SSettlaDocs

Core API

Resolve API

Resolution is the heart of Settla. It turns an alias into an identity plus the endpoints the calling consumer is authorized to see — filtered by privacy level, scope, and consent. It is read-only and moves no money.

POST/v1/resolve

Requires scope resolve (or *). Provide either a single alias string, or an explicit type + value pair.

Request body

FieldTypeDescription
aliasoptionalstringThe identifier to resolve, e.g. @john, +2348012345678, jo@x.com. Settla detects and normalizes the type. Provide this or type + value.
typeoptionalstringExplicit alias type: username, phone, email, merchant_handle, payment_link. Use with value.
valueoptionalstringThe raw value when using the explicit type form, e.g. john.

Example request

curl https://api.settla.network/v1/resolve \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{"alias":"@john"}'

# explicit type form
curl https://api.settla.network/v1/resolve \
  -H "Authorization: Bearer sk_test_..." \
  -d '{"type":"username","value":"john"}'

Response

{
  "identity": "idn_2x9...",
  "type": "user",
  "matched_alias": { "type": "username", "value": "john" },
  "endpoints": [
    { "id": "end_a1...", "type": "crypto_wallet", "address": "0x1234…abcd",
      "capabilities": [ { "asset": "USDC", "network": "polygon", "rail": "onchain" } ] },
    { "id": "end_b2...", "type": "bank_account", "last4": "6789", "token": null,
      "capabilities": [ { "asset": "USD", "rail": "ach" } ] }
  ],
  "disclosure": { "consumer": "apc_...", "total_endpoints": 3, "disclosed": 2 },
  "livemode": false,
  "request_id": "req_7k2..."
}
FieldDescription
identityPublic identity ID (idn_…) that owns the alias.
typeIdentity type: user, merchant, business, …
matched_aliasThe normalized alias type and value that matched.
endpoints[]Disclosed endpoints only. Each has id, type, capabilities, and a per-type address projection (see below).
disclosureconsumer (apc_…), total_endpoints owned, and how many were disclosed to you.
livemodefalse for test keys, true for live keys.
request_idreq_… — also returned as the Settla-Request-Id header.

Privacy-aware disclosure

Resolution never returns more than you are entitled to see. Each endpoint passes a fail-closed filter before it is included:

  1. Environment match — a test key cannot see live data and vice versa.
  2. Scope — your key must carry resolve or *, else 403.
  3. Alias privacy gatepublic and unlisted resolve on exact match; private returns a uniform 404; consent_required needs an active grant.
  4. Identity status — only active identities resolve.
  5. Per-endpoint privacy + consent — each endpoint is included only if active and allowed by its privacy level (and a valid ConsentGrant for consent_required).

Minimal disclosure

The response never reveals the existence of endpoints you cannot see — not-found and not-permitted are indistinguishable in both shape and timing. disclosure.total_endpoints counts what the identity owns, but no detail of the hidden ones is exposed. See Privacy & Security.

Per-type address projection

Endpoint typeWhat is returned
crypto_walletFull public receive address (decrypted) + capabilities.
bank_account, exchange_account, payment_processor_account, merchant_accountlast4 + an optional token only — never the full number.
internal_settla_endpoint, future_endpointpublic_id + type only.

Bulk resolution

POST/v1/resolve/bulk

Resolve up to 100 identifiers in one request. Each item carries its own status, so a single bad item never fails the batch.

curl https://api.settla.network/v1/resolve/bulk \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{"items":["@john","+2348012345678",{"type":"email","value":"jo@x.com"}]}'
{
  "results": [
    { "alias": "@john", "status": "resolved", "identity": "idn_...", "endpoints": [ ... ] },
    { "alias": "+2348012345678", "status": "consent_pending" },
    { "alias": "jo@x.com", "status": "error",
      "error": { "type": "not_found_error", "code": "alias_not_found" } }
  ]
}

Per-item status is one of resolved, consent_pending, or error.

Errors

StatusCodeWhen
400invalid_requestMissing alias / type+value, or an unparseable identifier.
401authentication_errorMissing, malformed, or revoked key.
403permission_errorKey lacks the resolve scope.
404alias_not_foundNo resolvable identity (also returned for private / no-consent — uniform).
429rate_limited / scraping_quota_exceededVelocity or distinct-alias breadth limit hit.

All errors use the canonical envelope — see Errors.