📝Step 1 - User Account Creation

In this step, the Client will be able to create an account with a login and verify the ownership of the information (telephone number) he has provided through OTP.

1 - As on any other application, the Client will have to create an account.

post

Authorizations

Body

phoneNumberstringOptional

emailstringOptional

passwordstringOptional

rolesstring[]Optional

Responses

200

OK

*/*

post

HTTPcURLJavaScriptPython

POST /v1/user/sign-up HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 72

{
  "phoneNumber": "text",
  "email": "text",
  "password": "text",
  "roles": [
    "text"
  ]
}

200

OK

{
  "success": true,
  "data": {
    "userId": "text",
    "phoneNumber": "text",
    "name": "text",
    "surname": "text",
    "accounts": [
      {
        "accountId": "text",
        "email": "text",
        "subAccountId": "text",
        "subAccountEmail": "text",
        "encryptionKey": "text",
        "creationTs": "2025-06-01T17:57:26.148Z",
        "portfolios": [
          {
            "portfolioId": "text",
            "name": "text",
            "accountId": "text",
            "creationTs": "2025-06-01T17:57:26.148Z",
            "publicStrategy": true,
            "portfolioAccountType": "TRADING"
          }
        ],
        "additionalInfo": {
          "ANY_ADDITIONAL_PROPERTY": "text"
        },
        "active": true,
        "tradingPortfolioId": "text"
      }
    ],
    "kycIds": [
      "text"
    ],
    "documentIds": [
      "text"
    ],
    "address": {
      "ANY_ADDITIONAL_PROPERTY": "text"
    },
    "info": {
      "ANY_ADDITIONAL_PROPERTY": "text"
    },
    "email": "text",
    "userAccountStatus": "text"
  },
  "errorCode": 1,
  "errorMessage": "text"
}

OAuth: client_auth

2 - The client will then be able to login using his e-mail and password:

Client can login to the application

POST

Path Parameters

Name	Type	Description
"username":*	"string"	Client ads his username
"password"*	"string"	Client ads the password he chose in the previous step.

200: OK

{
  "success": true,
  "data": {},
  "errorCode": 0,
  "errorMessage": "string"
}

OAuth: client_auth

3 - The client then need to respond to an OTP challenge, i.e he will receive a text message which includes a 4 digit number that he will need to pasted into the Mobile App:

post

Authorizations

Body

sessionIdstringOptional

usernamestringOptional

challengeTypestringOptional

codestringOptional

Responses

200

OK

*/*

post

HTTPcURLJavaScriptPython

POST /v1/user/otp HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 75

{
  "sessionId": "text",
  "username": "text",
  "challengeType": "text",
  "code": "text"
}

200

OK

{
  "success": true,
  "data": {},
  "errorCode": 1,
  "errorMessage": "text"
}

Responding to the OTP challenge correctly, will allow the user to receive an access token to access features (deposit, withdraw, convert).

OAuth: user_auth

If this is not the case, it will be possible to refresh the OPT token using:

post

Authorizations

Body

usernamestringOptional

refreshTokenstringOptional

Responses

200

OK

*/*

post

HTTPcURLJavaScriptPython

POST /v1/user/refresh HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 41

{
  "username": "text",
  "refreshToken": "text"
}

200

OK

{
  "success": true,
  "data": {},
  "errorCode": 1,
  "errorMessage": "text"
}

4 - If the User loses his password, it is possible to generate a new one using:

put

Authorizations

Body

sessionIdstringOptional

usernamestringOptional

challengeTypestringOptional

passwordstringOptional

passwordConfirmstringOptional

Responses

200

OK

*/*

put

HTTPcURLJavaScriptPython

PUT /v1/user/change-password HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 104

{
  "sessionId": "text",
  "username": "text",
  "challengeType": "text",
  "password": "text",
  "passwordConfirm": "text"
}

200

OK

{
  "success": true,
  "data": {
    "data": {}
  },
  "errorCode": 1,
  "errorMessage": "text"
}

To validate the change of the password, the User will receive a new OTP challenge in the form as describe in point 3 above.

You can add this OTP challenge using:

get

Authorizations

Query parameters

emailstringRequired

Responses

200

OK

*/*

get

HTTPcURLJavaScriptPython

GET /v1/user/forget-password?email=text HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

200

OK

{
  "success": true,
  "data": {
    "sdkResponseMetadata": {
      "requestId": "text"
    },
    "sdkHttpMetadata": {
      "httpHeaders": {
        "ANY_ADDITIONAL_PROPERTY": "text"
      },
      "httpStatusCode": 1,
      "allHttpHeaders": {
        "ANY_ADDITIONAL_PROPERTY": [
          "text"
        ]
      }
    },
    "codeDeliveryDetails": {
      "destination": "text",
      "deliveryMedium": "text",
      "attributeName": "text"
    }
  },
  "errorCode": 1,
  "errorMessage": "text"
}

5 - Once the KYC process as been completed and validated for a retail client (as described in step 2 below), the account will be validated and it will be possible to generate a Portfolio Id using:

post

Authorizations

Body

accountIdstringOptional

namestringOptional

portfolioIdstringOptional

portfolioAccountTypestring · enumOptionalPossible values:

Responses

200

OK

*/*

post

HTTPcURLJavaScriptPython

POST /v1/account/portfolio HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 88

{
  "accountId": "text",
  "name": "text",
  "portfolioId": "text",
  "portfolioAccountType": "TRADING"
}

200

OK

{
  "success": true,
  "data": {
    "accountId": "text",
    "email": "text",
    "subAccountId": "text",
    "subAccountEmail": "text",
    "encryptionKey": "text",
    "creationTs": "2025-06-01T17:57:26.148Z",
    "portfolios": [
      {
        "portfolioId": "text",
        "name": "text",
        "accountId": "text",
        "creationTs": "2025-06-01T17:57:26.148Z",
        "publicStrategy": true,
        "portfolioAccountType": "TRADING"
      }
    ],
    "additionalInfo": {
      "ANY_ADDITIONAL_PROPERTY": "text"
    },
    "active": true,
    "tradingPortfolioId": "text"
  },
  "errorCode": 1,
  "errorMessage": "text"
}

OAuth: client_auth

A portfolio Id is linked to a blockchain public address and several Portfolio Id can be generated for a same Account Id.

6 - Please note that you will also be able to create manually an AccountId using:

post

Authorizations

Body

userIdstringOptional

accountIdstringOptional

emailstringOptional

Responses

200

OK

*/*

post

HTTPcURLJavaScriptPython

POST /v1/account HTTP/1.1
Host: 
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 51

{
  "userId": "text",
  "accountId": "text",
  "email": "text"
}

200

OK

{
  "success": true,
  "data": {
    "accountId": "text",
    "email": "text",
    "subAccountId": "text",
    "subAccountEmail": "text",
    "encryptionKey": "text",
    "creationTs": "2025-06-01T17:57:26.148Z",
    "portfolios": [
      {
        "portfolioId": "text",
        "name": "text",
        "accountId": "text",
        "creationTs": "2025-06-01T17:57:26.148Z",
        "publicStrategy": true,
        "portfolioAccountType": "TRADING"
      }
    ],
    "additionalInfo": {
      "ANY_ADDITIONAL_PROPERTY": "text"
    },
    "active": true,
    "tradingPortfolioId": "text"
  },
  "errorCode": 1,
  "errorMessage": "text"
}

OAuth: client_auth

The PortfolioId will only be generated once the User has completed the KYC process (as described in Step 2).