Momento Business API
    Momento Business API
    • Intro
    • Public endpoints
      • Get onboarding bank accounts
        GET
      • Get USD quotes
        GET
    • Users
      • Get User
        GET
      • Create a new user
        POST
    • Deposits.
      • Fetch Deposit orders (onboarding)
        GET
      • Create deposit order
        POST
    • Withdrawals (offboarding)
      • Fetch withdrawal orders
        GET
      • Create a withdrawal order
        POST
      • Withdrawal banks list
        GET
    • Schemas
      • Schemas
        • Bank
        • User
        • Price
        • DepositOrder
        • WithdrawalOrder
      • Deposit Bank
      • User Schema

    Intro

    Momento API Integration#

    Welcome, This document provides all the necessary information to integrate with the Momento API. Our goal is to make this process as smooth and straightforward as possible.
    This API is designed to handle pay-ins (deposits) and pay-outs (withdrawals) for your clients in a secure and efficient manner. Please review this document carefully and do not hesitate to contact our support team if you have any questions.

    Getting Started#

    API Environments#

    We provide two environments for integration: a Sandbox for testing and a live Production environment.
    EnvironmentBase URLDescription
    Sandboxhttps://pruebas.elmomento.io/integrationsUse this environment for all initial development and testing. No real transactions will be processed.
    Productionhttps://api.trade.elmomento.io/integrationsThe live environment for processing real user requests.

    Authentication#

    All requests to the Momento API must be authenticated. Authentication is handled via a unique API Key, a request signature and a timestamp.
    Your Secret Key is a confidential token that has been provided to you directly by our team. Never expose this key in client-side code or public repositories.
    Every API request requires an Signature header. This signature is used to verify the integrity and authenticity of the request body.
    How to Generate the Signature:
    The signature is generated using HMAC-SHA512 with a timestamp to prevent replay attacks. The message to sign varies based on the HTTP method:
    GET requests: HMAC-SHA512(secret, timestamp)
    POST/PUT/PATCH requests: HMAC-SHA512(secret, timestamp + body)
    Required Headers:
    api-key: provided api key
    Signature: The HMAC-SHA512 hex digest
    X-Timestamp: Unix timestamp in seconds
    Timestamp Validation:
    The timestamp must be within 30 seconds of the server time to prevent replay attacks.

    Signature Generation Example (Python)#

    Here are some simple function demonstrating how to generate the required signature:
    Python
    Javascript
    PHP

    Making Requests#

    Required Headers#

    All API requests must include the following headers:
    HeaderValueDescription
    Content-Typeapplication/jsonIndicates the request body format is JSON.
    M-Signature[HMAC SHA512 HASH]The signature generated from the request body.
    api-key[string]String used to identify your account
    X-Timestamp1766825847Current timestamp used in the signature generation.

    Example Request (curl)#

    Here is a full example of how to make a request to a sample endpoint.

    First, generate the signature for your request body#

    Let's assume the generated signature is: 1a2b3c...
    curl -X POST \
 https://pruebas.elmomento.io/integrations/deposit_orders/ \
 -H 'Content-Type: application/json' \
 -H 'api-key: apikeynumberhere' \
 -H 'X-Timestamp: 1766825847' \
 -H 'M-Signature: 1a2b3c...' \
 -d '{  
 "amount": 500,  
 "orderID": "Somerandomstring",  
 "currency": "DOP",  
 "callback_url": "https://google.com",  
 "request": {  
    "email": "ceterasddsare@hotmail.com",  
    "id_number": "00100000001"  
  }  
 }'

    Endpoints Overview#

    Below is an overview of the available endpoints.

    Deposit#

    Handles deposit orders for clients who want to increase their balance.
    POST /deposit_orders/
    Create Order: Creates a new deposit order.
    GET /deposit_orders/
    Get Orders: Returns a list of existing deposit orders.

    Withdrawal#

    Handles withdrawal orders for clients who want to withdraw their balance.
    POST /withdrawal_orders/
    Create Withdrawal Order: Creates a new withdrawal order.
    GET /withdrawal_orders/
    Get Withdrawal Orders: Returns a list of existing withdrawal orders.

    Rate Limiting#

    To ensure API stability for all our clients, we enforce a rate limit of 1000 requests per hour. If you exceed this limit, you will receive an HTTP 429 Too Many Requests response.

    Error Handling#

    Our API uses standard HTTP status codes to indicate the success or failure of a request.
    2xx codes indicate success.
    4xx codes indicate a client-side error (e.g., bad request, authentication failure).
    5xx codes indicate a server-side error.
    In the case of an error (4xx or 5xx), the response body will contain a JSON object with more details:

    Support#

    If you encounter any issues or have questions during your integration, please contact our technical support team at ceterre@ourord.com.
    Next
    Get onboarding bank accounts
    Built with