Swap USDC to and from MEXe on Solana
POST /ramp/quote with quoteAssets.type: "swap",
sourceAsset set to the USDC mint and targetAsset set to the MEXe mint; the FX
conversion between USDC and CETES is handled for you. The quote returns
requiresSwap: true with the exchangeRate and destinationAmount, and you
execute it like any other swap. See the swaps guide and
the Solana chain guide.Self-serve JWT auth configuration
You can now register the issuer and JWKS URL used to verify your partner-signed JWTs directly from the Etherfuse dashboard, instead of sending them to your Etherfuse representative. Set them once per environment (sandbox and production each keep their own registration), and Etherfuse fetches your JWKS from that URL to verify incoming tokens. See JWT authentication.KYB partner API
POST /ramp/organization, then
add,
list, and
remove members.
Track completion with
GET /ramp/organization/{id}/kyb/progress
or subscribe to the new kyb_updated webhook to skip polling. See
the KYB guide for the full walkthrough.Business identity verification via /idv
The/idv launch flow now
supports business customers. Personal customers still run a liveness face scan
matched against their existing KYC ID. Business customers, who have no prior ID
on file, complete a full ID document scan and face capture in a single session.
The trigger is unchanged: a bank account with
requiresAdditionalVerification: true. See
User Launch Flows.IDV Spanish localization
Appendlang=es to the /idv launch target to render the entire identity
verification flow in Spanish, including all UI text, scan prompts, and error
messages. Omit the parameter or pass lang=en for English. Example target:
/idv?bank_account_id=<uuid>&lang=es. See
User Launch Flows.Embedded wallets
POST /ramp/wallet and move on-chain assets without managing gas,
trustlines, or transaction construction. Each wallet is secured by a P-256
owner key that the partner (or their end-user) holds; Etherfuse proposes
transactions and the owner signs one approval per order.The flow: provision a wallet with a public key, quote and order as usual,
then sign the approvalMessage from
GET /ramp/order/{orderId}/approvals
and submit it to
POST /ramp/order/{orderId}/approvals.
Reserve, trustline, and gas costs are folded into the onramp fee shown in the
quote. See the embedded wallets guide and the
sandbox playground for the full
walkthrough.SPEI tracking code on orders
The order response andorder_updated webhook now include a
trackingCode field with the SPEI clave de rastreo for the fiat transfer.
On onramps this is the incoming deposit key; on offramps, the outgoing
payout key. Use it to look up the CEP receipt for reconciliation. The field
appears once the SPEI transfer settles. See
GET /ramp/order/{orderId}.KYB via JWT launch flow
Partners can now launch users directly into KYB usingtarget: /kyb in the
JWT launch flow. The hosted KYB renders in a
light, partner-friendly shell and shares the same compliance form as the
main dashboard. Standard jti claim for JWT replay protection
Partner JWTs now accept the standard jti (JWT ID, RFC 7519) claim for
replay protection alongside the existing nonce claim. Use either one, or
both (values must match). Existing integrations using nonce are
unaffected. See the
JWT authentication guide.Verification-complete webhook
Thebank_account_updated webhook now fires when biometric
verification completes and the bank becomes compliant: true, so partners
can react immediately without polling. Combined with the existing signal
when a bank needs verification (compliant: false), the webhook now covers
the full verification lifecycle.Larger KYC document uploads
POST /ramp/customer/{customerId}/kyc/documents now accepts up to 10 MB
per request (total across all images), up from the previous default. See
the KYC docs endpoint for document
requirements.Partner JWT face-scan verification
target: /idv in the JWT launch flow.
MXN ramps require biometric verification before fiat transfers are enabled.Agreement signing via launch flow
Launch users directly into electronic-signature and terms-and-conditions agreement flows usingtarget: /agreements in the
user launch flow. Works with both Firebase and
partner JWT authentication.Auth token access and refresh pairs
POST /auth/token now returns an access token and a refresh token. Use the
refresh token to obtain a new access token without re-signing a JWT:PT wrap and unwrap orders on Solana
Partners can now execute Principal Token wrap and unwrap orders on Solana using the existing/ramp/quote and
/ramp/swap flow with PT asset identifiers — the
testing swaps guide walks through it.KYC submission validates required fields
POST /ramp/customer/{customer_id}/kyc now validates required personal fields
up front — email, phoneNumber, occupation, name, dateOfBirth, and a
full address. Mexican customers (address.country: "MX") must include a
CURP; an RFC is optional. Missing or invalid fields return 400 with a list
of what to fix, as detailed in the onboarding guide.Authentication errors link to docs
Errors fromPOST /auth/token and the JWT launch flow now include an
error_uri (OAuth 2.0) that points to the matching entry in the
authentication errors guide, so you can jump
straight to the cause and fix.Auth token endpoint
POST /auth/token endpoint issues access tokens for server-to-server
calls — prefer it over launch-flow JWTs when you need backend-only access, as
described in the JWT authentication guide.Scoped API key enforcement
API keys now enforce scope-based access control: keys created after June 8 default to minimal scopes, while existing keys keep working unchanged. The authentication reference explains the scope model.Bank compliance webhook signal
bank_account_updated webhook now signals when a bank needs
additional verification: while compliant is false, the bank can’t be used
until the customer completes the verification flow.Biometric verification
Identity verification now supports biometric face-scan — the foundation for the partner JWT launch flow.Partner JWT auth launch
The partner dashboard can now launch users via partner-issued JWTs, so you can authenticate users with your own identity provider, as set up in the JWT authentication guide.JWKS-based JWT verification
Partners can now register a JWKS endpoint for JWT-based authentication: the platform fetches and caches public keys from your/.well-known/jwks.json
endpoint to verify partner-issued tokens, as described in the
JWT authentication guide.