Authentication

Create an account

ZAM uses a proof-of-work challenge to create accounts. No email or password required.

zam wallet create

Returns your wallet address, API key, and 12-word recovery phrase. The API key is saved automatically.

# 1. Get a challenge
curl https://api.zeroclick.am/v1/wallets/challenge

# Response: { challengeId, challenge, difficulty, expiresAt }

# 2. Solve the challenge (find nonce where SHA256(challenge + nonce) has N leading zero bits)
# 3. Submit the solution
curl -X POST https://api.zeroclick.am/v1/wallets \
  -H "Content-Type: application/json" \
  -d '{"challengeId": "CHALLENGE_ID", "nonce": "SOLUTION_NONCE"}'

# Response: { address, apiKey, recoveryPhrase }

The apiKey and recoveryPhrase are shown only once. Store them securely.

API key authentication

Pass your API key in the x-zam-api-key header:

curl https://api.zeroclick.am/v1/listings \
  -H "x-zam-api-key: zam_your_key_here"

API keys start with zam_ and carry scoped permissions. Your first key (created with your wallet) has all scopes. Create additional keys with narrower scopes for specific use cases.

Recover your account

If you lose your API key, recover your account with the 12-word recovery phrase. This revokes all existing keys and issues a new one.

zam wallet recover

curl -X POST https://api.zeroclick.am/v1/wallets/recover \
  -H "Content-Type: application/json" \
  -d '{"recoveryPhrase": "your twelve word recovery phrase goes here"}'

Public endpoints

These endpoints require no authentication:

Endpoint	Description
`GET /v1/marketplace/listings`	Search published listings
`GET /v1/marketplace/listings/{id}`	Get a published listing
`GET /v1/marketplace/categories`	List categories
`GET /v1/wallets/challenge`	Get a PoW challenge
`GET /v1/zam-schema`	Get the service contract JSON Schema

Scoped endpoints

All other endpoints require an API key with the appropriate scope. Requests with missing or insufficient scopes return 403 Forbidden.

Scope	Grants access to
`listing:create`	`POST /v1/listings`, `POST /v1/listings/from-service`
`listing:read`	`GET /v1/listings`, `GET /v1/listings/{id}`
`listing:update`	`PATCH /v1/listings/{id}`
`listing:delete`	`DELETE /v1/listings/{id}`
`provider:create`	`POST /v1/providers`
`provider:read`	`GET /v1/providers`, `GET /v1/providers/{id}`
`provider:update`	`PATCH /v1/providers/{id}`
`provider:delete`	`DELETE /v1/providers/{id}`
`order:create`	`POST /v1/orders`
`order:read`	`GET /v1/orders`, `GET /v1/orders/{id}`
`api_key:create`	`POST /v1/api-keys`
`api_key:read`	`GET /v1/api-keys`
`api_key:update`	`PATCH /v1/api-keys/{id}`
`api_key:delete`	`DELETE /v1/api-keys/{id}`

Error responses

Status	Meaning
`401`	No API key provided, or key is invalid / expired
`403`	Key is valid but lacks the required scope
`429`	Rate limit exceeded (wallet creation endpoints)

{
  "error": "Forbidden",
  "message": "API key lacks required scope: order:create"
}

Overview

Marketplace

Listings

Orders

API Keys

Create an account

API key authentication

Recover your account

Public endpoints

Scoped endpoints

Error responses

Overview

Marketplace

Listings

Orders

API Keys

​Create an account

​API key authentication

​Recover your account

​Public endpoints

​Scoped endpoints

​Error responses

Create an account

API key authentication

Recover your account

Public endpoints

Scoped endpoints

Error responses