Skip to main content
POST
/
api
/
validate
Validate a transaction (action-based)
curl --request POST \
  --url https://app.mandate.md/api/validate \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "action": "transfer",
  "amount": "50",
  "to": "0x71C7656EC7ab88b098defB751B7401B5f6d8976F",
  "token": "USDC",
  "reason": "Invoice #127 from Alice for March design work"
}
'
{
  "allowed": true,
  "intentId": "9e5f1a2b-3c4d-5e6f-7a8b-9c0d1e2f3a4b",
  "action": "transfer",
  "chain": "84532",
  "requiresApproval": false
}

Authorizations

Authorization
string
header
required

Runtime key issued at agent registration. Prefixed with mndt_live_ (mainnet) or mndt_test_ (testnet). Pass as Authorization: Bearer mndt_test_....

Body

application/json
action
string
required

What the agent is doing: "transfer", "swap", "buy", "bridge", "stake", "bet", etc. Free text.

Maximum string length: 100
reason
string
required

Why the agent is making this transaction. Scanned for prompt injection. Logged in audit trail. Shown to owner on approval requests.

Maximum string length: 1000
amount
string

USD value of the transaction (assumes stablecoins). Checked against spend limits.

to
string

Recipient address. Checked against allowlist if configured.

token
string

Token symbol or address (e.g. "USDC", "ETH").

Maximum string length: 20
chain
string

Chain identifier (e.g. "base", "ethereum", "84532").

Maximum string length: 32

Response

Transaction allowed. Proceed with your wallet.

allowed
enum<boolean>
required
Available options:
true
intentId
string<uuid>
required

Unique intent identifier for this validation.

action
string
required

Echoed action field.

requiresApproval
enum<boolean>
required
Available options:
false
chain
string | null

Chain ID or identifier.