Getting Started with Kabila REST APIs
Kabila provides a suite of REST APIs that power the marketplace, analytics, and user management. All APIs follow the OpenAPI 3.0 specification, and their documentation is always up to date β generated directly from the live API specs.
Base URL
All API requests are made to:
https://labs.kabila.app
Available APIs
| API | Base Path | Description |
|---|---|---|
| Marketplace Manager | /api/marketplace/manager | NFT listings, collections, launchpads, offers, ForeverMint |
| Analytics | /api/marketplace/analytics | Marketplace analytics and trading data (public, no auth required) |
| Users | /api/users | Authentication, user profiles, account management |
Authentication
1. Bearer Token (JWT)
Most endpoints require a JWT token obtained from the Users API login endpoint. Pass it in the Auth header:
curl -X GET "https://labs.kabila.app/api/marketplace/manager/nft-collections" \
-H "Auth: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json"2. Hedera Signature Authentication
Some marketplace operations (listing, delisting, price updates) require an additional Hedera signature for on-chain verification. This involves:
- Generating a time-based authentication message
- Signing it with your Hedera private key
- Encoding the signature map to base64
import { proto } from '@hiero-ledger/proto';
import { Wallet, AccountId, PrivateKey } from '@hiero-ledger/sdk';
// Generate the time-based auth message
function getKabilaAuthMessage(): string {
return 'Kabila wallet authentication' + '-' + Math.floor(new Date().getTime() / 300000);
}
// Prefix the message following Hedera's signing convention
function prefixMessageToSign(message: string): string {
return '\x19Hedera Signed Message:\n' + message.length + message;
}
// Sign the message with your wallet
async function getSignedAuthMessage(wallet: Wallet): Promise<string> {
const authMessage = getKabilaAuthMessage();
const authMessageToSign = [Buffer.from(prefixMessageToSign(authMessage))];
const signerSignatures = await wallet.sign(authMessageToSign);
const signatureMap = proto.SignatureMap.create(
signerSignaturesToSignatureMap(signerSignatures)
);
return signatureMapToBase64String(signatureMap);
}Request Headers
| Header | Description | Required |
|---|---|---|
Auth | Bearer <JWT_TOKEN> from login | Most endpoints |
Content-Type | application/json | POST/PUT/PATCH requests |
x-account-id | Hedera account ID (e.g. 0.0.1234567) | Signature-authenticated endpoints |
Response Format
All API responses use JSON. Successful responses return the data directly. Error responses follow this structure:
{
"reason": "ERROR_REASON",
"message": "Human-readable error message",
"payload": {}
}Pagination
List endpoints support pagination with these query parameters:
| Parameter | Type | Description |
|---|---|---|
skip | integer | Number of records to skip |
limit | integer | Max records to return (1-500) |
orderBy | string | Field to sort by |
orderDir | string | ASC or DESC |
Pagination metadata is returned in response headers:
x-Totalβ Total number of recordsx-Limitβ Applied limit
Next Steps
Explore the full API reference for each API:
- Marketplace Manager API β NFTs, collections, launchpads, offers
- Analytics API β Marketplace analytics
- Users API β Authentication and user management
Was this page helpful?