Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.winampay.de/llms.txt

Use this file to discover all available pages before exploring further.

API Key

All API requests must include the header: 
X-API-Key: <your_api_key>
Your API key is provided by Winam. Contact support@eins-innovativ.de to obtain one.
Never expose your API key in client-side code. Always call the API from your backend.

Unauthenticated endpoints

The only endpoint that does not require authentication is:
  • GET /health — infrastructure health check (used by load balancers)

401 error response

{
  "detail": "Invalid or missing API key."
}
In development mode (when SPORTSBOOK_API_KEY is empty), authentication is disabled — all requests are accepted. This is the default when running with docker-compose locally.

Webhook verification

Outbound webhooks (sent from winam-payments to your callback_url) are signed with a JWT RS256 token in the X-Winam-Signature header. See Webhooks for verification details.