Acquire Access Token

Creating an API Key and Whitelisting IP Addresses

The first step is to create an API Key and attach IP addresses. See this page for instructions

SDK Instructions

To invoke the web SDK for crypto buy/sell, crypto withdrawals, fiat deposit/withdraw, profile and fund, you must request a temporary access token. This should be done in advance of rendering the relevant page. You can obtain an access token by making requests to POST /client_auth_token. Please note that each token expires 1 hour after it's generated.

Generating an access token must be initiated on the server side. You must provide a <participant_code> query parameter for the customer who will enter the transaction. This enables Zero Hash to uniquely identify participants and create a tie between our system and yours.

All API requests are authenticated using your signed API key. To learn more, you can read our API Authentication docs and follow our step-by-step guide below to configure your system to be able to make requests to Zero Hash endpoints.

🔐

REST API Authentication

Open Recipe

Request body:

Parameter	Description	Type
participant_code	Required. The unique identifier of the Zero Hash participant.	string
permissions	Required. The experience you are invoking. - `crypto-buy` - `crypto-sell` - `crypto-withdrawals` - `fiat-deposits` - `fiat-withdrawals` - `fwc` - `onboarding` - `participant-profile` - `update-participant`	list
custom_fees_and_spreads	Optional. Use this parameter to customize the fee and spread per JWT instantiation. Within this object, we have two other objects: `crypto_buy` and `crypto_sell`. - `fees.name` is a free form string field - `fees.amount` (when `type`=bps) must be an integer number (ie, 300) - `spread_bps` must be an integer number (ie, 300) - `fees.amount` (when `type`=notional) must be a number, but can be a decimal number (ie, 3.25)	object

Request body example:

{
    "participant_code": "<PARTICIPANT_CODE_HERE>",
    "permissions": [
        "crypto-buy",
        "crypto-sell",
        "crypto-withdrawals",
        "fiat-deposits",
        "fiat-withdrawals",
        "participant-profile",
        "fwc"
    ]
}

Request body example with custom_fees_and_spreads parameter:

{
    "participant_code": "<PARTICIPANT_CODE_HERE>",
    "permissions": [
        "crypto-buy",
        "crypto-sell",
        "crypto-withdrawals",
        "fiat-deposits",
        "fiat-withdrawals",
        "participant-profile",
        "fwc"
    ],
    "custom_fees_and_spreads": {
        "crypto_buy": {
            "fees": [
              {
                "name": "test_fee_1",
                "amount": "200",
                "type": "bps"
              }
            ],
            "spread_bps": "200",
        },
        "crypto_sell": {
            "fees": [
              {
                "name": "test_fee_2",
                "amount": "200",
                "type": "bps"
              }
            ],
            "spread_bps": "200",
        },
    }
}

Additional fields in response:

Parameter	Description	Type
token	The token needed to instantiate the SDK	string

Response example:

{
  "message": {
      "token": "<JWT_TOKEN_RESPONSE>"
    }
}