Skip to Content
DocumentationAPI ReferencePayment Intents

Payment Intents API

Overview

The Payment Intents API allows organizations to seamlessly integrate cryptocurrency payments into their applications. Whether you’re building a game, e-commerce platform, or any digital service, this API enables you to accept crypto payments and process withdrawals without managing complex blockchain infrastructure.

Typical Flow

  1. Account Creation - When a user registers for your service, create a KryptoGO account for them using the Custom Auth Login API
  2. Payment Processing - When users want to top up or make purchases, create a payment intent
  3. Status Monitoring - Track the status of payment intents, with updates via callback or polling
  4. Token Transfer - Use the Asset Pro Transfer API to transfer tokens to users when they want to withdraw funds

For game developers: This flow aligns perfectly with in-game purchases and rewards systems. Players can top up their accounts using crypto (steps 1-3) and withdraw their earnings (step 4).

Integration Use Cases

  • Gaming: Enable players to purchase in-game assets and withdraw earnings
  • E-commerce: Accept cryptocurrency payments for products and services
  • Digital Services: Offer subscription payments with crypto
  • Marketplaces: Facilitate buyer-seller transactions using blockchain technology
  • Loyalty Programs: Distribute rewards tokens to customers

All of these use cases follow the same basic flow outlined above, with variations in how you implement callbacks and user experiences.

Custom Auth Login API

Description

Create or authenticate a user account in the KryptoGO system using your organization’s authentication system. This API uses JWT (JSON Web Token) verification to securely authenticate users from your system.

Prerequisites

⚠️

Before using this API, you need:

  1. Client ID - Contact KryptoGO to get your client ID if you don’t have one
  2. A valid JWT token with user’s information from your system
  3. JWT verification setup (details below)

JWT Verification Setup

To enable secure JWT verification between your system and KryptoGO, you need to provide the following information to KryptoGO:

FieldDescriptionExample
JWK URLThe URL where your JSON Web Keys (JWK) can be fetched. This allows KryptoGO to verify the signature of tokens issued by your system.https://your-domain.com/.well-known/jwks.json
JWT AudienceThe audience claim that should be present in the JWT. This ensures tokens are intended for use with KryptoGO.https://wallet.kryptogo.app
JWT IssuerThe issuer claim that should be present in the JWT. This identifies your system as the token issuer.https://auth.your-company.com
JWT UID FieldThe field in your JWT payload that contains the unique user identifier.sub or user_id

Your KryptoGO account manager will configure these settings for you after you provide the information. Once configured, you can use the Custom Auth Login API to authenticate users.

JWT Token Requirements

The JWT token you provide should meet these requirements:

  1. Signed using RS256 algorithm with a key from your JWK URL
  2. Contains the correct audience matching what you’ve provided to KryptoGO
  3. Contains the correct issuer matching what you’ve provided to KryptoGO
  4. Contains a unique user identifier in the field specified by the JWT UID Field
  5. Not expired according to the exp claim in the token
  6. Properly formatted according to JWT standards

Example JWT payload structure:

{
  "iss": "https://auth.your-company.com", // Issuer - must match JWT Issuer
  "aud": "https://wallet.kryptogo.app", // Audience - must match JWT Audience
  "exp": 1733811354, // Expiration time (Unix timestamp)
  "iat": 1733811054, // Issued at time
  "sub": "user123", // Subject/User ID - must be in the field specified by JWT UID Field
  "name": "John Doe", // Additional user information
  "email": "john@example.com" // Additional user information
}

Implementing JWT for KryptoGO

Your JWT implementation must align with KryptoGO’s verification requirements:

  1. Key Requirements

    • Use RSA or ECDSA keys for signing your tokens
    • Publish your public keys at a JWKS endpoint (JSON Web Key Set)
    • Include the key ID (kid) in your JWT header that corresponds to a key in your JWKS

  2. JWT Header Requirements

    {
  "alg": "RS256", // Algorithm used (RS256, ES256, etc.)
  "typ": "JWT",
  "kid": "your-key-id" // Must match a key ID in your JWKS
}

  3. JWKS Endpoint Format Your JWKS endpoint should return a JSON response in this format:

    {
  "keys": [
    {
      "kty": "RSA",
      "kid": "your-key-id",
      "use": "sig",
      "alg": "RS256",
      "n": "base64-encoded-modulus",
      "e": "base64-encoded-exponent"
    }
  ]
}

Implementation Example

Here’s a simple example using Node.js and the jsonwebtoken library:

const jwt = require('jsonwebtoken');
const fs = require('fs');
 
// Read your private key (keep this secure!)
const privateKey = fs.readFileSync('private-key.pem');
 
// Your JWT implementation must include your key ID in the header
function generateToken(userId) {
  const payload = {
    iss: 'https://auth.your-company.com', // Must match your JWT Issuer setting
    aud: 'https://wallet.kryptogo.app', // Must match your JWT Audience setting
    sub: userId, // Assuming 'sub' is your UID field
    exp: Math.floor(Date.now() / 1000) + (60 * 60), // 1 hour expiration
    iat: Math.floor(Date.now() / 1000)
  };
  
  const header = {
    kid: 'your-key-id' // Must match a key in your JWKS
  };
  
  return jwt.sign(payload, privateKey, { 
    algorithm: 'RS256',
    header: header
  });
}

Hosting a JWKS Endpoint

You need to create an endpoint that serves your public keys in JWKS format. Here’s a simplified example:

const { JWK } = require('node-jose');
const fs = require('fs');
const express = require('express');
const app = express();
 
// Load your public key
const publicKey = fs.readFileSync('public-key.pem');
 
// Create a JWKS
async function createJWKS() {
  const key = await JWK.asKey(publicKey, { kid: 'your-key-id', use: 'sig', alg: 'RS256' });
  return { keys: [key.toJSON()] };
}
 
// Serve the JWKS
app.get('/.well-known/jwks.json', async (req, res) => {
  const jwks = await createJWKS();
  res.json(jwks);
});
 
app.listen(3000, () => {
  console.log('JWKS endpoint running on port 3000');
});

JWT Verification Process

When you send a token to the Custom Auth Login API, KryptoGO:

  1. Extracts the kid (key ID) from the token header
  2. Fetches the JWKS from your specified JWK URL
  3. Locates the key with the matching kid in the JWKS
  4. Verifies the token signature using the public key
  5. Validates that:
    • The token is not expired
    • The issuer (iss) matches your configured JWT issuer
    • The audience (aud) matches your configured JWT audience
  6. Extracts the user ID from the configured UID field
  7. Creates or authenticates the user in the KryptoGO system

Testing Your JWT Setup

Before integrating with production, we recommend testing your JWT implementation:

  1. Generate a sample token using your authentication system
  2. Decode and verify the token using a tool like jwt.io
  3. Check that all required claims (iss, aud, exp, and your UID field) are present
  4. Test with the Custom Auth Login API in a development environment

During the integration process, KryptoGO can help verify your JWT implementation and resolve any issues before going live.

Integration Workflow

Here’s the technical workflow for setting up the JWT authentication integration with KryptoGO:

  1. Setup Your Key Infrastructure

    • Generate RSA or ECDSA key pairs for signing tokens
    • Assign a unique key ID (kid) to each key
    • Create a JWKS endpoint that serves your public keys

  2. Configure Your JWT Generation

    • Implement token generation with proper headers (including kid)
    • Include required claims in the payload (iss, aud, exp, and your UID field)
    • Sign tokens using your private key

  3. Provide Configuration to KryptoGO

    • Share your JWKS URL (jwk_url)
    • Specify your JWT audience (jwt_audience)
    • Specify your JWT issuer (jwt_issuer)
    • Indicate which field contains the user ID (jwt_uid_field)

  4. Configuration by KryptoGO

    • KryptoGO updates your organization’s JWT verification settings
    • KryptoGO provides you with a client ID for API requests

  5. Integration Testing

    • Test token generation and verification
    • Ensure all required claims are properly included
    • Verify JWT headers contain the correct key ID
    • Test the end-to-end authentication flow

  6. Production Deployment

    • Implement proper key rotation procedures
    • Set up monitoring for JWKS endpoint availability
    • Establish a process for communicating changes to KryptoGO
⚠️

Key management is critical to security. Implement proper safeguards for your private keys and establish a process for key rotation. Any changes to your keys or JWKS endpoint must be coordinated with KryptoGO to prevent authentication disruptions.

Endpoint

POST https://wallet.kryptogo.app/v1/auth/login/custom

Headers

NameTypeRequiredDescription
Content-TypestringYesMust be application/json

Request Body

NameTypeRequiredDescription
client_idstringYesYour application’s client ID
tokenstringYesYour user’s authentication token

Response Fields

FieldTypeDescription
codenumberStatus code (0 for success)
data.kg_tokenstringKryptoGO token for authenticating subsequent requests

Example Request

const axios = require('axios');
 
const response = await axios.post(
  'https://wallet.kryptogo.app/v1/auth/login/custom',
  {
    client_id: 'abcd4321abcd',
    token: 'eyj6...'
  },
  {
    headers: { 'Content-Type': 'application/json' }
  }
);

Example Response

{
  "code": 0,
  "data": {
    "kg_token": "eyJhb..."
  }
}

Create Payment Intent

Description

Create a new payment intent when a user wants to top up their account or make a purchase using cryptocurrency.

Prerequisites

⚠️

Before using this API, you need:

  1. Client ID - Your application’s client ID
  2. Origin header - Your application’s domain

Endpoint

POST https://wallet.kryptogo.app/v1/payment/intent

Headers

NameTypeRequiredDescription
Content-TypestringYesMust be application/json
Client-IdstringYesYour application’s client ID
OriginstringYesYour application’s domain

Request Body

NameTypeRequiredDescription
fiat_amountstringYesThe amount in fiat currency (e.g., “300.0”)
fiat_currencystringYesThe fiat currency code (TWD or USD)
callback_urlstringNoURL to receive payment status updates
order_dataobjectNoArbitrary data about the order (e.g., order_id, item_id). Will be returned unaltered in callbacks. Max 1000 characters when marshalled.

Response Fields

FieldTypeDescription
codenumberStatus code (0 for success)
data.payment_intent_idstringUnique identifier for the payment intent
data.payment_chain_idstringThe blockchain network ID for the payment
data.payment_addressstringThe wallet address to receive the payment
data.token_addressstringThe token contract address
data.symbolstringThe token symbol (e.g., USDT)
data.decimalsnumberNumber of decimal places for the token
data.crypto_amountstringAmount of cryptocurrency to be paid
data.fiat_amountstringOriginal fiat amount specified
data.fiat_currencystringFiat currency code (TWD or USD)
data.payment_deadlinenumberUnix timestamp for payment expiration
data.statusstringCurrent status: pending, success, or expired

Callback

If you provide a callback_url, your server will receive a POST request when the payment status changes with the following data:

FieldTypeDescription
payment_intent_idstringUnique identifier for the payment intent
client_idstringYour application’s client ID
fiat_amountstringAmount in fiat currency
fiat_currencystringFiat currency code (TWD or USD)
payment_deadlinenumberUnix timestamp when the payment intent expires
statusstringCurrent status: pending, success, or expired
payment_chain_idstringThe blockchain network ID for the payment
symbolstringThe token symbol (e.g., USDT)
crypto_amountstringAmount of cryptocurrency paid
order_dataobjectThe order data you provided in the original request
callback_urlstringThe callback URL (your server endpoint)

Example callback payload:

{
  "payment_intent_id": "0h39QkYfZps7AUD1xQsj3MDFVLIMaGoV",
  "client_id": "9c5a79fc1117310f976b53752659b61d",
  "fiat_amount": "300.0",
  "fiat_currency": "TWD",
  "payment_deadline": 1715462400,
  "status": "success",
  "payment_chain_id": "arb",
  "symbol": "USDT",
  "crypto_amount": "2.53",
  "order_data": {
    "order_id": "uid_12345",
    "item_id": "100"
  },
  "callback_url": "https://example.com/callback"
}

Your server should respond with a 200 status code to acknowledge receipt of the callback.

Example Request

const axios = require('axios');
 
const response = await axios.post(
  'https://wallet.kryptogo.app/v1/payment/intent',
  {
    fiat_amount: '300.0',
    fiat_currency: 'TWD',
    callback_url: 'https://example.com/callback',
    order_data: {
      order_id: 'uid_12345',
      item_id: '100',
      customer_id: '0x03971234567890'
    }
  },
  {
    headers: { 
      'Content-Type': 'application/json',
      'Client-Id': 'your-client-id',
      'Origin': 'https://yourdomain.com'
    }
  }
);

Example Response

{
  "code": 0,
  "data": {
    "payment_intent_id": "123456789",
    "payment_chain_id": "arb",
    "payment_address": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
    "token_address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9",
    "symbol": "USDT",
    "decimals": 6,
    "crypto_amount": "9.23",
    "fiat_amount": "300.0",
    "fiat_currency": "TWD",
    "payment_deadline": 1733811354,
    "status": "pending",
    "payment_tx_hash": null,
    "order_data": {
      "order_id": "uid_12345",
      "item_id": "100",
      "customer_id": "0x03971234567890"
    },
    "callback_url": "https://example.com/callback"
  }
}

Get Payment Intent Status

Description

Check the current status of a specific payment intent.

Prerequisites

⚠️

Before using this API, you need:

  1. Client ID - Your application’s client ID
  2. Payment Intent ID - The ID of the payment intent to check

Endpoint

GET https://wallet.kryptogo.app/v1/payment/intent/{id}

Headers

NameTypeRequiredDescription
Client-IdstringYesYour application’s client ID
OriginstringYesYour application’s domain

Path Parameters

NameTypeRequiredDescription
idstringYesThe payment intent ID

Response Fields

FieldTypeDescription
codenumberStatus code (0 for success)
dataobjectSame structure as the Create Payment Intent response

Example Request

const axios = require('axios');
 
const response = await axios.get(
  `https://wallet.kryptogo.app/v1/payment/intent/${paymentIntentId}`,
  {
    headers: { 
      'Client-Id': 'your-client-id',
      'Origin': 'https://yourdomain.com'
    }
  }
);

Example Response

{
  "code": 0,
  "data": {
    "payment_intent_id": "123456789",
    "payment_chain_id": "arb",
    "payment_address": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
    "token_address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9",
    "symbol": "USDT",
    "decimals": 6,
    "crypto_amount": "9.23",
    "fiat_amount": "300.0",
    "fiat_currency": "TWD",
    "payment_deadline": 1733811354,
    "status": "success",
    "payment_tx_hash": "0x1234567890abcdef..."
  }
}

Transfer Tokens (Asset Pro Transfer)

Description

Transfer tokens to a user’s wallet when they want to withdraw funds from your application. This API can be used for game payouts, user withdrawals, or automated rewards distribution.

Use Cases

  • Game Withdrawals: Allow players to withdraw their in-game earnings to their personal wallets
  • Automated Payouts: Schedule regular payouts for rewards or earnings
  • User Withdrawals: Process withdrawal requests from your application’s users

Prerequisites

⚠️

Before using this API, you need:

  1. Organization ID - Contact KryptoGO to get your organization ID if you don’t have one
  2. Studio API Key - Obtained in KryptoGO Studio
  3. Sufficient token balance in your organization’s wallet

Endpoint

POST https://wallet.kryptogo.app/v1/studio/organization/{org_id}/asset/pro/transfer

Headers

NameTypeRequiredDescription
X-STUDIO-API-KEYstringYesYour Studio API key

Path Parameters

NameTypeRequiredDescription
org_idstringYesYour organization ID

Request Body

NameTypeRequiredDescription
chain_idstringYesThe blockchain network ID (e.g., “eth”, “arb”)
token_addressstringYesThe token contract address
amountstringYesThe amount to transfer (in token units, not wei)
tostringYesRecipient wallet address
memostringNoOptional memo for the transfer (useful for tracking purposes)

When specifying token amounts, use the token’s natural units (e.g., “10.5” USDT), not the smallest unit (wei). The API handles the conversion using the token’s decimals.

Response Fields

FieldTypeDescription
codenumberStatus code (0 for success)
data.tx_hashstringTransaction hash of the transfer (can be used to track on block explorers)
data.feestringTransaction fee amount

Error Codes

CodeDescriptionSolution
1002Parameter Incorrect ErrorCheck your request parameters for errors
4015Balance not enoughAdd more funds to your organization’s wallet
6003Transfer limit exceededReduce the transfer amount or contact KryptoGO to increase your limit
1013Internal unknown errorContact KryptoGO support with the request details
4016Get balance errorContact KryptoGO support

Example Request

const axios = require('axios');
 
const response = await axios.post(
  `https://wallet.kryptogo.app/v1/studio/organization/${orgId}/asset/pro/transfer`,
  {
    chain_id: "arb",
    token_address: "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9",
    amount: "10.0",
    to: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
    memo: "Game withdrawal"
  },
  {
    headers: { 
      'X-STUDIO-API-KEY': apiKey,
      'Content-Type': 'application/json'
    }
  }
);

Error Response Example

{
  "code": 4015,
  "message": "Balance not enough",
  "data": {
    "insufficient_amount": "5.25"
  }
}

Example Success Response

{
  "code": 0,
  "data": {
    "tx_hash": "0x1234567890abcdef...",
    "fee": "0.00021"
  }
}

List all payment intents of your organization

Description

Get all payment intents for your organization.

Prerequisites

⚠️

Before using this API, you need:

  1. Organization ID - Contact KryptoGO to get your organization ID
  2. Studio API Key - Contact KryptoGO to get your API key

Endpoint

GET https://wallet.kryptogo.app/v1/studio/organization/{org_id}/payment/intents

Headers

NameTypeRequiredDescription
X-STUDIO-API-KEYstringYesYour Studio API key

Path Parameters

NameTypeRequiredDescription
org_idnumberYesYour organization ID

Query Parameters

NameTypeRequiredDescription
statusstringNoFilter by status: pending, success, or expired
client_idstringNoFilter by client ID
page_numbernumberNoPage number for pagination
page_sizenumberNoNumber of items per page

Response Fields

FieldTypeDescription
payment_intent_idstringUnique identifier for the payment intent
payment_chain_idstringThe payment chain ID where customer should send tokens on
payment_addressstringThe wallet address where customer should send tokens to
token_addressstringThe smart contract address of the token being used for payment
symbolstringThe token symbol (e.g., USDT, USDC)
decimalsnumberNumber of decimal places for the token (e.g., 6 for USDT)
crypto_amountstringAmount of crypto tokens to be paid
fiat_amountstringOriginal fiat amount in the specified currency
fiat_currencystringFiat currency code (TWD or USD)
payment_deadlinenumberUnix timestamp when the payment intent expires
statusstringCurrent status: pending (awaiting payment), success (paid), or expired
payment_tx_hashstringUser’s transaction hash after successful payment, null if pending/expired

Example Request

const axios = require('axios');
 
const response = await axios.get(
  `https://wallet.kryptogo.app/v1/studio/organization/${orgId}/payment/intents`,
  {
    headers: { 'X-STUDIO-API-KEY': apiKey },
    params: { status: 'pending' }
  }
);

Example Response

{
  "code": 0,
  "paging": {
    "page_number": 1,
    "page_size": 10,
    "total": 1
  },
  "data": [
    {
      "payment_chain_id": "arb",
      "payment_intent_id": "123456789",
      "payment_address": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045",
      "token_address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9",
      "symbol": "USDT",
      "decimals": 6,
      "crypto_amount": "9.23",
      "fiat_amount": "300.0",
      "fiat_currency": "TWD",
      "payment_deadline": 1733811354,
      "status": "pending",
      "payment_tx_hash": null
    }
  ]
}
Last updated on
Embedded ModalChains