Redeem API

Method: POST (HTTPS only)

Authorization: Bearer
Content-Type: application/json

Important: HTTPS is required. Responses should be deterministic to support idempotency.

Request

json

{
  "code": "CODE123",
  "state": "STATE123",
  "client_id": "cryptopass-mobile"
}

Response (200 OK)

json

{
  "ok": true,
  "provider_slug": "myexchange",
  "user_id": "ext-user-12345",
  "sumsub_applicant_id": "optional-abc123",
  "email": "optional@example.com"
}

Errors

Code	Error	Description
`400`	`invalid_code`	Bad request
`401`	`unauthorized`	Auth failed
`409`	`replay`	Code already used
`429`	`rate_limited`	Too many requests
`5xx`	`internal_error`	Server error

provider_slug must match the agreed slug (af_sub3). user_id must be a stable external user identifier.

Deeplink Parameters

Context API