Signup & Activation
Self-signup is available when enabled by the service. With SAFE_ENABLE=true, anti-abuse protections (IP/email limits) are active.
—
Flow
- Request verification code:
POST /x-signwith{ "email": "[email protected]" } - Verify and create account:
POST /x-sign/verifywith{ "email": "[email protected]", "code": "123456" } - Or click the one-time activation link from email:
GET /x-sign/activate?token=...(token expires in 10 minutes) - On success, a welcome email is sent with your XAI API key and console links
—
Request code
- Endpoint:
POST /x-sign - Body:
{ "email": "[email protected]" } - Limits:
- Per-email: one code every 2 minutes
- With
SAFE_ENABLE, per-IP daily cap (e.g., 10 codes/day)
Example
curl -X POST https://api.xaixapi.com/x-sign \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]"}'
—
Verify and create
- Endpoint:
POST /x-sign/verify - Body:
{ "email": "[email protected]", "code": "123456" } - On success: account is created and a welcome email is sent (includes key and console links).
curl -X POST https://api.xaixapi.com/x-sign/verify \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]", "code": "123456"}'
—
Activation link
- Endpoint:
GET /x-sign/activate?token=... - Behaviour: validates the token (10-minute TTL), creates/activates the account, and returns an HTML success/failure page.
—
Typical responses
// success
{ "success": true, "message": "Verification code sent successfully" }
// failures
{ "success": false, "message": "Email already registered" }
{ "success": false, "message": "Please wait before requesting another verification code" }
{ "success": false, "message": "Too many verification codes requested from this IP today" }
—
Emails and variables
- Verification email includes a code and an activation link (
/x-sign/activate?token=...). - Welcome email includes: service/docs/API/Manage URLs and your
SecretKey.