Skip to content

MiniApps API (emali2-miniapps)

Environment base URLs

Environment Base URL
Local dev http://localhost:8811
Test https://apps.test.emali2.damplabs.com
Production (TBD)

These endpoints are the server-side enforcement point for MiniApps: - MiniApp registry and manifest distribution - Session minting (miniapp-scoped) - Payment intents (initiation from MiniApps, execution by the Super App) - Proxying partner backend calls for auditing and allowlist enforcement

Endpoints (v1 bootstrap)

  • GET /v1/miniapps
  • List registered miniapps (manifest summaries).

  • v1 bootstrap: public (no auth) for easier super-app discovery in local dev.

  • GET /v1/miniapps/{miniAppId}/manifest

  • Fetch a specific miniapp manifest.

  • v1 bootstrap: public (no auth).

  • POST /v1/miniapps/{miniAppId}/session

  • Mint a miniapp-scoped session.

  • v1 returns an opaque token placeholder; v2 will return a signed, scoped JWT.

  • POST /v1/miniapps/{miniAppId}/payment-intents

  • Create a payment intent.

  • GET /v1/miniapps/{miniAppId}/payment-intents/{intentId}

  • Get a payment intent.

  • POST /v1/miniapps/{miniAppId}/proxy

  • Proxy partner backend calls (v1 returns 501; v2 enforces allowlists, signing, and audit logs).

Notes

  • Money movement is never executed by the miniapp directly.
  • The Super App must show a native payment confirmation sheet before execution.