Skip to main content
This section describes an end-to-end flow for whitelisting an address under a beneficiary. Please retreive this payload template using the List Products API. Here is an example :

1. Create Request to whitelist an address with a beneficiary

Whitelist an ETH address linked with beneficiary John Smith which will be use for deposit and withdrawal

Request

curl --request POST 'https://hostname.zodia.io/v3/api/servicedesk/create' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
    "serviceId": "0x0007-007",
    "payload": {
        "address": "0x8dC847Af872947Ac18d5d63fA646EB65d4D99560",
        "blockchain": "ETH",
        "beneficiaryId": "BNF-T20046-WGG997I15N",
        "notes": "Fund A",
        "hostedAddress": true,
        "vaspId": "06ea2d8f-fa02-48f6-87af-c71ea58452as",
        "addressPurpose": [
            "INCOMING, OUTGOING"
        ]
    }
}'

Response

HTTP 200 
{
  "requestId": "SERV-REQ-99WPBB0FAG",
  "pluginDetail": {
    "entityId": "467f0fbf-7cd0-4196-b8be-7a33ac66f4f6",
    "details": [
      {
        "cryptoAddress": "0x8dC847Af872947Ac18d5d63fA646EB65d4D99560",
        "currency": "ETH",
        "managingVasp": "06ea2d8f-fa02-48f6-87af-c71ea58452as",
        "beneficiaryId": "BNF-T20046-WGG997I15N",
        "notes": "Fund A",
        "addressPurpose": "INCOMING, OUTGOING"
      },
      {
        "beneficiaryId": "BNF-T20046-WGG997I15N",
        "entityType": "INDIVIDUAL",
        "legalName": "John Smith",
        "legalEntityName": "John Smith",
        "registeredAddress": {
          "line1": "10 Downing Street",
          "city": "London",
          "country": "United Kingdom"
        },
        "operatingAddress": {
          "line1": "10 Downing Street",
          "city": "London",
          "country": "United Kingdom"
        }
      }
    ]
  }
}

2. Submit service request

Use the request ID obtained in the previous request to submit the instruction.

Request

curl --request POST 'https://hostname.zodia.io/v3/api/servicedesk/submit' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
  "requestId": "SERV-REQ-99WPBB0FAG"
}'

Response

HTTP 200

3. Retrieve instruction to sign as maker

Retrieve the HSM instruction to be signed by the maker

Request

curl --request POST 'https://hostname.zodia.io/v3/api/servicedesk/pending' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
  "requestId": "SERV-REQ-99WPBB0FAG",
}'

Response

HTTP 200 
{
  "request": {
    ...
  },
  "signature": "$$REPLACE$$"
}

4. Confirm instruction as maker

Sign the ‘request’ element with the API maker private key, insert the string in ‘signature’. The signed instruction is submitted directly to the HSM.

Request

curl --location 'https://hostname.zodia.io/v3/api/servicedesk/approve' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
  "requestId": "SERV-REQ-99WPBB0FAG",
  "request": {
    ...
  },
  "signature": "MEUCIHlH4Zs4zPrhofU9+KsLVLEEcfw6ENHgk7OHLRXhKVJmAiEA8TfaVVjc0XCdnGa8TrRtdmkVQWA5WwJCDNq0CWH02mY="
}'

Response

HTTP 200

5. Retrieve instruction to sign as authoriser

Request

curl --location 'https://hostname.zodia.io/v3/api/servicedesk/pending' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
  "requestId": "SERV-REQ-99WPBB0FAG"
}'

Response

{
  "request": {
    ...,
    "type": "Approve|Reject"
  },
  "signature": "$$REPLACE$$"
}

6. Approve instruction as authoriser

To approve an instruction set type to Approve. To reject an instruction, set type to Reject and set a rejectReason.

Request

curl --location 'https://hostname.zodia.io/v3/api/servicedesk/approve' \
--header 'company-identifier: ' \
--header 'submitter-id: ' \
--header 'request-identifier: ' \
--header 'request-timestamp: ' \
--header 'Content-Type: application/json' \
--header 'signature: ' \
--data '{
  "requestId": "SERV-REQ-99WPBB0FAG",
  "request": {
    ...,
    "type": "Approve"
  },
  "signature": "MEYCIQCkuiFDtdtl+cbeMewrGgwRycTNuRHmHVrhzR3MlDqX0AIhALIiT+KoYjxlDKtVpwcvXQbL0MuXE/wAeXl4DIulMp3m"
}'

Response

HTTP 200