Management & Configuration API
This section documents endpoints fintechs use to manage webhooks, IP allowlists, asset preferences, and API keys.Management & Configuration API — Endpoints Overview
| Section | Endpoint | Method | Description |
|---|---|---|---|
| Generate a new API key | /regenerateapikey | GET | Generate a new API key for your fintech account. |
| Configure Webhook URLs | /setwebhook | POST | Configure or update webhook URLs and settings for notifications. |
| Toggle Webhook Status | /togglewebhookstatus | POST | Enable or disable webhook delivery without changing URL or secret. |
| Retrieve Webhook Configuration | /getwebhook | GET | Retrieve the current webhook configuration and settings. |
| Manage IP Allowlist | /manageipallowlist | POST | Manage IP addresses allowed to access your API (list, add, remove, check). |
| Update User Asset Preferences | /updateonrampasset | POST | Update user onramp asset preferences, such as token to buy and token to swap to before request is finalized. |
| Auto-Signing of cNGN Onramp | /autosigning/config | GET | Get auto approval threshold assigned to fintech when buying cNGN. |
Generate a new API key
- Request (Regenerate Key)
- Response (Regenerate Key)
GET {{BASE_URL}}/regenerateapikey
{
"status": "Success",
"response_code": "00",
"message": "API key regenerated successfully",
"data": {
"apiKey": "key-xxxxxxxxxxxxxxxxx",
"rotatedAt": "2025-08-26T10:20:00.000Z"
}
}
Configure webhook URLs
- Request (Set Webhook)
- Body (Set Webhook)
- Response (Set Webhook)
POST {{BASE_URL}}/setwebhook
{
"webhookUrl": "https://your-domain.com/webhook",
"secret": "your_webhook_secret_key",
"enabled": true
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
webhookUrl | string | Yes | URL where webhook events will be sent |
secret | string | No | Secret key used to verify webhook signatures |
enabled | boolean | Yes | Enable or disable the webhook |
{
"status": "Success",
"response_code": "00",
"message": "Webhook configured successfully",
"data": {
"webhookUrl": "https://your-domain.com/webhook",
"enabled": true,
"hasSecret": true,
"urlValidated": true,
"updatedAt": "2025-08-26T11:00:00.000Z"
}
}
Toggle webhook status
- Request (Toggle Status)
- Body (Toggle Status)
- Response (Toggle Status)
POST {{BASE_URL}}/togglewebhookstatus
{
"enabled": true
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
enabled | boolean | Yes | Set to true to enable webhook delivery or false to disable it |
{
"status": "Success",
"response_code": "00",
"message": "Webhook activated successfully",
"data": {
"webhookUrl": "htt***com/webhook",
"enabled": true,
"updatedAt": "2026-06-23T12:00:00.000Z"
}
}
Retrieve webhook configuration
- Request (Get Webhook)
- Response (Get Webhook)
GET {{BASE_URL}}/getwebhook
{
"status": "Success",
"response_code": "00",
"message": "Webhook configuration retrieved successfully",
"data": {
"webhookUrl": "https://sgh***.ms/webhook",
"enabled": true,
"hasSecret": true,
"updatedAt": "2026-01-29T05:11:06.862Z"
}
}
Manage IP addresses allowed to access your API
Perform operations on your API IP allowlist: list, add, remove, or check IP addresses.- List IPs
- Add IP
- Remove IP (by index)
- Remove IP (by address)
- Check IP
Request
POST {{BASE_URL}}/manageipallowlist
Body
{
"action": "list"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
action | string | Yes | Operation: list |
Response
{
"status": "Success",
"response_code": "00",
"message": "IP allowlist operation completed",
"data": {
"action": "list",
"ipAddresses": [
{
"index": 0,
"ip": "203.0.***.***",
"description": "Office network"
},
{
"index": 1,
"ip": "192.168.***.***",
"description": "VPN endpoint"
}
],
"totalIps": 2
}
}
Request
POST {{BASE_URL}}/manageipallowlist
Body
{
"action": "add",
"ipAddress": "203.0.113.45",
"description": "Office network IP"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
action | string | Yes | Operation: add |
ipAddress | string | Yes | IP address to add to allowlist |
description | string | No | Optional note describing the IP |
Response
{
"status": "Success",
"response_code": "00",
"message": "IP allowlist operation completed",
"data": {
"action": "add",
"ipAddress": "203.0.***.***",
"totalIps": 4,
"message": "IP address added successfully. Changes will take effect within 30 seconds across all servers.",
"propagationTime": "30 seconds"
}
}
Request
POST {{BASE_URL}}/manageipallowlist
Body
{
"action": "remove",
"index": 1
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
action | string | Yes | Operation: remove |
index | number | Yes | Index of IP to remove (from list response) |
Response
{
"status": "Success",
"response_code": "00",
"message": "IP allowlist operation completed",
"data": {
"action": "remove",
"removed": "IP at index 1",
"totalIps": 2,
"message": "IP address removed successfully. Changes will take effect within 30 seconds across all servers.",
"propagationTime": "30 seconds"
}
}
Request
POST {{BASE_URL}}/manageipallowlist
Body
{
"action": "remove",
"ipAddress": "10.0.0.5"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
action | string | Yes | Operation: remove |
ipAddress | string | Yes | IP address to remove from allowlist |
Response
{
"status": "Success",
"response_code": "00",
"message": "IP allowlist operation completed",
"data": {
"action": "remove",
"removed": "203.0.***.***",
"totalIps": 2,
"message": "IP address removed successfully. Changes will take effect within 30 seconds across all servers.",
"propagationTime": "30 seconds"
}
}
Request
POST {{BASE_URL}}/manageipallowlist
Body
{
"action": "check"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
action | string | Yes | Operation: check |
Response
{
"status": "Success",
"response_code": "00",
"message": "IP allowlist operation completed",
"data": {
"action": "check",
"yourIp": "192.168.***.***",
"isAllowed": true,
"matchedRule": "192.168.***.***",
"totalConfiguredIps": 3,
"note": "Your IP is allowed. Cache refreshed on this server instance.",
"cacheInfo": {
"ttlSeconds": 30,
"propagationTime": "Changes propagate to other servers within 30 seconds",
"cacheRefreshed": true
}
}
}
Update user asset preferences
- Request (Assets)
- Body (Assets)
- Response (Assets)
POST {{BASE_URL}}/updateonrampasset
{
"userId": "user_hash",
"preferences": {
"defaultAsset": "USDC",
"autoSwap": true,
"slippageTolerance": "0.5"
}
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
userId | string | Yes | Unique identifier (hash/UUID) of the user |
preferences | object | No | User asset preferences |
preferences Object
| Field | Type | Required | Description |
|---|---|---|---|
defaultAsset | string | No | Asset symbol set as default for swaps or funding (e.g., USDC) |
autoSwap | boolean | No | Automatically swap deposited assets into defaultAsset |
slippageTolerance | string | No | Maximum allowable slippage for swaps (e.g., "0.5" for 0.5%) |
{
"status": "00",
"message": "Asset settings updated successfully",
"data": {
"requestId": "op_uuid",
"updatedAt": "2025-08-26T09:58:30.000Z",
"autoSwap": true
}
}
Auto-Signing of cNGN OnRamp
- Request (Auto-Signing)
- Response (Assets)
GET {{BASE_URL}}/autosigning/config
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
fintechId | string | Yes | Unique identifier (hash/UUID) of the fintech |
{
"status": "Success",
"response_code": "00",
"message": "Configuration retrieved successfully",
"data": {
"enabled": true,
"thresholdAmount": "***",
"currency": "CNGN",
"maxDailyAmount": "100000000",
"restrictToFintech": true
}
}