`INVALID_PUBLISHER_ID`	publisher_id not a positive integer
401	—	Missing or invalid publishable key; publisher not found

GET /v1/publisher-info Fetch publisher payment configuration

Auth: X-Publishable-Key: vlx_pub_... (required)

Returns the publisher's name, settlement chain, and wallet addresses. Used by the browser SDK to display payment destinations and route transactions to the correct chain. No request body needed.

curl https://vlexivo.online/v1/publisher-info \
  -H "X-Publishable-Key: vlx_pub_abc123..."

Response (200):

{
  "success": true,
  "publisher": {
    "name": "My Publisher",
    "settlement_chain": "base",
    "settlement_wallet_base": "0xYourBaseWalletAddress",
    "settlement_wallet_solana": null
  }
}

settlement_chain is the publisher's primary chain ("base", "ethereum", or "solana"). settlement_wallet_base is the EVM address for Base/Ethereum payments; settlement_wallet_solana is the Solana address (or null if not configured).

Error responses:

Status	Meaning
401	Missing or invalid `X-Publishable-Key`

POST /api/entitlements/validate Validate an entitlement token

Auth: X-Api-Key: {publisher_api_key}

{
  "token": "eyJhbGciOiJIUzI1NiJ9...",
  "resource_id": "/api/reports/daily"
}

Response (200):

{
  "valid": true,
  "entitlement": {
    "id": 99,
    "scope_type": "per-call",
    "resource_id": "/api/reports/daily",
    "buyer_wallet": "0xdef456...",
    "expires_at": "2026-04-01T15:30:00.000Z",
    "consumed_at": null,
    "revoked": false
  }
}

Publishers API

POST /api/publishers Register a new publisher

Auth: None (public)

{
  "name": "My API",
  "wallet_address": "0xYourPayoutWallet",
  "domain": "api.example.com"
}

Returns { api_key: "vlx_live_...", publisher: { ... } }. Store the api_key securely — it won't be shown again.

Pricing Rules

Pricing rules define how much to charge for each resource. You can set them upfront or use auto_register: true to create them on the fly.

POST /api/pricing Create a pricing rule

Auth: X-Api-Key: {publisher_api_key}

{
  "scope_type": "per-call",
  "resource_pattern": "/api/reports/.*",
  "price_amount": "0.01",
  "price_currency": "USDC"
}

resource_pattern is a regex matched against the resource ID.

Webhooks

Get notified in real-time when payments are completed and entitlements are issued or revoked.

Register a webhook endpoint

curl -X POST https://vlexivo.online/api/webhooks \
  -H "X-Api-Key: vlx_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-api.com/webhooks/vlexivo",
    "event_types": ["payment.completed", "entitlement.issued"],
    "secret": "your-webhook-secret"
  }'

Event payload

{
  "event": "payment.completed",
  "timestamp": "2026-04-01T14:30:00.000Z",
  "data": {
    "entitlement_id": 99,
    "resource_id": "/api/reports/daily",
    "buyer_wallet": "0xdef456...",
    "amount": "0.01",
    "currency": "USDC",
    "tx_hash": "0xabc123..."
  }
}

Verify signatures

All webhook payloads are signed with X-Vlexivo-Signature: t={timestamp},v1={hmac} using HMAC-SHA256.

const crypto = require('crypto');

function verifyWebhook(payload, signature, secret) {
  const [tPart, v1Part] = signature.split(',');
  const timestamp = tPart.replace('t=', '');
  const receivedHmac = v1Part.replace('v1=', '');

  const expectedHmac = crypto
    .createHmac('sha256', secret)
    .update(`${timestamp}.${payload}`)
    .digest('hex');

  return crypto.timingSafeEqual(
    Buffer.from(receivedHmac),
    Buffer.from(expectedHmac)
  );
}

Event types

Event	Description
payment.received	Payment submitted — verification in progress
payment.completed	On-chain payment verified, entitlement issued
payment.failed	Payment verification failed
tip.received	Fan tip received; no entitlement issued
entitlement.issued	Entitlement token created and delivered
entitlement.expired	Time-limited entitlement expired (per-session, per-conversation)
entitlement.revoked	Entitlement manually revoked by publisher

Agent API

Headless machine-to-machine endpoints for AI agents. Auth via X-Agent-Key header — no browser, no OAuth, no on-chain transaction required.

POST /v1/agent/pay Machine-to-machine micropayment

Auth: X-Agent-Key: vlxa_live_...

Agent submits its API key and specifies which publisher's resource to access. Vlexivo deducts from the prepaid balance and issues a JWT entitlement — no on-chain transaction needed.

{
  "publisher_api_key": "vlx_live_...",   // required — identifies the publisher
  "resource_id": "/api/reports/daily", // optional, defaults to "*"
  "scope_type": "per-call",            // optional, defaults to "per-call"
  "metadata": {}                       // optional context
}

Response (200 — access granted):

{
  "success": true,
  "entitlement": "eyJhbGciOiJIUzI1NiJ9...",  // pass as X-Entitlement on the target API
  "expires_at": "2026-04-12T12:15:00.000Z",
  "cost_micro_usd": 1000,
  "cost_usd": "0.001000",
  "balance_cents": 4999,
  "balance_usd": "49.9900",
  "resource_id": "/api/reports/daily",
  "scope_type": "per-call",
  "latency_ms": 42
}

Response (402 — insufficient balance):

{
  "success": false,
  "error": "Insufficient balance to pay for this resource",
  "code": "INSUFFICIENT_BALANCE",
  "balance_cents": 0,
  "balance_usd": "0.0000",
  "required_cents": 1,
  "topup_url": "https://vlexivo.online/dashboard"
}

Pass the returned entitlement token as X-Entitlement: {token} or Authorization: Bearer {token} on your next request to the target API.

// Example: agent pays then calls the target API
const { AgentClient } = require('@vlexivo/sdk');
const client = new AgentClient({ walletKey: process.env.AGENT_WALLET_KEY });

// auto-handles the pay+retry loop transparently
const data = await client.fetch('https://api.example.com/reports/daily');
console.log(await data.json());

GET /v1/agent/status Check balance & key health

Auth: X-Agent-Key: vlxa_live_...

Returns current balance, rate-limit usage, and key metadata. Zero cost — nothing is deducted.

curl https://vlexivo.online/v1/agent/status \
  -H "X-Agent-Key: vlxa_live_..."

Response (200):

{
  "success": true,
  "key_id": 7,
  "name": "my-agent",
  "balance_cents": 4999,
  "balance_usd": "49.9900",
  "is_active": true,
  "auto_topup_enabled": false,
  "auto_topup_threshold_cents": 500,
  "auto_topup_amount_cents": 1000,
  "rate_limit_per_minute": 60,
  "rate_limit_per_day": 10000,
  "rate_limit_usage": {
    "minute_used": 3,
    "minute_remaining": 57,
    "minute_resets_in_seconds": 41,
    "day_used": 147,
    "day_remaining": 9853,
    "day_resets_in_seconds": 51200
  },
  "last_used_at": "2026-04-12T11:44:01.000Z"
}

Pricing & Revenue

You set the price. Vlexivo takes 15%. No monthly fees, no minimums.

Simple rule

Every payment splits as: 85% to you (publisher) + 15% to Vlexivo. On Pro tier, you keep 92%.

Publisher-Set Pricing

You control the price for every resource — per-call, per-article, per-session. There's no minimum or maximum. Common patterns:

Use Case	Typical Price	Scope
API call (weather, search, data)	$0.001 – $0.01	per-call
Article / blog post unlock	$0.05 – $1.00	per-article
Creator DM / AI chat message	$0.50 – $5.00	per-message
Timed session (15min–1hr)	$1.00 – $25.00	per-session
Thread access (24h)	$1.00 – $5.00	per-conversation
All creator content (24h)	$0.50 – $5.00	per-creator
Content bundle	Publisher-set	per-bundle
Creator tip / donation	$0.25 – $100+	tip

Revenue Split

Plan	You keep	Vlexivo fee
Free	85%	15%
Pro	92%	8%
Platform Partner	Configurable (min 70%)	15% (split with platform)

Settlement

Payments accumulate in your publisher balance in real-time. Payouts work as follows:

Plan	Settlement	Minimum
Free	On-demand (manual request)	None
Pro	Automatic daily	None
Enterprise	Automatic daily or weekly	None

Funds are sent as USDC to the payout wallet address registered on your account. No banking setup required — just a crypto wallet address.

Plan Tiers

Feature	Free	Pro	Enterprise
Revenue share	85%	92%	Custom
Monthly transactions	1,000	50,000	Unlimited
Settlement	Manual	Daily auto	Custom schedule
Analytics	Basic	Full	Full + export
Webhooks	1 endpoint	10 endpoints	Unlimited
White-label paywall	—	—	✓
Partner API	—	—	✓
SLA	Best-effort	99.9%	99.99%

Starting out

Free tier has no monthly fee. You only pay the 15% cut when you earn. Register to get your API key.

Scope Types

Scope types control how entitlement tokens are consumed and how access is metered.

Scope	Behavior	Typical Price	Use Case
per-call	Consumed on first validated use	$0.001–$0.01	API calls, AI requests
per-article	Unlimited reads, tied to resource_id	$0.05–$1.00	Blog posts, reports
per-message	Consumed per DM or chat message to creator	$0.50–$5.00	Creator DMs, AI chatbots
per-session	Time-gated access (15min–1hr window)	$1.00–$25.00	Video streams, live sessions
per-conversation	Thread access for 24 hours	$1.00–$5.00	Creator chat threads
tip	No entitlement issued; creator receives directly	$0.25–$100+	Donations, fan tips
per-creator	All content by one creator for 24 hours	$0.50–$5.00	Creator day-pass
per-bundle	Defined group of resources, single payment	Publisher-set	Content bundles, topic packs

Tips and Donations Flow

Tips are user-initiated — no 402 challenge required. The user clicks a tip button; Vlexivo routes payment directly to the creator's wallet.

// Server: register tip endpoint
app.post('/api/tip/:creatorId', vlexivo.acceptTip({
  apiKey: process.env.VLEXIVO_API_KEY,
  minAmount: '0.25',
  maxAmount: '100.00',
}));

// Browser: tip button
Vlexivo.tip({
  creatorId: 'alice',
  suggestedAmount: '5.00',
  message: 'Great content',   // optional
});

Creator Platform Integration (Track 2)

If you run a creator platform: your platform generates a 402 challenge when a fan initiates a paid action (DM, session, etc). The Vlexivo widget handles payment UI — no install required for fans.

1. Fan → Initiates DM / session on your platform

2. Your platform → POST /v1/challenge (scope: per-message)

3. Your platform → Returns 402 + challenge to fan's browser

4. Vlexivo widget → Renders payment UI inline (zero install)

5. Fan pays → POST /v1/unlock → entitlement token issued

6. Creator → Receives payment directly (non-custodial)

Error Codes

All error responses return JSON with a code field and a human-readable message (or error) field. Error objects for unlock/payment failures include status, resource_id, scope_type, and reason.

Challenge Errors (`POST /v1/challenge`, `POST /v1/consumer-challenge`)

Code	HTTP	Description
`MISSING_RESOURCE_ID`	400	resource_id missing or empty
`INVALID_PRICE`	400	price.amount is not a positive decimal string, or currency is missing
`NO_PRICING_RULE`	400	No pricing rule for this resource and no inline price provided
`MISSING_PRICE_AMOUNT`	400	(consumer-challenge only) price_amount missing
`INVALID_PRICE_AMOUNT`	400	(consumer-challenge only) price_amount not a positive decimal
`INVALID_PUBLISHER_ID`	400	(consumer-challenge only) publisher_id not a positive integer
—	401	Missing or invalid API key / publishable key

Unlock / Payment Errors (`POST /v1/unlock`)

Code	HTTP	Description
`INVALID_PROOF`	400	proof object malformed — missing tx_hash, buyer_wallet, nonce, or signature
`INVALID_CURRENCY`	400	currency not one of ETH, USDC, SOL, USDT, DAI
`INVALID_AGE_PROOF`	400	age_proof object malformed — missing credential_id or proof_token
—	402	On-chain payment verification failed (tx not found, wrong amount, wrong address)
`AGE_PROOF_REQUIRED`	403	Challenge has require_age set but no age_proof was submitted
`AGE_CREDENTIAL_INVALID`	403	Age credential not found or has been revoked
`AGE_BELOW_THRESHOLD`	403	Credential proves age is below require_age threshold
`AGE_PROOF_TOKEN_INVALID`	403	HMAC proof token is tampered or signature mismatch
—	404	Nonce not found — challenge was never issued or has been cleaned up
—	409	Replay attack — nonce already consumed by a prior payment
—	410	Challenge expired (publisher challenge TTL: 15 min; consumer challenge TTL: 10 min)

Agent API Errors (`POST /v1/agent/pay`)

Code	HTTP	Description
`AGENT_KEY_REQUIRED`	401	Missing or invalid X-Agent-Key header
`INVALID_PUBLISHER_KEY`	400	publisher_api_key not found or inactive
`INSUFFICIENT_BALANCE`	402	Agent key balance too low; response includes topup_url, balance_cents, required_cents
`RATE_LIMIT_EXCEEDED`	429	Per-minute or per-day rate limit hit; response includes retry_after seconds

General

Code	HTTP	Description
`ENTITLEMENT_REQUIRED`	401	Protected route accessed without an entitlement token
`ENTITLEMENT_INVALID`	401 / 403	Malformed JWT, expired, revoked, or already consumed
`RESOURCE_MISMATCH`	403	Token was issued for a different resource_id
—	429	Rate limit exceeded — see Retry-After header. Limits: 60/min on /v1/challenge, 30/min on /v1/unlock, 10/5min on /auth/* endpoints

Rate Limiting

All API endpoints are protected by in-memory sliding-window rate limits. Exceeding any limit returns 429 Too Many Requests with a Retry-After header indicating how many seconds to wait.

Per-Endpoint Limits

Endpoint	Limit	Window	Notes
`POST /v1/challenge`	60 requests	1 minute	Per IP — publisher server-to-server calls
`POST /v1/unlock`	30 requests	1 minute	Per IP — payment proof submissions
`POST /v1/consumer-challenge`	30 requests	1 minute	Per IP — consumer crypto payment initiation
`GET /v1/publisher-info`	30 requests	1 minute	Per IP — publisher config lookups
`POST /v1/agent/pay`	Configurable	1 min + 1 day	Per agent key — default 60/min, 10,000/day
`/auth/login`, `/auth/register`	10 requests	5 minutes	Per IP — brute-force protection on auth flows
`/api/publishers`, `/api/account/rotate-key`	20 requests	1 minute	Per IP — write-heavy publisher management
All other `/api/*`	200 requests	1 minute	Per IP — global API fallback

Response Headers

Every rate-limited response includes these headers regardless of whether the limit was hit:

Header	Value
`X-RateLimit-Limit`	Max requests allowed in the window
`X-RateLimit-Remaining`	Requests remaining in the current window
`X-RateLimit-Reset`	Unix timestamp (seconds) when the window resets
`Retry-After`	Seconds to wait before retrying (only on 429)

Agent API endpoints use per-key minute and day windows and return additional headers: X-RateLimit-Limit-Minute, X-RateLimit-Remaining-Minute, X-RateLimit-Limit-Day, X-RateLimit-Remaining-Day.

429 Response Body

{
  "success": false,
  "error": "Too many requests. Please slow down.",
  "code": "RATE_LIMITED",
  "retry_after": 42
}

Best Practices

Check X-RateLimit-Remaining to back off proactively before hitting 0.
On 429, wait exactly Retry-After seconds before retrying — do not hammer with immediate retries.
Publisher server-to-server calls to /v1/challenge are generous at 60/min. If your traffic exceeds this, batch challenges client-side or contact support for higher limits.
Agent key limits are configurable per key in the dashboard. Increase rate_limit_per_minute and rate_limit_per_day for high-volume AI pipelines.

Need higher limits?

Limits are intentionally generous for normal publisher traffic. If you're consistently hitting them, contact us — we can configure higher limits for your account.

Replay Protection

Every challenge has a UUID nonce that:

Expires after 15 minutes
Can only be used once (atomic SELECT FOR UPDATE prevents double-spend)
Is tied to a specific publisher and resource

Scenario	Response
Valid, unused nonce	200 — entitlement issued
Already used nonce	409 — NONCE_ALREADY_USED
Expired nonce	410 — NONCE_EXPIRED
Unknown nonce	404 — NONCE_NOT_FOUND

Creator SDK

Extended features for content creators: tips, fan leaderboards, subscriptions, and gated chat.

Server-side

const { creatorSdk } = require('vlexivo/creator');

// Protect a chat message (per-message pricing)
app.use('/api/chat', creatorSdk.protectMessage({
  apiKey: process.env.VLEXIVO_API_KEY,
  price: { amount: '0.001', currency: 'USDC' },
}));

// Protect a subscription resource (monthly)
app.use('/api/newsletter', creatorSdk.protectSubscription({
  apiKey: process.env.VLEXIVO_API_KEY,
  interval: 'monthly',
  price: { amount: '5.00', currency: 'USDC' },
}));

Browser — tip modal

<script src="https://vlexivo.online/sdk/vlexivo-creator.js"></script>

<!-- Auto-wire a tip button -->
<button data-vlx-tip data-vlx-creator="alice" data-vlx-suggested="5.00">
  ☕ Tip Alice
</button>

Examples

Pay-per-call API (Express)

const express = require('express');
const vlexivo = require('vlexivo');
require('dotenv').config();

const app = express();
app.use(express.json());

// Add the browser SDK hint header
app.use((req, res, next) => {
  res.setHeader('X-Vlexivo-SDK', 'https://vlexivo.online/sdk/vlexivo.js');
  next();
});

// Protect all premium routes
app.use('/api/premium', vlexivo.protect({
  apiKey: process.env.VLEXIVO_API_KEY,
  price: { amount: '0.001', currency: 'USDC' },
}));

// Your endpoints
app.get('/api/premium/weather', (req, res) => {
  res.json({ city: 'Tokyo', temp: 22, condition: 'Sunny' });
});

app.get('/api/premium/joke', (req, res) => {
  res.json({ joke: 'Why do programmers prefer dark mode? Light attracts bugs.' });
});

app.listen(3000, () => console.log('API running on :3000'));

Pay-per-article Blog (HTML)

<!DOCTYPE html>
<html>
<head>
  <script src="https://vlexivo.online/sdk/vlexivo.js"></script>
</head>
<body>
  <div id="preview">
    <h1>Premium Article Title</h1>
    <p>Introduction paragraph visible to everyone...</p>
    <button id="unlock-btn">Read full article — $0.50 USDC</button>
  </div>

  <div id="content" style="display:none">
    <!-- Full article content here -->
  </div>

  <script>
    Vlexivo.init({ autoIntercept: true });

    document.getElementById('unlock-btn').onclick = async () => {
      const response = await fetch('/api/articles/premium-article', {
        headers: { 'Accept': 'application/json' }
      });
      // Vlexivo.js handles the 402 automatically if autoIntercept: true
      if (response.ok) {
        const { html } = await response.json();
        document.getElementById('content').innerHTML = html;
        document.getElementById('content').style.display = 'block';
        document.getElementById('preview').style.display = 'none';
      }
    };
  </script>
</body>
</html>

AI Chatbot (per-message pricing)

const express = require('express');
const vlexivo = require('vlexivo');

const app = express();
app.use(express.json());

app.use('/api/chat/message', vlexivo.protect({
  apiKey: process.env.VLEXIVO_API_KEY,
  price: { amount: '0.002', currency: 'USDC' },
  scope_type: 'per-message',
}));

app.post('/api/chat/message', async (req, res) => {
  const { message } = req.body;
  const { entitlement } = req.vlexivo;

  // Call your AI provider
  const reply = await callOpenAI(message);

  res.json({
    reply,
    paid_by: entitlement.buyer_wallet,
    amount_paid: '0.002 USDC',
  });
});

WordPress Plugin

The Vlexivo WordPress plugin lets you gate any post, page, or WooCommerce product behind a crypto micropayment — no coding required.

Installation

Download vlexivo-wp.zip from your publisher dashboard → Integration → WordPress plugin
In WordPress Admin: Plugins → Add New → Upload Plugin
Upload vlexivo-wp.zip → Install → Activate
Go to Settings → Vlexivo and paste your API key

Configuration

Setting	Value	Notes
API Key	Your `vlx_sec_…` key	Never expose in client-side code
Default price	e.g. `0.50 USDC`	Can be overridden per post
Scope type	`per-article`	Recommended for posts
Preview length	e.g. 200 words	Shown before unlock button

Gating a Post

In the WordPress block editor, add the Vlexivo Paywall block anywhere in your post. Everything below the block will be locked until payment.

<!-- Shortcode alternative -->
[vlexivo_gate price="0.50" currency="USDC" scope="per-article"]

Your premium content goes here. Readers must pay to see this.

[/vlexivo_gate]

Per-Post Price Override

In the post sidebar → Vlexivo panel:

Enable paywall: toggle on
Price: enter custom amount (leave blank for default)
Currency: USDC / ETH / SOL
Resource ID: auto-set to post slug (/p/{post-id})

WooCommerce Integration

Gate digital downloads or membership content with a one-time crypto payment instead of (or alongside) Stripe.

// functions.php — custom gate check
add_filter('vlexivo_should_gate', function($gate, $post_id) {
    // Gate only posts in "Premium" category
    return has_category('premium', $post_id);
}, 10, 2);

Compatible with

WordPress 6.0+, Gutenberg, Classic Editor, WooCommerce, Elementor, Divi, and any theme that uses the_content filter.

Python SDK — Publisher Side

Use the Vlexivo Python SDK to protect Flask/Django/FastAPI routes or integrate programmatic API metering from any Python backend.

Install

pip install vlexivo

Flask — API Metering

from flask import Flask, jsonify
from vlexivo import protect

app = Flask(__name__)

# Decorate any route to require payment
@app.route("/api/premium/data")
@protect(
    api_key="vlx_sec_...",
    price={"amount": "0.001", "currency": "USDC"},
    scope="per-call"
)
def premium_data():
    return jsonify({"data": "Your premium content"})

if __name__ == "__main__":
    app.run()

Django Middleware

# settings.py
MIDDLEWARE = [
    ...
    'vlexivo.django.VlexivoMiddleware',
]

VLEXIVO = {
    'API_KEY': os.environ['VLEXIVO_API_KEY'],
    'DEFAULT_PRICE': {'amount': '0.001', 'currency': 'USDC'},
    'DEFAULT_SCOPE': 'per-call',
}

# views.py
from vlexivo.django import vlexivo_required

@vlexivo_required(price='0.50', scope='per-article')
def premium_article(request, slug):
    article = Article.objects.get(slug=slug)
    return JsonResponse({"content": article.body})

FastAPI

from fastapi import FastAPI, Depends
from vlexivo.fastapi import VlexivoDep

app = FastAPI()

vlexivo = VlexivoDep(
    api_key=os.environ["VLEXIVO_API_KEY"],
    price={"amount": "0.001", "currency": "USDC"},
)

@app.get("/api/premium/report")
async def get_report(access=Depends(vlexivo.require)):
    return {"data": "premium report", "buyer": access.buyer_wallet}

Raw REST (any Python client)

No SDK required — use requests directly against the Vlexivo API.

import requests, os

VLEXIVO_BASE = "https://vlexivo.polsia.app"
API_KEY = os.environ["VLEXIVO_API_KEY"]

# 1. Generate a challenge for a buyer
challenge = requests.post(
    f"{VLEXIVO_BASE}/v1/challenge",
    headers={"X-Api-Key": API_KEY},
    json={
        "resource_id": "/api/reports/daily",
        "scope_type": "per-call",
        "price_override": {"amount": "0.01", "currency": "USDC"},
    }
).json()

print(challenge["nonce"])  # e.g. "vlx_nonce_abc123..."

# 2. Validate an entitlement token sent by the buyer
validation = requests.post(
    f"{VLEXIVO_BASE}/api/entitlements/validate",
    headers={"X-Api-Key": API_KEY},
    json={
        "token": request_headers["X-Entitlement"],
        "resource_id": "/api/reports/daily",
    }
).json()

if validation["valid"]:
    return {"data": "your premium data"}

Environment variable

Always pass your secret key via environment variable: VLEXIVO_API_KEY=vlx_sec_.... Never hardcode it in source files.

FAQ & Troubleshooting

Why am I getting 400 NO_PRICING_RULE?

You haven't created a pricing rule for this resource yet. Log in to your publisher dashboard → Resources → Add Rule. Use * as the resource pattern to match all routes.

My challenge returns 401 — is my API key wrong?

Check that you're sending the secret key (vlx_sec_…), not the publishable key (vlx_pub_…). The challenge endpoint requires the secret key. Publishable keys are for browser SDKs only.

The payment popup doesn't appear on mobile

Ensure your page doesn't block popups. The Vlexivo widget opens in a popup window (window.open). On iOS Safari, popups are only allowed from direct user gesture handlers (click, touchend). Make sure Vlexivo.init() is called from a click handler, not on page load.

I paid but didn't get a JWT entitlement

This usually means on-chain verification is still pending. The unlock endpoint polls the blockchain for up to 30 seconds. If the tx confirms after that window, use the retry endpoint:

curl -X POST https://vlexivo.polsia.app/v1/unlock/retry \
  -H "Content-Type: application/json" \
  -d '{"nonce": "vlx_nonce_...", "tx_hash": "0x..."}'

How do I test without spending real funds?

Set DEMO_MODE=true in your environment. In demo mode, Vlexivo skips on-chain verification and issues a test JWT immediately. Demo entitlements are marked with "demo": true in the payload. Never use demo mode in production.

Can I issue refunds?

Blockchain transactions are irreversible. Vlexivo doesn't support automatic refunds. If you need to compensate a buyer, you can send USDC directly from your settlement wallet. We recommend offering a "try before buy" preview for article content, and clearly communicating no-refund policies for digital goods.

What if my webhook keeps failing?

Vlexivo retries failed webhook deliveries with exponential backoff: 1min, 5min, 30min, 2hr, 8hr. To debug, check your webhook delivery logs in Dashboard → Webhooks → Deliveries. Common issues:

Endpoint returns non-2xx status → fix your webhook handler to return 200
Request times out (>10s) → process asynchronously, return 200 immediately
Signature verification fails → ensure you're using the correct signing secret from the dashboard

My entitlement token expires too fast

Default TTL for per-call is 300 seconds. For per-article it's 24 hours. For per-session, you set the duration when creating the pricing rule. Extend via the duration_seconds field on your pricing rule — or request a per-article scope for longer-lived access.

Rate limits — what are they?

Endpoint	Limit
POST /v1/challenge	60 requests/min per publisher
POST /v1/unlock	30 requests/min per buyer wallet
GET /api/*	200 requests/min per API key
POST /auth/*	10 requests/5min per IP

Rate limit responses return HTTP 429 with a Retry-After header. If you're hitting limits in production, contact us to discuss higher tiers.

Still stuck?

Email support@vlexivo.io with your publisher ID, the exact endpoint you're calling, and the error response body. We respond within 24 hours on weekdays.

Vlexivo Documentation

⚡ API Developer Quickstart

✍️ Content Publisher Quickstart

🏢 Creator Platform Guide

🤖 AI Agent Guide

⚡ API Developer Quickstart

Get your API key

Install the SDK

Add the middleware

Test it

✍️ Content Publisher Quickstart

Get your publisher key

Wrap your content

Add the script tag

Preview the experience

WordPress / Ghost Integration

🏢 Creator Platform Guide

Payment Flow

Generate a Challenge (Server-side)

Supported Scope Types for Creator Platforms

Creator Platform API Reference

🤖 AI Agent Guide

How AI Agent Billing Works

Python SDK — Headless Agent Client

JavaScript / Node.js Agent Client

Funding Your Agent's Wallet

Environment Variables for Agents

Architecture Overview

Settlement

Wallet Architecture

Modes

FAQ

Do users need a crypto wallet?

What currencies are supported?

Is there a minimum payment amount?

How do payouts work?

What happens if payment fails?

Is replay protection built in?

Can I use Vlexivo alongside Stripe or Patreon?

Is the source code available?

Overview

🚀 5-minute setup

⚡ Fractions of a cent

🔒 Zero crypto UX

🌐 Any framework

How It Works

Problems We Solve

Privacy Violation

Micropayment Gap

Censorship Risk

Chargeback Fraud

Creator Deplatforming

Subscription Fatigue

Quick Start

Register as a publisher

Install the SDK and add the middleware

Add the browser SDK

JavaScript / Node.js SDK

Installation

Basic Usage

All Options

TypeScript

Python SDK

Installation

FastAPI

Django

Django REST Framework

Raw Client (any framework)

Browser SDK

Installation

Initialize

API Reference

Manual Usage (without autoIntercept)

API Reference

Publishers API

Pricing Rules

Webhooks

Register a webhook endpoint

Event payload

Verify signatures

Challenge Errors (`POST /v1/challenge`, `POST /v1/consumer-challenge`)

Unlock / Payment Errors (`POST /v1/unlock`)

Agent API Errors (`POST /v1/agent/pay`)