Momento Business API
    Momento Business API
    • Intro
    • Public endpoints
      • Get onboarding bank accounts
        GET
      • Get USD quotes
        GET
    • Users
      • Get User
        GET
      • Create a new user
        POST
    • Deposits.
      • Fetch Deposit orders (onboarding)
        GET
      • Create deposit order
        POST
    • Withdrawals (offboarding)
      • Fetch withdrawal orders
        GET
      • Create a withdrawal order
        POST
      • Withdrawal banks list
        GET
    • Schemas
      • Schemas
        • Bank
        • User
        • Price
        • DepositOrder
        • WithdrawalOrder
      • Deposit Bank
      • User Schema

    Intro

    Momento API Integration#

    Welcome, This document provides all the necessary information to integrate with the Momento API. Our goal is to make this process as smooth and straightforward as possible.
    This API is designed to handle pay-ins (deposits) and pay-outs (withdrawals) for your clients in a secure and efficient manner. Please review this document carefully and do not hesitate to contact our support team if you have any questions.

    Getting Started#

    API Environments#

    We provide two environments for integration: a Sandbox for testing and a live Production environment.
    EnvironmentBase URLDescription
    Sandboxhttps://pruebas.elmomento.io/integrationsUse this environment for all initial development and testing. No real transactions will be processed.
    Productionhttps://api.trade.elmomento.io/integrationsThe live environment for processing real user requests.

    Authentication#

    All requests to the Momento API must be authenticated. Authentication is handled via a unique Secret Key and a request signature.
    Your Secret Key is a confidential token that has been provided to you directly by our team. Never expose this key in client-side code or public repositories.
    Every API request requires an M-Signature header. This signature is used to verify the integrity and authenticity of the request body.
    How to Generate the Signature:
    1.
    Get the raw JSON request body as a string.
    2.
    Create a hash of the request body string using the HMAC SHA512 algorithm.
    3.
    Use your provided Secret Key as the key for the HMAC function.
    4.
    The resulting hash, represented as a hexadecimal string, is the value for your M-Signature header.

    Signature Generation Example (Python)#

    Here is a simple Python function demonstrating how to generate the required signature:

    Making Requests#

    Required Headers#

    All API requests must include the following headers:
    HeaderValueDescription
    Content-Typeapplication/jsonIndicates the request body format is JSON.
    M-Signature[HMAC SHA512 HASH]The signature generated from the request body.

    Example Request (curl)#

    Here is a full example of how to make a request to a sample endpoint.

    First, generate the signature for your request body#

    Let's assume the generated signature is: 1a2b3c...
    curl -X POST \
 https://pruebas.elmomento.io/api/integrations/deposit_orders/ \
 -H 'Content-Type: application/json' \
 -H 'M-Signature: 1a2b3c...' \
 -d '{  
 "amount": 500,  
 "orderID": "Somerandomstring",  
 "currency": "DOP",  
 "callback_url": "https://google.com",  
 "request": {  
    "email": "ceterasddsare@hotmail.com",  
    "id_number": "00100000001"  
  }  
 }'

    Endpoints Overview#

    Below is an overview of the available endpoints.

    Deposit#

    Handles deposit orders for clients who want to increase their balance.
    POST /deposit_orders/
    Create Order: Creates a new deposit order.
    GET /deposit_orders/
    Get Orders: Returns a list of existing deposit orders.

    Withdrawal#

    Handles withdrawal orders for clients who want to withdraw their balance.
    POST /withdrawal_orders/
    Create Withdrawal Order: Creates a new withdrawal order.
    GET /withdrawal_orders/
    Get Withdrawal Orders: Returns a list of existing withdrawal orders.

    Rate Limiting#

    To ensure API stability for all our clients, we enforce a rate limit of 1000 requests per hour. If you exceed this limit, you will receive an HTTP 429 Too Many Requests response.

    Error Handling#

    Our API uses standard HTTP status codes to indicate the success or failure of a request.
    2xx codes indicate success.
    4xx codes indicate a client-side error (e.g., bad request, authentication failure).
    5xx codes indicate a server-side error.
    In the case of an error (4xx or 5xx), the response body will contain a JSON object with more details:

    Support#

    If you encounter any issues or have questions during your integration, please contact our technical support team at ceterre@ourord.com.
    Next
    Get onboarding bank accounts
    Built with