# Introduction

The Xerberus Public API gives you programmatic access to the same risk and rating data that powers `app.xerberus.io`. It's a REST-ish JSON API, authenticated with an API key, served from a single base URL.

```
https://api.xerberus.io/public/v1
```

> The base URL above is the production endpoint. If you need a different environment (staging, custom domain), contact Xerberus support.

## What's in here

* [**Getting started**](/documentation/getting-started.md) — request your API key, make your first call.
* [**Setup**](/documentation/setup.md) — base URL, required headers, response envelope, status codes, rate limits.
* [**API requirements**](/documentation/api-requirements.md) — How to request a key, key lifecycle, and key handling.

## API reference

| Group                                                | What it covers                                                          |
| ---------------------------------------------------- | ----------------------------------------------------------------------- |
| [Risk](/documentation/api-reference/risk.md)         | Unified asset risk scores (Cardano, Ethereum, Polygon) and risk index.  |
| [Wallet](/documentation/api-reference/wallet.md)     | Flag suspicious wallets.                                                |
| [Siren](/documentation/api-reference/siren.md)       | Known-scam wallet list.                                                 |
| [Vault](/documentation/api-reference/vault.md)       | DeFi vault list and per-vault dendrogram reports.                       |
| [Registry](/documentation/api-reference/registry.md) | Dendrogram-based scores across protocols, pools, organisations, assets. |
| [Users](/documentation/api-reference/users.md)       | Gamification accounts (wallet + username).                              |

## Conventions

* All paths in this reference are written **without** the `/public/v1` prefix in the endpoint header — but the prefix is always required when calling. So `GET /risk/scores` means `GET https://api.xerberus.io/public/v1/risk/scores`.
* Every authenticated endpoint requires the `x-api-key` and `x-user-email` headers. See [API requirements](/documentation/api-requirements.md).
* Each route group also exposes an unauthenticated `GET /<group>/healthcheck` that returns plain text and is intended for liveness probes only.

## Support

If you hit a wall or find something off in these docs, reach out to your Xerberus contact.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://xerberus.gitbook.io/documentation/readme.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.