Skip to main content
The interactive reference and its Try it playground are generated directly from the Expys OpenAPI spec, so every endpoint, parameter, schema, and example matches the live /v1 API. Use the playground to call endpoints from your browser without writing any code.

Base URL

All requests go to a single host: 
https://api.expys.com
Sandbox and live share this host. The environment is not in the URL - it is a property of the credential you authenticate with. A sandbox key reads sandbox data, a live key reads live data. See Environments.

Authenticating the playground

Every operation is authenticated with a Bearer token pasted into the playground’s authorization field. Which token depends on the operation’s mode:
Operation modeToken to pasteExamples
Member modeA short-lived member token (from POST /v1/auth/exchange)Offers, Redemptions, Eligibility, Wallet reads, Conversations
Server modeYour Org-API-Key (expys_live_... / expys_sandbox_...)auth/exchange, Members, Analytics, wallet/credit, Webhooks
The Org-API-Key is a server-side secret. Use it in the playground only from a trusted machine, and never ship it in an app or client-side code. See Authentication and Server mode.
To mint a member token for member-mode operations, call POST /v1/auth/exchange with your Org-API-Key (it returns a TokenGrant with an accessToken), then paste that accessToken to try member-mode endpoints. The full two-token model is covered in Authentication.
Two parts of the API are documented as concept pages, not playground operations: SSE streaming (the concierge message stream is a long-lived Server-Sent Events connection, not a request/response call) and outbound webhook deliveries (signed event POSTs that Expys sends to your endpoint). Read those pages for their contracts.

Endpoint groups

The reference is organized by tag. Each group below links to the concept guide that explains its behavior, points-mechanics, and error codes; open the corresponding tag in the Endpoints section of this reference to call the operations.

Auth

Exchange an Org-API-Key for a short-lived member token.

Offers

List the cursor-paginated offer catalog with points pricing.

Redemptions

Create, read, and list redemptions across the lifecycle.

Eligibility

Read a member’s tier and wallet in one call.

Wallet

Read balances and the points ledger; credit points server-side.

Members

Set, read, and remove member profiles and tiers (server mode).

Analytics

Summary, per-offer, and time-series program analytics (server mode).

Conversations

List conversations and messages; send a member message.

Webhooks

Register, list, and delete webhook subscriptions (server mode).

See also

Environments

How sandbox and live are selected by the key, not the URL.

Server mode

The Org-API-Key surface and what stays on your backend.