Documentation of Widget Fintech
If you are going to use our B2B Sandbox test environment, keep in mind that it will be unavailable for maintenance from 01:00 GMT to 06:00 GMT. You can chek the equivalence in your local time here.
client_id
and client_secret
, which are credentials provided by Ripio after signing the corresponding agreements and contracts. It is the partner’s responsibility to secure these credentials. They uniquely identify the partner as a Ripio client.
unique
id that represents the user logged into your system. It must be a unique and unrepeated identifier of a user of your system. Later, this value is used in the request for approval of a purchase operation or when reporting the result of an operation (see Webhooks). In the documentation we refer to it as the external_ref
.
To obtain a JWT token it is necessary to have:To generate the token send a request using the HTTPclient_id
,client_secret
yexternal_ref
.
POST
method to the following endpoint: https://sandbox-b2b.ripio.com/w/api/v1/auth
The request must:
Content-Type: application/x-www-form-urlencoded
username=<client_id>:<external_ref>
password=<client_secret>
The value of the username field is a concatenation ofAn example using CURL in sandbox environment:client_id
+ “:
” +external_ref
.
Token expiration date is 10 hours. Once the token has expired, the widget displays an error on the session expired screen.
<ripio-widget />
and pass token JWT as a parameter, example:For the widget to be responsive, it is very important to configure the viewport as shown in the previous example.In addition to the token, the web component
<ripio-widget />
supports the following parameters:
_to
: for JWT token_la
: for language (lang)_cu
: for currencyThe following method is recommended to be used only via Webview. Please note that using the following method outside of a Webview is a security risk. The full URL may become available in the browser history, be tracked by ISPs, and others.If your implementation uses any of the following: React Native, Ionic, Angular, Android, or another framework that provides a Webview component, you can easily integrate with B2B widget by pointing Webview component’s URL to the following:
https://d2pneqdaei3b3x.cloudfront.net/index.html?_cu=cop&_la=es&_to=un.token.valido
Try copy-pasting this URL in your browser to see an error screen with customized font style (this error is due to an invalid token):
The widget uses the Font Family configured through the URL params_fo
and_fn
_fd
: Default Font Name. Supported Font Families to be used with _fd ar thoe built in the browser:_fn
: Font Name (ex: Roboto+Mono)_fo
: Font Options.Roboto+Mono
from Google Fonts @import
option:
_fn=Roboto+Mono
(be sure to replace empty space character “ “ for “+”)
_fo=Roboto+Mono%26display=swap
(be sure to replace all occurrences of ampersand character “&“ for “%26”)
https://d2pneqdaei3b3x.cloudfront.net/index.html?_fn=Roboto+Mono&_fo=Roboto+Mono%26display=swap
POST
method.
Ripio sends a request in the following cases:signed_message
field it’s a JWT and its token aremessage
andmessage_type
. In order to use this feature, you must provide us with apre_shared_key
(it’s a secret (string) shared between both parties that we use to create/cipher the message). This adds a layer of security that let’s our partners verify that Ripio is who created the message and that it wasn’t modified in transit.
To identify this request type, validatemessage_type
:transaction_approval_request
POST
method informing the partner of the result of a transaction, so that it can update the information corresponding to the user such as balances, and other relevant business logic. In this case, the payload is as follows.To identify this request type, validateFieldsmessage_type
:transaction_result
You can correlate all events using the value of the key “id
”. See in the examples above, that all requests sent to the Webhook contain the same value:id
:df9d41d8-ac80-4125-9738-ce1fcb8dc523
.
id
: UUID4. Used in approval of a purchase operation and when reporting the result of the operation (whether buy or sale). It is the same value in all requests.quote_id
: UUID4. ID of the quote (either buy or sale) accepted by the user.txn_id
: UUID4. Transaction ID.created_at
: Transaction creation date in UTC.
Generally speaking, it is enough for the partner to persist the id
field. In case of any problem, this is the value we use to reference a transaction.
HTTP POST
method asking the Partner for authorization to carry out the operation (see Purchase Operation Approval (BUY)).
HTTP 200
status code and the following JSON payload:
Any response other than the above will be interpreted as a Denied OperationThen the widget sends a request informing the Operation Result. SELL: Selling Crypto Assets
Since in this case, Ripio is responsible for the crypto holdings, the partner does not need to approve the operation, but they do need to update the user’s information after receiving it.
:active
, :hover
, :focus
, etc.)
body
element of the HTML template where it is embedded. In the following example we see a condensed version of what could be a <head />
block where a style sheet style.css
is imported and where in the style sheet it is defined to use the Montserrat font:
In line 17 font-family of the body is set to “Montserrat”. The widget will use this font family as well.An example of CSS styles to be sent to Ripio:
Use your browser’s devtools to inspect the widget’s markup. CSS class names that we use in buttons are the following:The following is an example of the look and feel without any styling being applied to the widget elements:
- btn-primary
- btn-secondary
- btn-tertiary
Buttons have CSS pseudo-class :hover
A screenshot of the widget used in a mobile implementation of a fictional partner
<head />