Build with Inopay
A REST API, native SDKs and an Ed25519-signed portable KYC spec to embed regional markets into your product.
Quick start
Three calls to place your first order in sandbox.
Authentication
Exchange your sandbox key for a Bearer access token.
curl -X POST https://api.getinopay.com/v1/auth/token \
-H "Content-Type: application/json" \
-d '{
"client_id": "YOUR_SANDBOX_KEY",
"client_secret": "YOUR_SANDBOX_SECRET"
}'KYC attestation
Submit a subject, receive a portable Ed25519 attestation, verifiable offline.
curl -X POST https://api.getinopay.com/v1/kyc \
-H "Authorization: Bearer $TOKEN" \
-H "Idempotency-Key: $(uuidgen)" \
-d '{
"subject": { "national_id": "...", "full_name": "..." },
"level": "tier_2"
}'First order
Route the order to a licensed SGI. Idempotent by default.
curl -X POST https://api.getinopay.com/v1/orders \
-H "Authorization: Bearer $TOKEN" \
-H "Idempotency-Key: $(uuidgen)" \
-d '{
"kyc_attestation": "<jwt>",
"instrument": "SNTS.BRVM",
"side": "buy",
"qty": 10,
"limit_price": 12500
}'Modules
Four composable, documented and versioned building blocks.
REST API
/v1/ reference with Bearer auth, cursor pagination and normalised error codes.
DocumentationWebhooks
HMAC SHA-256 signed notifications for orders, KYC and audit snapshots.
DocumentationEd25519 portable KYC
Cryptographic attestation, verifiable offline. One verification, many SGI partners.
DocumentationChained audit
Each order hashed, anchored daily. Verifiable by any auditor or regulator.
DocumentationConventions
Locked-in technical choices across the platform.
- Versioning — Stable /v1/ prefix. Breaking changes announced 90 days in advance.
- Authentication — Short-lived Bearer tokens via OAuth 2.0 client credentials.
- Dates & idempotency — ISO 8601 UTC everywhere. Idempotency-Key required on all mutating POSTs.
- Rate limits — 60 req/min in sandbox, tier-based in production. Standard RateLimit headers.
Ready to integrate?
Request your sandbox key and start placing orders within the day.