API Reference

v1.0.2 Stable

Xyno API

Integrate reliable unlocking and flashing capabilities directly into your applications. Built for high-volume enterprise usage with 99.9% uptime.

BASE_URL https://api.xynocompany.com/v1

Authentication

All API requests must be authenticated using the x-api-key header. You can generate and manage your API keys from your dashboard settings.

GET

/public/app/info

Retrieves the current operational status of all services, latest news, and pricing configuration. This endpoint is public and does not require authentication.

Query Parameters

No parameters required.

JSON Response 200 OK

{
  "success": true,
  "data": {
    "services": [
      {
        "service_name": "XIAOMI QUALCOMM",
        "price": 6,
        "status": 1
      }
    ]
  }
}

POST

/service/request

Submit a new job to the processing queue. This is the primary endpoint for all unlocking and flashing operations.

Body Parameters

username Your registered account username.
password Your account password (MD5 recommended).
serviceid Integer ID corresponding to the desired service.
configblob The device token or data blob.

cURL Request

curl -X POST https://api.xynocompany.com/v1/service/request \
  -H "x-api-key: YOUR_API_KEY" \
  -d "username=user123" \
  -d "password=pass123" \
  -d "serviceid=1" \
  -d "configblob=..."

Response (Success) 200 OK

{
  "success": true,
  "message": "Signature Key Auth HEX256..."
}

Service IDs

ID	Service Name	Category
1	Xiaomi Qualcomm Flash	Auth
2	Xiaomi FRP Unlock	Auth
3	Xiaomi Bootloader Unlock	Auth
4	Xiaomi FB to EDL	Auth
5	Xiaomi MTK V5	Auth
6	Xiaomi MTK V6 (Legacy)	Auth
7	Xiaomi MTK V5 (New Security)	Auth
8	Xiaomi MTK V6 (New Security)	Auth

Config Blob Guidelines

Detailed formatting requirements for the `configblob` parameter by Service ID.

Service ID 1 (Qualcomm Flash)

RAW STRING

Direct token string. No JSON wrapping required.

AQAAAG0BAADvKry0kyW-pkHoY2JA1qTwycooRg

Service ID 2 (FRP)

BASE64 JSON

JSON object containing `productName`, `deviceName`, and `token`, then Base64 encoded.

1. Construct JSON

{
  "productName": "XIAOMI GLOBAL",
  "deviceName": "ruby_lm_ms_global", 
  "token": "PVQECNgEQ..." 
}

2. Encode to Base64 (Send this)

eyJwcm9kdWN0TmFtZSIgOiAiWElBT01JIEdMT0JBTCIsImRldmljZU5hbWUiIDogInJ1YnlfbG1fbXNfZ2xvYmFsIiwgInRva2VuIiA6ICJQVlFFQ05nRVFNREV6TW1JNFlURTNZalkzWXpOaVl3SWN1cjYxN1lQT0YvWjA4ZE1kSWRLMUkyOU0rQUZVQm1ickFsNm1Gd01FY25WaWVRPT0iIH0=

Service ID 3 & 4 (Bootloader / EDL)

BASE64 JSON

1. Construct JSON

{"productName":"alioth", "token":"VQEBIAEQ..."}

2. Encode to Base64 Base64EncodedString==

Service ID 5 & 6 (MTK Legacy)

RAW STRING

Direct token string.

AgAAAAE0AiAAvJSQamrqrsAopTERugMQnpPBX0cwC3sUI6laqQ8kaQ==

Service ID 7 & 8 (MTK New Security)

BASE64 JSON

JSON object containing `Platformname`, `ProjectName`, and `Token`.

1. Construct JSON

{
  "Platformname": "MT6811",
  "ProjectName": "klimt", 
  "Token": "AgAAAAE0Ai..." 
}

2. Encode to Base64

eyJQbGF0Zm9ybW5hbWUiOiJNVDY4MTEiLCJQcm9qZWN0TmFtZSI6ImtsaW10IiwiVG9rZW4iOiJBZ0FBQUFFMEFpQUF2SlNRYW1ycXJzQW9wVEVSdWdNUW5wUEJYMGN3QzNzVUk2bGFxUThrYVE9PSJ9

Getting Started

Endpoints

Reference

Xyno API

Authentication

/public/app/info

Query Parameters

/service/request

Body Parameters

Service IDs

Config Blob Guidelines

Service ID 1 (Qualcomm Flash)

Service ID 2 (FRP)

Service ID 3 & 4 (Bootloader / EDL)

Service ID 5 & 6 (MTK Legacy)

Service ID 7 & 8 (MTK New Security)