API docs by Redocly

Monerium EMI API (1.1.1)

Download OpenAPI specification:Download

Monerium: [email protected] URL: https://monerium.com License: Apache 2.0 Terms of Service

Electronic Money Issuer API

Welcome

Returns a welcome message with a link to documentation and socials.

Responses

Response samples

Content type
application/json
{}

Authorization flow

See POST /auth for details.

Request samples 

curl --user '[email protected]:Passw0rd!' \
'https://api.monerium.dev/auth?&client_id=a08bfa22-e6d6-11ed-891c-2ea11c960b3f&code_challenge=9Y__uhKapn7GO_ElcaQpd8C3hdOyqTzAU4VXyR2iEV0'

Authorization flow

This endpoint issues a Temporary Redirect (HTTP 307) to the PKCE flow also known as the Monerium onboarding screen.

Getting started

Before onboarding users via your application, you must register your application with Monerium. Then, use the Authorization Code Flow client_id and the other parameters detailed below to redirect users to the Monerium onboarding screen.

At the Monerium onboarding screen, users will be prompted to log into their Monerium account or create a new one if necessary. Post-login and KYC verification, users are required to link an address to their profile to obtain their initial IBAN account number. They must also grant your application permission to access their data.

Upon authorization, users will be redirected back to your application, as specified by the redirect_uri parameter, along with an authorization code in the query parameters.

This authorization code is then used to request an access token via the token endpoint.

Automated Wallet Address Linking

For users who have previously linked their wallets to your application, you can facilitate their Monerium account onboarding by requesting a signature ahead of time. To ensure their wallet is linked automatically during the onboarding process, append the address, chain, and signature parameters to your API request.

The signature hash is produced by the user signing this message with their address's private key:

I hereby declare that I am the address owner.

Automated Multi-Signature Wallet Address Linking

For automating multi-signature wallet linking, first initiate a manual signature process within your application. Then, with the signing completed, set the signature parameter to 0x when calling this endpoint.

Users may need to refresh the page after the signing process to proceed with onboarding.

Additional material:

query Parameters
client_id
required
string
Example: client_id=a08bfa22-e6d6-11ed-891c-2ea11c960b3f

The Authentication Code Flow client ID received when registering an application with Monerium.

code_challenge
required
string
Example: code_challenge=9YasuhKapn7GO1ElcaQpd8C3hdOyqTzAU4VXyR2iEV0

Generated challenge from the code_verifier. You must use the same code_verifier when requesting an access token.

Read more about code challenges for PKCE

code_challenge_method
string
Default: "plain"
Enum: "plain" "S256"
Example: code_challenge_method=S256

Method used to generate the challenge (e.g., S256).

The PKCE spec defines two methods, S256 and plain, the latter is discouraged.

response_type
string
Default: "code"

The kind of credential that will be returned. Only code is supported.

state
string

Recommended. The state parameter will be included when redirecting back to your application. It can be used to store request-specific data and/or prevent CSRF attacks.

redirect_uri
string
Example: redirect_uri=http://localhost:3000/monerium

The URL to which will redirect the browser after authorization has been granted by the user.

Required if there are more then one redirect URL's registered.
If present, must match one of the registered redirect URLs exactly.

The Authorization Code will be available in the code URL parameter, like so: https://your-app.com/monerium?code=AUTHORIZATION_CODE

Only URLs with the HTTPS-scheme are supported with the exception of http://localhost.

address
string
Example: address=0x59cFC408d310697f9D3598e1BE75B0157a072407

The public key of the blockchain account.

signature
string
Example: signature=0x81c7a247d0fc6746167462e576412c85b35e887250816a134fac09b5aaf79cc30832ef32f661b76614ffb6ae34d98186c404a30a4e2d24b81bcf4a7a6abf4b9b1b

A predetermined message that must be signed using the private key corresponding to the specified address.

I hereby declare that I am the address owner..

For multi-signature addresses, use "0x" instead of a hash.

Gnosis (string) or Polygon (string) or Ethereum (string)

Enum: "gnosis" "polygon" "ethereum"
Name of the blockchain

Request Body schema: application/x-www-form-urlencoded
One of
client_id
required
string
code_challenge
required
string
code_challenge_method
string
Value: "S256"
state
string

Responses

Request samples 

curl -i --user '[email protected]:Passw0rd!' 'https://api.monerium.dev/auth' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'code_challenge=9Y__uhKapn7GO_ElcaQpd8C3hdOyqTzAU4VXyR2iEV0' \
--data-urlencode 'client_id=a08bfa22-e6d6-11ed-891c-2ea11c960b3f'
--data-urlencode 'code_challenge_method=S256'

Get access token

Obtain an access token using one of the three main methods provided by this endpoint:

1. Authorization code

If your application has acquired an authorization code through the PKCE authorization flow and has been granted permission to access the user's data, you can use this authorization code to obtain an access_token using grant_type=authorization_code.

2. Refresh token

Access tokens are short-lived. To maintain access to resources, refresh them upon expiration using grant_type=refresh_token.

3. Client credentials

Request an access_token by using a combination of the Client Credentials client_id and client_secret with grant_type=client_credentials. This method directly authenticates your application for access without user intervention.

query Parameters
grant_type
required
string
Enum: "authorization_code" "refresh_token" "client_credentials"
Examples:
  • grant_type=authorization_code - Used to fetch access token with the authorization code received from authorization flow.
  • grant_type=client_credentials - Used to fetch access token with client credentials.
  • grant_type=refresh_token - Used to fetch a new access token when a previous one has expired.

Grant type, either authorization code for authentication flow, client credentials or refresh token

client_id
required
string
Example: client_id=89cb7d52-3804-11ed-b051-bac9bf26c37c

The client ID of your application. There are two separate client Ids. One for Authorization Flow and another for Client Credentials.

client_secret
string

Required if grant_type=client_credentials.

Read more: Client Credentials.

code
string
Example: code=BvTYQprmQzKt8YSn3xsTWQ

Required if grant_type=authorization_code.
The authorization code that was acquired from partner flow.

code_verifier
string
Example: code_verifier=KO2yF8CUSxU8KJepixDmXdiCOFTMMZFLDmVjNd4J2VhbFUSSgU1lXl0aYyWYK8hIZIEH9bEBDeJ78CIuNoeOIcZOybzzqFlIGedtclJ7ZTKF6GmRBZ4fdMvg6OXnf2dl

Required if code=authorization_code.
The randomized string that was used to create the code_challenge when a customer/user enters the partner authorization flow.

Read more about code challenges for PKCE

redirect_uri
string
Example: redirect_uri=http://localhost:3000/monerium

Required if code=authorization_code.
The same redirect_uri that was used to acquire the authorization_code.

refresh_token
string

Required if grant_type=refresh_token.
The refresh token acquired from calling this endpoint with grant_type=authorization_code

Request Body schema: application/x-www-form-urlencoded
One of
client_id
required
string

Authorization flow client_id

grant_type
required
string
Value: "authorization_code"
code
required
string
code_verifier
required
string
redirect_uri
required
string

Responses

Request samples 

curl --location --request POST 'https://api.monerium.dev/auth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id=a08bfa22-e6d6-11ed-891c-2ea11c960b3f' \
--data-urlencode 'code=BvTYQprmQzKt8YSn3xsTWQ' \
--data-urlencode 'code_verifier=KO2yF8CUSxU8KJepixDmXdiCOFTMMZFLDmVjNd4J2VhbFUSSgU1lXl0aYyWYK8hIZIEH9bEBDeJ78CIuNoeOIcZOybzzqFlIGedtclJ7ZTKF6GmRBZ4fdMvg6OXnf2dl' \
--data-urlencode 'redirect_uri=http://localhost:3000'

Response samples

Content type
application/json
{
  • "access_token": "EoWmpc2uSZar6h2bKgh",
  • "expires_in": 3600,
  • "refresh_token": "cowYzCowQxGPUl4p15iwKA",
  • "token_type": "Bearer"
}

Get auth context

The authentication context provides details about the currently authenticated user, including the method of authentication, their roles, and information on the profiles they are authorized to access.

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/auth/context

Response samples

Content type
application/json
{
  • "userId": "4f079f02-6d26-11eb-9bc8-acde48001122",
  • "email": "[email protected]",
  • "name": "[email protected]",
  • "roles": [ ],
  • "auth": {},
  • "defaultProfile": "4f079ef8-6d26-11eb-9bc8-acde48001122",
  • "profiles": [
    ]
}

Get profiles

Retrieves summaries for all profiles, each summary providing details about the profile, including its type and the permissions the authenticated user holds over these profiles.

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/profiles

Response samples

Content type
application/json
[
  • {
    }
]

Get profile

Retrieves details about a single profile.

path Parameters
profileId
required
string

The ID of the profile

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/profiles/30f730fd-e51f-11ed-9e13-cacb9390199c

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "kyc": {
    },
  • "accounts": [
    ]
}

Get balances

Retrieves the balance for each account within a profile, where each account corresponds to a specific token on a given chain.

path Parameters
profileId
required
string

The ID of the profile

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/profiles/30f730fd-e51f-11ed-9e13-cacb9390199c/balances

Response samples

Content type
application/json
[
  • {
    },
  • {
    }
]

Add address to profile.

Link a blockchain wallet to your profile and establish accounts for Monerium tokens.

Linking a multi-signature wallet.

Beforehand, initiate a manual signature process within your application. Then, with the signing completed, set the signature parameter to 0x when calling this endpoint. chain and network are required for multi-signature wallets to verify that the message has been signed on-chain.

path Parameters
profileId
required
string

The ID of the profile

Request Body schema: application/json
One of
address
required
string

The blockchain address of the connecting wallet.

signature
required
string (Signature)

The signature hash of signing the message with the private key associated with the given address.

message
required
string

Fixed message to be signed with the private key corresponding to the given address.

I hereby declare that I am the address owner.

Array of objects

Choose which accounts should be visible by default in the Monerium UI.

How to activate EUR on Ethereum mainnet and USD on Polygon mainnet:
[{"currency":"eur","chain":"ethereum","network":"mainnet"},{"currency":"usd","chain":"polygon","network":"mainnet"}]

Responses

Request samples

Content type
application/json
Example
{
  • "address": "0x87B99DAc6191B8118eC2f16218B66b63ef828AA2",
  • "signature": "0x81c7a247d0fc6746167462e576412c85b35e887250816a134fac09b5aaf79cc30832ef32f661b76614ffb6ae34d98186c404a30a4e2d24b81bcf4a7a6abf4b9b1b",
  • "message": "I hereby declare that I am the address owner.",
  • "accounts": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "kyc": {
    },
  • "accounts": [
    ]
}

Get all orders

Retrieves all orders accessible by the authenticated user. Query parameters can be used to filter and sort the result.

query Parameters
address
string
Example: address=0x798728D5410aB4FB49d2C277A49baC5048aB43ca

Get all orders belonging to a specific blockchain address.

txHash
string
Example: txHash=0x692ff12125b71c167b3ea90bddb3b28edd60941851cb0cdd852cc3b6d79311cd

The blockchains transaction hash.

profile
string
Example: profile=123e4567-e89b-12d3-a456-426614174000

The Profile ID which the order belongs to.

memo
string (Reference) [ 5 .. 140 ] characters
Example: memo=Powered by Monerium

UTF-8 Payment reference / memo. Can be used as filter parameters when querying orders.

accountId
string
Example: accountId=250f6033-6e3a-11ec-a9df-9e3073e62359

Get all orders that belong to a specific emoney account UUID.

state
string
Enum: "placed" "pending" "processed" "rejected"

Get all orders in a particular state

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/orders

Response samples

Content type
application/json
[
  • {
    }
]

Place order

Initiating a payment to an external SEPA account involves submitting a redeem order with a payload that specifies the amount, currency, and the beneficiary (counterpart). To comply with security requirements, all SEPA payments demand strong customer authentication (SCA). This means users must verify their identity by providing two out of three possible authentication factors:

Knowledge: Something only the user knows, such as a password or PIN code.

Possession: Something only the user possesses, for example, a mobile phone.

Inherence: An attribute of the user, like a fingerprint or voice recognition.

For authorization, the process requires a signature generated from a private key (indicating possession) along with a password (indicating knowledge). The request payload must include this signature, the message, and the address linked to the private key used for signing.

query Parameters
automate
boolean
Default: true
Request Body schema: application/json
One of
accountId
required
string

UUID Identifier of the Monerium account to be redeem from.

kind
required
string
Value: "redeem"

Identifier specifying the nature of the order.

Redeem order is when tokens are burned on blockchain and sent to bank.

amount
required
string

The quantity of money sent. Must be non-negative.

signature
required
string (Signature)

The signature hash of signing the message with the private key associated with the given address.

required
object (Counterpart)

Information regarding the receiving party.

message
required
string

The message is composed as such:

Send <CURRENCY> <AMOUNT> to <IBAN> at <TIMESTAMP>

Note that the timestamp should be formatted as RFC3339 (2022-07-12T12:02:49Z) and be accurate to the minute.

In case of Cross-chain transaction, where counterpart.identifier.standard is set as chain, use the following message format:

Send <CURRENCY> <AMOUNT> to <ADDRESS> on <CHAIN> at <TIMESTAMP>

Example: Send EUR 1 to 0x4B4c34f35b0Bb9Af56418FAdD4677ce45ADF7760 on ethereum at 2022-07-12T12:02:49Z

memo
string (Reference) [ 5 .. 140 ] characters

UTF-8 Payment reference / memo. Can be used as filter parameters when querying orders.

supportingDocumentId
string

File UUID, Required for redeem orders with amount greater or equal to €15,000. See adding supporting document for more details.

Responses

Request samples

Content type
application/json
Example
{
  • "accountId": "250f6033-6e3a-11ec-a9df-9e3073e62359",
  • "kind": "redeem",
  • "amount": "1000",
  • "signature": "0x81c7a247d0fc6746167462e576412c85b35e887250816a134fac09b5aaf79cc30832ef32f661b76614ffb6ae34d98186c404a30a4e2d24b81bcf4a7a6abf4b9b1b",
  • "counterpart": {
    },
  • "message": "Send EUR 1000 to GL6781554677225133 at 2022-07-12T12:02:49:10Z",
  • "memo": "Powered by Monerium"
}

Response samples

Content type
application/json
{
  • "id": "8c0fd7b1-01da-11ed-89c1-52c47a86c354",
  • "profile": "312c5cc4-4b06-11ed-a6cf-bac9bf26c37c",
  • "accountId": "250f6033-6e3a-11ec-a9df-9e3073e62359",
  • "address": "0x798728D5410aB4FB49d2C277A49baC5048aB43ca",
  • "kind": "redeem",
  • "amount": "999",
  • "currency": "eur",
  • "totalFee": "1",
  • "fees": [ ],
  • "counterpart": {
    },
  • "memo": "Powered by Monerium",
  • "rejectedReason": null,
  • "supportingDocumentId": "3ebc51a8-044f-11ed-8b1f-4a76448b7b21",
  • "meta": {
    }
}

Add supporting document to order

Attaching a supporting document for payouts (redeem orders) above 15,000 EUR is required. Supporting documents can be an invoice or an agreement.

  1. Upload (POST) the file/document to this endpoint.
  2. Use the file ID as the supportingDocumentId when you place a redeem order.
Read more about how to place an order.
Request Body schema: multipart/form-data
file
required
string (file)

Path to the file.

Maximum length filename: 100
Maximum size: 5 MB
Allowed file types: PDF

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' --form file='@doc.pdf' https://api.monerium.dev/files

Response samples

Content type
application/json
{
  • "id": "3ebc51a8-044f-11ed-8b1f-4a76448b7b21",
  • "name": "doc.pdf",
  • "type": "application/pdf",
  • "size": 595101,
  • "hash": "f2d8e62b44c59079536910eeb595f91833874a44aafc42c73c80588d91e7796b",
  • "meta": {
    }
}

Orders notifications

API consumers have the option to subscribe to a WebSocket for real-time order notifications. This WebSocket complies with the standard WebSocket Protocol, allowing the use of standard WebSocket libraries for subscription.

The WebSocket emits the same order object three times, corresponding to three distinct state changes:

1. Placed: The initial state of the order.

2. Pending: This state indicates that money has been received for issue orders, or tokens have been burnt for redeem orders.

3. Processed: The final state, signifying the completion of the order process.

Example:

$ npm install -g wscat

$ wscat --auth <email>:<password> -c wss://api.monerium.dev/orders?state=processed

query Parameters
state
string
Enum: "placed" "pending" "processed" "rejected"

Emits all orders in a specific state.

profile
string
Example: profile=6ca4f5a2-f6c9-11ec-81c1-62a51ab3b761

Emit all orders that belong to a specific profile UUID.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get single order

Retrieve the details of an existing order. Supply the unique order ID from either an order creation or the order list, and Monerium will return the corresponding order information

path Parameters
orderId
required
string

The ID of the order

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/orders/b48f7ca4-e51f-11ed-9e13-cacb9390199c

Response samples

Content type
application/json
{
  • "id": "8c0fd7b1-01da-11ed-89c1-52c47a86c354",
  • "profile": "312c5cc4-4b06-11ed-a6cf-bac9bf26c37c",
  • "accountId": "250f6033-6e3a-11ec-a9df-9e3073e62359",
  • "address": "0x798728D5410aB4FB49d2C277A49baC5048aB43ca",
  • "kind": "redeem",
  • "amount": "999",
  • "currency": "eur",
  • "totalFee": "1",
  • "fees": [ ],
  • "counterpart": {
    },
  • "memo": "Powered by Monerium",
  • "rejectedReason": null,
  • "supportingDocumentId": "3ebc51a8-044f-11ed-8b1f-4a76448b7b21",
  • "meta": {
    }
}

Get all balances for accounts

Retrieves balance for every accounts of the default profile. Each account represent one token on a chain.

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/balances

Response samples

Content type
application/json
[
  • [
    ]
]

Get tokens

Information about the emoney tokens with tickers, symbols, decimals, token contract address and the chain information, we currently support Ethereum, Polygon and Gnosis.

Token addresses and details here: /docs/tokens/

Responses

Request samples 

curl --user '[email protected]:Passw0rd!' https://api.monerium.dev/tokens

Response samples

Content type
application/json
[
  • {
    },
  • {
    },
  • {
    },
  • {
    },
  • {
    },
  • {
    },
  • {
    },
  • {
    }
]