Release Version 4.20.0 (May 30, 2024)

30. 05. 2024

What’s new

The ability for Merchant users to generate a payment link and QR code for an invoice and send it to the Customer was added.

The user (currently Merchant) creates an invoice and specifies the invoice recipient. Also, Merchant selects whether to send a payment link to the Customer (notification available only if the email was provided as recipient contact)
System on the Back-end QR code which contains the following information:

invoice ID (identifier)
amount
currency
merchant name (company name) – if the company name was not specified in the Merchant profile Customer will see all other invoice parameters without the company name

Generated invoice, link (generated by the Front-end), and QR code are available to the Merchant in his account (link and QR code generated without exp date)
Merchants can copy the link and QR code (download as a picture) (if the option “send a payment link to Customer” was not selected during invoice creation) and provide it to Customer (outside the System)
The customer receives the link and follows it (or scans the QR code and goes by the link) – the Customer sees the invoice payment page with details (information from the payment link) and the option “Pay invoice“. The link to view invoice details opens for Customers without authorization in the System.
Customer selects “Pay invoice“:
1. if the Customer is not logged he will be redirected to the log-in page to enter his credentials and login into the account (the option to pay invoice available only for registered Customers)
2. if the Customer is logged in he will see all invoice details and can confirm the invoice payment
As a result of invoice payment, the funds will be transferred between the User’s wallets.

The invoice can be issued and sent to the person (contact) who is not registered in the system. In this case, the person will receive an email or sms with further instructions on how to register in the E-wallet system and pay the invoice.

If POST {{host}}/invoices?sendPaymentLink=true and the Customer provides his contact email he will receive a notification about invoice creation with payment link and QR code:

“Dear customer,

an invoice was created for you by the [invoice.merchantName] for the amount of [invoice.currency.symbol] [invoice.totalPrice].

To pay, please follow the link [payment link]

or you scan the QR code

[QR code] ”

Validation added:

IF sendPaymentLink = true and payerContact is not an email type, the application throws an exception without creating an invoice.
IF sendPaymentLink = true and payerContact is null, the application throws an exception without creating an invoice.

See “API Changes” section of the release notes to know more about changes related to API

Integration with Salt Edge Open Banking provider was implemented.

The current release includes the Salt Edge API methods to communicate with the provider and SDK APIs set to trigger technical integration and route the data to the user. The ability for Business users to use open banking features (to view account information and initiate payments) via UI going to be available in the next release.

Integration implements the Salt Edge Partners API methods for fetching account information and payment initiation.

Salt Edge Partners API aims to provide access to financial information and payment initiation for any company that does not need to get a PSD2 Account Information Service Provider license.

The integration allows the following flows:

fetch account information – creating a lead, granting consent, authenticating in the bank interface, fetching financial data on success
initiate payment – creating a lead, initiating a payment, granting consent, authenticating in the bank interface

See the “API Changes” section of the release notes to know more about changes related to API.

Contact us to learn more about Salt Edge integration

Integration with the Twilio provider was implemented.

Twilio is a centralized business messaging platform, that allows businesses to communicate with their customers through various channels – all from a single platform.

Contact us to learn more about Twilio integration

Improvements

The ability to manage the profile photo was added for business and service users.

Business user (profile owner) or service user (profile manager) can:

Upload avatar
Update
Delete

Use API to upload public media file POST {{host}}/api/v1/media-files/resources. After using the value of “URL” from the response in the PATCH /profiles/{userId}/additional (for service user) and PATCH /profiles/my/additional (for business user)

See “API Changes” section of the release notes to know more about changes related to API

Additional checks of the required fields in the user Profile before starting KYC verification via 3rd party was added

The ability to specify the reason and description during the deactivation of the client wallet was added for the Administrator

Available values for deactivation reason:

IDENTIFICATION_DECLINED
USER_BANNED
ACCOUNT_CLOSED
OTHER – set by default

See “API Changes” section of the release notes to know more about changes related to API

Assignment of an inactive contract to an organization (Individual and Merchant) was prohibited

The ability to activate/deactivate Vendor status was added. If Vendor status=inactive it means, that the current Vendor is not available to add in the new or existing Contract.

Vendor status does not impact the behavior of Vendors (means operations of these vendors) that are already added in the existing Contracts.

See “API Changes” section of the release notes to know more about changes related to API

The ability to log out of the system on demand was added for all user roles.

If the user is authorized (the token is valid) – the current active token will be terminated (get token from user authorization)
If the user is not authorized (the token is invalid) – 403 FORBIDDEN will be returned

Available for all user roles (service and business), no permission is required

See “API Changes” section of the release notes to know more about changes related to API

Corefy Public API methods to retrieve available payment and payout services with details were added to the user Top-up and Withdrawal flow. The method returns more detailed information for service representation such as logo, icon, and name. This information is used by the SDK API method POST /v1/gate/methods/view to show services to a user

The ability to delete Vendors (for Custom and Not Custom vendors) was added:

only vendors without any operations performed can be deleted (including operations in transit status)
deleted vendors are not visible and not available for any action to service users (via UI and API)
all operations via deleted vendors are not allowed

See “API Changes” section of the release notes to know more about changes related to API

Displaying of the document types required for KYC checks was added to the Individual front office. API POST {{host}}/profile-documents/view-document-types is used
The ability to use a device camera to take a selfie for KYC document checks was added for Individual front-office
Filter by currency code was added to POST /v1/gate/tokenization/view
See “API Changes” section of the release notes to know more about changes related to API
Top up & Withdrawal UI user flows were rearranged according to the Corefy Gateway requirements

The following functionalities were disabled on the UI for a Business user in case of KYC failure:

Top up
Withdraw
Currency Exchange
Payments

The option is switchable through .env.production VUE_APP_ENABLE_BUSINESS_OPERATIONS_KYC_RESTRICTIONS

The ability to switch on/off available on the UI for Business user features (depending on the environment) was added.

Added environment variables on the .env.production:
VUE_APP_CREATE_WALLET_CUSTOM_SERIAL_INPUT_VISIBLE
VUE_APP_USER_DASHBOARD_MAKE_PAYMENT_TRANSFER_TO_CARD_ACTION_VISIBLE
VUE_APP_USER_DASHBOARD_MAKE_PAYMENT_TRANSFER_TO_ACCOUNT_ACTION_VISIBLE
VUE_APP_USER_DASHBOARD_MAKE_PAYMENT_MOBILE_TOP_UP_ACTION_VISIBLE
VUE_APP_USER_DASHBOARD_MAKE_PAYMENT_OTHER_PAYMENTS_ACTION_VISIBLE
VUE_APP_USER_DASHBOARD_EXCHANGE_VISIBLE
VUE_APP_USER_DASHBOARD_CURRENCY_RATES_VISIBLE

By default, all options are equal to true

The banner”To perform any further activity please pass a KYC security check” was added for a user after having the account registered on top of the main page.

This banner is switchable via the .env.production file: VUE_APP_USER_DASHBOARD_KYC_CHECK_NOTIFICATION_ENABLED

The banner “Coming soon” for all forms of the new back-office UI which is under development was added

The “Identification rejected” email template was changed. The ability for the Compliance manager to specify comments during identification declining was added. The specified comment will be visible for the user in the “Identification rejected”

See “API Changes” section of the release notes to know more about changes related to API

Fixes

Issues with button components were fixed on the “Accounts” sections of “Merchant”
Need to change the name of the button in the “Edit subscription” modal window
the issue with displaying the number of “Need approval” accounts after clearing the filter was fixed for Compliance UI
The SHARED direction was removed from the list of directions for the Withdrawal exchange operation
Minimal padding between wallet amount and arrow-icon in dropdown lists was added
The issue with spacing between the text and the asterisks was fixed
The issue with the transactions view for the Individual (default) users was fixed
The issue with mapping of name in “invoices details” was fixed
The “From card” value is set automatically in the appropriate field when transaction_template is using
Status Code when trying to create new users by Admin using invalid login was fixed. 400 Bad Request instead of 500 status code
Multi-clicking on the “Create” button when creating a new custom contract was forbidden
The wallet balance automatically updates on the wallet details pages
“Accept” and “Decline” buttons were hidden for already declined Top Up via bank operations
The issue with choosing an account for paying invoices was fixed
The issue with mandatory fields for operation performing was fixed. Asterisks were added to the UI
The issue with the amount to receive value recalculation on transaction preview after changing “Sell amount” was fixed
The issue with sorting in the POST /issue-card/users/cards/view was fixed
Multiple issues with Commission profiles/rules/conditions after refactoring were fixed
The issue with the Document details form was fixed. Now Document details form closes automatically after clicking on the Approve/Decline buttons
NullPointerException occurs when trying to restore the Master PIN was fixed
Typo in endpoints related to Salt Edge integration was fixed
The issue with a banner displaying after an unsuccessful attempt to create an invoice without proper rule condition was fixed
The ability to create an already expired invoice was removed
The issue with the Back button, when the banner is present, was fixed
UI component to see transaction history on the map was hidden temporarily (logic is not implemented)
Google Cloud storage infrastructure for new cloud clients was set up and tested
The issue with coins that are related to the vendor after its deleting was fixed – all coins will be deleted after the vendor deleting
Alert when trying to log in with the wrong user role on UI was added
Multiple UI minor issues were fixed for the Individual and Compliance manager
The main page of the SDK platform was cleaned up (irrelevant white-label platform information was removed)
The issue with Currencycloud integration was fixed

API Changes
Endpoint	Updated
POST /gate-providers PATCH /v1/gate-providers/{gateProviderId}	Parameter active was added to the request and response body. If Vendor status=inactive it means, that the current Vendor is not available to add in the new or existing Contract. Vendor status does not impact the behavior of vendors (means operations of these vendors) that are already added to existing contracts. Request body: { "vendorName": "name", "debtAllowed": true, "active": true} Response body: { "id": "string", "name": "string", "debtAllowed": true, "active": true, "gate": {}}
PATCH /coins/{serial}/status	Request and response body was changed. Added the following parameters: · active- required - to specify whether the wallet should be activated or deactivated · deactivationReason - conditional - to specify the deactivation reason. If the wallet is going to be deactivated, there is additional validation at the backend: if deactivationReason is not provided, the exception deactivation_reason_not_provided will be returned · description - optional - to add a description Deactivation of non-client wallet is restricted. Request body: { "deactivationReason" : "other", "description" : "any text", "active" : true} Available values for deactivation reason: · IDENTIFICATION_DECLINED · USER_BANNED · ACCOUNT_CLOSED · OTHER - set by default
DELETE /v1/gate-providers/custom/{gateProviderId}	API path was changed from: DELETE /v1/gate-providers/custom/{gateProviderId} to DELETE /v1/gate-providers/{gateProviderId}
POST /v1/gate/tokenization/view	Filter by currencyCode was added to request body
PATCH /profiles/{userId}/additional PATCH /profiles/my/additional	Parameter referenceToProfilePhoto was added to link user profile photo (avatar) with profile (user additional information was extended) Request body: { "additional": { "type": "common", "sex": "MALE", "referenceToProfilePhoto": "https://sdk5.sdk.finance/api/v1/media-files/resources/https://sdk5.sdk.finance/api/v1/media-files/resources/96c257ff-ffcd-4b49-a5e5-8f0244e5a479.png" }}
POST/v1/profiles/{userId}/decline	Optional request body was added to have the ability to specify “comment” when declining user identification. Request body: { "comment": "some comment"} · if comment was specified - it appears in the “Identification rejected” notification for user · if comment is not specified - the default value in the notification is unspecified
POST {{host}}/invoices?sendPaymentLink=true	Parameter was added to the requests URL sendPaymentLink: · if sendPaymentLink=true - generated payment link and QR code will be sent to Customer contact email (if provided), payment link will also be available to the Merchant in the Invoice details to copy and share in other ways · if sendPaymentLink=false - payment link will also be available to the Merchant in the Invoice details to copy and share in other ways Validation added: · IF sendPaymentLink = true and payerContact is not an email type, the application throws an exception without creating an invoice. · IF sendPaymentLink = true and payerContact is null, the application throws an exception without creating an invoice. Parameters qrCodeMediaFileId and qrCodeMediaFileLink were added to the response body parameters: · qrCodeMediaFileId - id of QR Code media file · qrCodeMediaFileLink - URL to an image of the logo in QR Code. Optional field. Taken from the settings file application-media.yml · media:· qr-code:· # QR code image dimensions 980 x 980 pixels including 80 pixels of padding.· # QR code based on 41x41 items matrix plus 4 items for each side of padding.· # Every item size is 20 x 20 pixels with dots (diameter 16 pixels) in the center.· # The central logo image should be 220 x 220 pixels including 20 pixels of padding and· # images in the corners should be 160 x 160 pixels including 20 pixels of padding.· overlay-image-enabled: false· overlay-image-url: 'https://sdk-public-res.s3.eu-west-1.amazonaws.com/img/qr_code_overlay_image_980_980.png' Under QR code hides the URL to the general API to view invoice information without authorization: GET /v1/qr/invoices/{identifier} The QR code dimensions in UI are 196 x 196 pixels. Also, there is a possible option of a QR code with a logo image in the middle. The best dimensions are 980 x 980 pixels (including 80 pixels of padding), the central logo image should be 220 x 220 pixels, and the images in the corners should be 160 x 160 pixels (including 20 pixels of padding). The resulting image can be scaled five times to fit the frame dimensions of 196 x 196 pixels. request body: { "name": "Test 2", "payerContact": "individual@sdkfinance.tech", "recipientCoin": "709758205434", "amount": 5, "expiresAt": "2024-04-16T11:13:50.114Z", "data": { "productCode": "1234", "productPrice": 5, "description": "Test invoice", "count": 1 }} response body: { "invoice": { "identifier": "665206266719", "name": "Test 2", "createdAt": "2024-04-15T11:21:28.680Z", "createdByUser": { "id": "48252e5e-e3ff-4685-bb85-3ed22d463ed6", "name": "Merchant Default", "profileOrganizationId": "a84819b4-0b8d-4d4e-b274-005196b1dd3c" }, "status": "pending", "payer": { "id": "dac549d2-9ebf-4636-8834-db43dc1702a2", "type": "individual", "name": "Individual Default", "organizationStatus": "approved", "contract_info": { "id": "41066d5a-32d0-4e2b-a99a-6e11351510ba", "personType": "base", "name": "base contract for org individual" } }, "payerContact": "individual@sdkfinance.tech", "merchantName": "Merchant Default", "totalPrice": 5, "expiresAt": "2024-04-16T11:13:50.114Z", "currency": { "id": "eeccb114-85c4-4597-b697-5005db640589", "sn": "USD", "code": "USD", "symbol": "$" }, "data": { "productCode": "1234", "productPrice": 5, "description": "Test invoice", "count": 1 }, "qrCodeMediaFileId": "bdc26476-9ce0-4e34-9b38-30d19631d793", "qrCodeMediaFileLink": "https://local.sdk.finance:8443/api/v1/media-files/resources/8538ef06-14a3-4493-a68a-8f1e7436084c.png" }}
POST {{host}}/gate/methods/view	API to view available providers was extended. Fields name, logo, icon was added. request body:{ "serial": "518988789312", "txType": "TOPUP"} response body:{ "records": [ { "gateProvider": { "id": "Corefy", "name": "Corefy", "debtAllowed": false, "active": true }, "way": "CARD", "services": [ { "id": "comcps_AqRhbcAakssQN3t5", "type": "payment-services", "service": "payment_card_eur_hpp", "serviceMethod": "payment_card", "active": true, "enabled": true, "currencyCode": "EUR", "name": "Payment card", "logo": "https://static.openfintech.io/payment_methods/payment_card/logo.svg", "icon": "https://static.openfintech.io/payment_methods/payment_card/icon.svg" }, { "id": "comcps_YywERuqsC3ilviHO", "type": "payment-services", "service": "payment_card_usd_hpp", "serviceMethod": "payment_card", "active": true, "enabled": true, "currencyCode": "USD", "name": "Payment card", "logo": "https://static.openfintech.io/payment_methods/payment_card/logo.svg", "icon": "https://static.openfintech.io/payment_methods/payment_card/icon.svg" } ] } ]}
Endpoint	Added
DELETE /authorization	Endpoint to delete user active authorization token and log out of the System. If the user is not logged in, the 403 FORBIDDEN will be returned. Available for all user roles (service and business), no permission is required The curl of the request: curl --location --request DELETE 'https://local.sdk.finance:8443/api/v1/authorization' \--header 'Content-Type: application/json' \--header 'Authorization: TOKEN {your_token_here}' The method does not consume or produce the body.
GET /v1/qr/invoices/{identifier}	New API to view invoice details by providing invoice identifier after QR code scan was added. API can be called by an unauthorized user. response body: { "invoiceIdentifier": "410777127092", "amount": 10, "currency": "USD", "merchantName": "SDK.finance"}
POST /api/v1/saltage/create-lead-and-session	New API to create or return an existing lead and creates a connection (lead session) with the signing of the consent was added. Where a lead in Salt Edge Partners API - is a verified end-user email associated with Salt Edge Limited customer record. The email is taken from the organization's contact def. Consent - the permission from an end-user to fetch data. Permission required: OPEN_BANKING_USER request body: { "providerCode": "fakebank_simple_xf", "countryCode": "XF"} response body: { "redirectUrl": "https://www.saltedge.com/dashboard/connect?token=86c8d59de7593d3f591404f4c59cbcbe4ebcfe5da301e6fc4f840d743e572066", "expiresAt": "2024-05-07T07:39:19.000Z"}
POST /api/v1/saltage/accounts	API to see the list of accounts for specified end-user within a connection (specified bank or provider) was added. This API returns the full list of fields from the Salt Edge provider response. The accounts are sorted in ascending order of their ID, so the newest accounts will come last. request body: { "customerId":"{{customerId}}", "connectionId": "{{connectionId}}"} response body: { "data": [ { "id": "1260432327482280015", "name": "Simple account 1 MasterCard", "nature": "card", "balance": 2020.5, "extra": { "accountName": "123456", "accountNumber": "123456", "assets": [], "cardType": "master_card", "cards": [], "clientName": "John Smith", "currentDate": "2024-05-04", "currentTime": "13:40:00", "iban": "DE11100110012612442222", "bban": "100110012612442222", "sortCode": "65-43-21", "status": "active", "swift": "ABCDEFGH", "transactionsCount": { "posted": 28, "pending": 0 }, "investmentAccountsExtra": {}, "insuranceAccountsExtra": {} } }, { "id": "1260432327557777492", "name": "Simple account 2", "nature": "account", "balance": 2019.4, "extra": { "accountName": "123457", "accountNumber": "123457", "assets": [], "cards": [ "1234....5678", "8765" ], "clientName": "John Smith", "currentDate": "2024-05-04", "currentTime": "13:40:00", "iban": "DE84100110012612443333", "bban": "100110012612443333", "sortCode": "65-43-22", "status": "active", "swift": "ABCDEFGJ", "transactionsCount": { "posted": 35, "pending": 0 }, "investmentAccountsExtra": {}, "insuranceAccountsExtra": {} } }, { "id": "1260432327633274970", "name": "Simple account 3", "nature": "credit", "balance": -2019.4, "extra": { "accountName": "123458", "accountNumber": "123458", "assets": [], "availableAmount": 2980.6, "cards": [ "1234....8765", "5678" ], "clientName": "John Smith", "creditLimit": 5000.0, "currentDate": "2024-05-04", "currentTime": "13:40:00", "iban": "DE60100110012612444444", "bban": "100110012612444444", "sortCode": "65-43-23", "status": "active", "swift": "ABCDEFGK", "transactionsCount": { "posted": 14, "pending": 0 }, "investmentAccountsExtra": {}, "insuranceAccountsExtra": {} } }, { "id": "1260432327691995229", "name": "Account 4 merchant testing", "nature": "account", "balance": 2011.4, "extra": { "accountName": "Local Merchant", "accountNumber": "300-200-100", "assets": [], "cards": [], "clientName": "John Smith", "iban": "GB33BUKB20201555555555", "bban": "20201555555555", "sortCode": "65-43-21", "status": "active", "swift": "ABCDEFGH", "transactionsCount": { "posted": 121, "pending": 0 }, "investmentAccountsExtra": {}, "insuranceAccountsExtra": {} } }, { "id": "1260432327775881317", "name": "5325 ** 1285", "nature": "credit_card", "balance": -2019.4, "extra": { "accountName": "** 1285 MasterCard", "assets": [], "availableAmount": 7976.6, "blockedAmount": 4.0, "cardType": "master_card", "cards": [], "clientName": "John Smith", "closingBalance": -1009.7, "creditLimit": 10000.0, "expiryDate": "2026-05-01", "nextPaymentAmount": 134.63, "nextPaymentDate": "2024-05-24", "status": "active", "transactionsCount": { "posted": 0, "pending": 0 }, "investmentAccountsExtra": {}, "insuranceAccountsExtra": {} } } ], "meta": {}}
GET /api/v1/saltage/connected-providers/{{customerId}}	API to get a list of connected providers with active consent was added. response body: { "data": [ { "providerShortData": { "providerId": "3100", "providerCode": "fake_client_xf", "providerName": "Fake Bank with Client Keys", "consentExpiredAt": "2024-08-18T08:53:48.000Z", "connectionId": "1280561468206483616" }, "providerStatus": "active", "paymentTemplates": [ "FPS", "SEPA", "SEPA_INSTANT", "SWIFT", "sepa_instant_payment", "sepa_instant_payment_with_account_select" ] }, { "providerShortData": { "providerId": "68", "providerCode": "fakebank_simple_xf", "providerName": "Fake Bank Simple", "connectionId": "1271846833827613453" }, "providerStatus": "active", "paymentTemplates": [] } ]}
POST /api/v1/saltage/providers	API to return all the providers the Salt Edge operates with was added (proxy of the Salt Edge method) request body: { "includeFakeProviders": true} response body: { "data": [ { "id": "69", "code": "paypal_xo", "name": "PayPal", "mode": "oauth", "status": "active",.....
POST /api/v1/saltedge/payment-initiation	API to initiate payment via Salt Edge secure widget was added. In the response request body: { "customerId": "1271846311217335041", "providerCode": "fake_client_xf", "templateIdentifier": "SEPA", "paymentAttributes": { "amount": "9.00", "creditor_iban": "UA213223130000026007233566001", "creditor_name": "Oleg Ivachenko", "currency_code": "EUR", "description": "test" }} response body: { "connectUrl": "https://www.saltedge.com/payments/connect?token=5bf0dfbb5ed698762ef82babd3b7b4ac7a81346f4481a5bdcbe2df6405b09227", "expiresAt": "2024-05-20T09:59:33.000Z"}