Environments and Entry Points
SlaunchX separates public API behavior by chain and by portal entrypoint.
Request Paths
| Chain | Path prefix | Intended caller |
|---|---|---|
WEB | /web/v1/** | browser apps, portal frontends, authenticated operator flows |
API | /api/v1/** | backend systems using API keys |
Entry Point Rule
WEB requests are expected to arrive through a portal-aware entrypoint. In the deployed environments, Nginx injects X-PORTAL-ACCESS-CODE based on the subdomain mapping. Direct calls that skip the expected portal entrypoint can fail with 403.
Environment Notes
When validating an integration, confirm all of these together:
- the base host
- the expected portal
- the request chain
- the auth model
- the required headers
What Causes Confusion
The most common mistake is treating /web/v1/** as if it were a generic backend API. That usually fails because WEB requests may depend on:
- portal access code context
- JWT session state
X-Client-Hash- Secure Channel session state
See Web vs API Chain and Authentication Models before using direct clients such as curl or Postman.