This API (or Application Programming Interface) guide is a set of rules and protocols that defines how a 3rd party software can interact and exchange data with Fiat24 banking services.
These APIs extends the smart contract functions in Part 1 to access off-chain data.
Authentication & Access
Fiat24 does NOT use any standard protocol for authentication and authorization. All requests need to have a header with signed information by the NFT holder, which guarantees only the end-user can access his/her data.
To faciliate developer's integration work, we provide the signed header for our demo account #10365.
const headers = {
tokenid: <token id of user>,
network: 42161,
sign: <user's wallet signature>,
hash: <hash used for signing>,
deadline: <deadline used for signing>,
"Content-Type": "application/json"
}
where:
// We only allow the signature to be valid for 20 minutes max.
// Can be less than that if want more security.
const SIGNATURE_DEADLINE_IN_SECONDS = 1200;
const deadline = Math.round(Date.now()/1000) + SIGNATURE_DEADLINE_IN_SECONDS;
const messageToHash = "Hello world"; // Could be any text.
const deadlineHash = web3.utils.sha3(messageToHash + deadline);
const messageToSign = `I agree to access my profile. ${deadlineHash}`;
const sign = await signer.signMessage({
message: messageToSign,
});
return [ hash: messageToHash, deadline, sign ];
Functions
All RESTful interfaces are read-only functions, which retrieve off-chain data from Fiat24's backend system. All those data is very sensitive piece of data and they should be handled and stored with the upmost care.
1. Get Client Profile
Requires Authentication
Get the information about a specific account by NFT ID.
The traditional way to fund user's Fiat24 account is to trigger a bank transfer or wire directly from the customer's account to our bank account in his/her currency. This Bank account detail endpoints are provided for users to fill in bank account details for such a deposit.
In order for us to link this in coming payment with a corresponding Fiat24 client, the individual creating bank transfer need to include specific text in the "payment reference" field. which is always user's token_id.
Payout Bank Account Details
This section returns a list with all registered Payout bank account details for the given user. Account receive options can also include local and international details to receive money on the currency balance.
2. Get Cards
Requires Authentication
Get the VISA Debit Cards information from a user.
Request
GET https://api.fiat24.com/cards
Response Body
If the card is not available, the 500 code is returned.
{
"statusCode" : 500,
"tokenId" : 10365
}
If the card is found, the following data is returned
If the user doesn't own a card, it returns statusCode = 404.
number, expiry and CVV fields are very sensitive data, they should not be shown without client's consent.
All the limits are monthly (excluding dailyUsed, dailyAvailable, dailyMax).
All the card limits are in EUR.
The account limits are separated from the card limits, but still important as the card limits depend on the account limit. The account limits are in CHF.
3. Get Transactions
Requires Authentication to display card transaction details, without authentication it only displays the public blockchain data.
Get the transactions from a user.
Request
Get recent transactions.
The following sample request gets last 6 transactions from EUR account of Account 10365, containing blockchain as well as card transactions.
GET https://api.fiat24.com/transactions?
currency=eur
&fromrecord=0
&recordscount=6
or
GET https://api.fiat24.com/transactions?
currency=eur
&fromtimestamp=1683797408116
&totimestamp=1683897408116
The API returns a maximum of 1,000 transactions per request.
Result fields
timestamp is a 10 digits UNIX timestamp,
txId refers to Arbitrum Transaction Hash. More details can be retrieved from Arbiscan.io.
image field will return the image of the sender or the receiver (in case the user is the sender).
from tokenID that sent the transfer
to tokenID that received the transfer
4. Get IBAN
Each Fiat24 NFT can map to an unique Swiss IBAN.
For example, the NFT #12345 will own the IBAN of CH6883051000000012345. Wallet Provider can calculate the Swiss IBAN directly from the NFT id with the following request:
From API
GET https://api.fiat24.com/iban/<nftId>
This API is public, a signed header is not required.
Response Body of GET https://api.fiat24.com/iban/12345
{"iban":"CH6883051000000012345"}
From OpenSea API
Or you can get the IBAN as an attribute from OpenSea's metadata.
GET https://api.opensea.io/api/v2/chain/arbitrum/contract/0x133CAEecA096cA54889db71956c7f75862Ead7A0/nfts/<nftId>
Response Body for a NFT id = 12345. The line no. 16 states the IBAN.
Fiat24 currently cannot serve all countries and regions, but we are actively expanding the scope of regions where we can provide our services. The eligible countries are published from our own FAQ, however, we provide the API for wallet providers to check the eligible countries efficiently.
GET https://api.fiat24.com/countries
This API is public, a signed header is not required.
Response body providers all ISO-3 countries codes for