Creating an API Key and Whitelisting IP Addresses
The first step is to create an API Key and attach IP addresses. See this page for instructions
SDK Instructions
To invoke the web SDK for crypto buy/sell, crypto withdrawals, fiat deposit/withdraw, profile and fund, you must request a temporary access token. This should be done in advance of rendering the relevant page. You can obtain an access token by making requests to POST /client_auth_token.
Generating an access token must be initiated on the server side. You must provide a <participant_code> query parameter for the customer who will enter the transaction. This enables Zero Hash to uniquely identify participants and create a tie between our system and yours.
All API requests are authenticated using your signed API key. To learn more, you can read our API Authentication docs and follow our step-by-step guide below to configure your system to be able to make requests to Zero Hash endpoints.
Request body:
| Parameter | Description | Type |
|---|---|---|
| participant_code | Required. The unique identifier of the Zero Hash participant | string |
| permissions | Required. The experience you are invoking. - crypto-buy - crypto-sell - crypto-withdrawals - fiat-deposits - fiat-withdrawals - participant-profile - fwc | list |
Request body example:
{
"participant_code": "<PARTICIPANT_CODE_HERE>",
"permissions": [
"crypto-buy",
"crypto-sell",
"crypto-withdrawals",
"fiat-deposits",
"fiat-withdrawals",
"participant-profile",
"fwc"
]
}
Additional fields in response:
| Parameter | Description | Type |
|---|---|---|
| token | The token needed to instantiate the SDK | string |
Response example:
{
"message": {
"token": "<JWT_TOKEN_RESPONSE>"
}
}