Embedded Wallets
How to
Setup Authentication
Whatsapp
Verify Otp

Verify Whatsapp OTP

API usage for verifying the whatsapp OTP for the user. login OTP is sent to the user's whatsapp account.

Overview

This API endpoint allows you to verify the user login to using User’s whatsapp account (phone number) and otp verification.

  • HTTP Method: POST
  • Endpoint: /api/<VERSION>/auth/verify-whatsapp

Request Body Parameters

  • verificationToken (required): verificationToken from Login endpoints.
  • otp(required): otp sent to the user's whatsapp account.

Example Request Body

{
    "verificationToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0YjUxNGY0MzU4ZGVjY2FkYWY4MDA5MSIsImVtYWlsIjoiZGVuZGl0b3BydG1AZ21haWwuY29tIiwibmFtZSI6IkRlbmRpdG8gUHJhdGFtYSIsInJvbGUiOiJhZG1pbiIsInBvbGljeSI6IjY0OTE0YTY3Z...",
    "otp": "123456"
}

Request

Request Headers

  • x-client-secret (required): Client secret which was generated when register in Xellar Embedded Wallet API Service Dashboard.

Example Request Syntax

curl -X POST -H "Content-Type: application/json" -H "x-client-secret: $YOUR_CLIENT_SECRET" -d '{
    "verificationToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6I...",
    "otp": "123456"
}' <BASE_URL>/api/<VERSION>/auth/verify-whatsapp

Response

The response will include a JSON object with the following properties:

  • status (number): The HTTP status code of the response (e.g., 200 for success).
  • message (string): A message providing additional information about the operation.
  • data (object): An object containing the accessToken, walletToken and isWalletCreated.
  • data.isWalletCreated (bool): A boolean value to determine whether the wallet is already created or not.
  • data.refreshToken (string): A string contains the refresh token which will be used for generating the new walletToken after every wallet operation executed.
  • data.walletToken (string): the wallet token access used to access the wallet operations.
  • data.rampableAccessToken : JWT token used to access the Rampable Operation endpoint. This token will only be available if the account already create a rampable account and the organization has enabled the rampable feature.
  • data.address (string): (Version 1 only) the wallet address of the user.
  • data.addresses (array): (Version 2 only) the wallet addresses of the user. The array contains the network and address of the wallet.

Example Response

Example Response (if account do not have an Embedded wallet)

{
    "status": 200,
    "message": "ok",
    "data": {
        "rampableAccessToken": "your_rampable_access_token_here",
        "accessToken": "eyy9afadeasf31....",
        "isWalletCreated": false
    }
}

V1 Example Response (if account already have an Embedded wallet)

{
    "status": 200,
    "message": "ok",
    "data": {
        "rampableAccessToken": "your_rampable_access_token_here",
        "walletToken": "eyy9afadeasf31....",
        "isWalletCreated": true,
        "address": "0x123546..."
    }
}

V2 Example Response (if account already have an Embedded wallet in v2)

📝

This response only works on v2

{
    "status": 200,
    "message": "ok",
    "data": {
        "rampableAccessToken": "your_rampable_access_token_here",
        "walletToken": "eyy9afadeasf31....",
        "refreshToken": "eysfsfsffssf1....",
        "isWalletCreated": true,
        "addresses": [
            {
                "network": "evm",
                "address": "0x123546..."
            },
            {
                "network": "solana",
                "address": "Af3sdf8JsjF..."
            },
            {
                "network": "bitcoin",
                "address": "bc1q3sdf8JsjF..."
            }
        ]
    }
}
LoginApple