Skip to main content

Base URL

https://app.digitalsurge.com.au
All paths in the API Reference are relative to this host.

Amounts are decimal strings

Every monetary value — balances, prices, fees, trade amounts — is a string holding an exact decimal, e.g. "0.00250000" or "1500.50".
Never parse amounts into binary floats (float, double, JavaScript Number): they cannot represent decimal amounts exactly and will corrupt values. Use Decimal (Python), BigNumber/decimal.js (JavaScript), big.Rat/shopspring/decimal (Go), or your language’s equivalent.
Request bodies accept amounts as strings the same way.

Asset codes

Assets are identified by their uppercase code: BTC, ETH, AUD, … The Australian dollar is itself an asset (AUD), which is how trade direction is expressed:
  • Buy crypto: src_asset: "AUD", dst_asset: "BTC"
  • Sell crypto: src_asset: "BTC", dst_asset: "AUD"
The full asset list, including which assets can be deposited and withdrawn, comes from GET /api/public/broker/assets/.

Timestamps

Timestamps are formatted YYYY-MM-DDTHH:MM:SS without a timezone suffix, and are in Australian Eastern Standard Time (Australia/Brisbane, UTC+10 — Queensland does not observe daylight saving).

Pagination

List endpoints are page-number paginated:
Query parameterMeaning
pagePage number, starting at 1
page_sizeItems per page (default 100)
Paginated responses have the shape:
{
  "count": 342,
  "next": "https://app.digitalsurge.com.au/api/private/swaps/?page=2",
  "previous": null,
  "results": [ ... ]
}
Follow next until it is null.

Errors

Errors use conventional HTTP status codes with a JSON body:
StatusMeaning
400Validation error — the body maps field names to lists of messages, e.g. {"src_asset": ["This field is required."]}
401Missing or invalid API key
403Key lacks permission (e.g. a Read Only key attempting a trade)
404Resource not found (or not yours)
429Rate limit exceeded — back off and retry (see Rate limits)
5xxServer error — safe to retry idempotent (GET) requests with backoff
Non-field errors typically arrive as {"detail": "..."}.

Sensitive actions need extra confirmation

Some money-moving operations are deliberately multi-step. For example, creating a crypto withdrawal returns a pending withdrawal that must be authorized with a confirmation code before it is processed — see the withdrawal endpoints in the API Reference. Design your integration to expect these confirmation steps rather than fire-and-forget.