Skip to main content

ChangeLogs

All recent API updates and changes are listed here. Updated as of: 15 Jan 2025

Authentication API

Updated: Added mandatory email field and simplified headers for login API.

What Changed:

  • email is now required in the request body
  • Only x-api-key header is needed (removed x-client-id)
  • Updated request format for better consistency

New Request:

curl --location --request POST \
--url '{{baseUrl}}/api/v1/authentication/login' \
--header 'x-api-key: {{Shared X-API key By Zoqq}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "client_key": "{{ClientID}}",
    "client_secret": "{{ClientSecret}}",
    "email": "test@email.com"
}'

Old Request (deprecated):

curl --location --request POST '{{baseUrl}}/api/v1/authentication/login' \
--header 'x-client-id: Shared By Zoqq' \
--header 'x-api-key: Shared By Zoqq' \
--data-raw '{
  "client_key":"key",
  "client_secret":"key"
}'

Create Account

Updated: The type field now supports only one valid value.

What Changed:

  • Allowed value: virtual_account
  • Old values like wallet_account or global_account are no longer supported
  • Requests using unsupported values will return an error: “Invalid account type… Must be: virtual_account”

Impact:

Clients must update their requests to use only virtual_account. Any integration using old types will fail with a 400 error.

Update Account API Removed

The Update Account API has been removed.

Reason:

This API was previously used only to update the account label, and is no longer required with the current flow.

Previous Requirement (Now Obsolete):

  • Mandatory header: x-account-id

  • Requests without this header failed with:

    “x-account-id is a required header and is missing”

Impact:

  • Clients can no longer update the account label using this API.
  • Any existing PATCH requests to this endpoint will no longer be supported.

Future Consideration:

This API may be reintroduced in the future if broader account update capabilities are required.

Close Account

Updated: x-account-id header is now required for closing an account.

What Changed:

  • Added required header: x-account-id
  • DELETE requests without this header will return: “x-account-id is a required header and is missing”

Impact:

Clients must provide the correct x-account-id. Without it, the close account API will reject the request with an error

Create Cardholder

Updated: Fixed incorrect endpoint path in documentation that caused 404 Resource Not Found.

What Changed:

  • Correct path is now: POST {{baseUrl}}/zoqq/api/v1/card/cardholder
  • Old path: {{baseUrl}}/zoqq/api/v1/cardHolders was removed
  • Request body and headers remain available in the API Reference section

Impact:

Clients should update their integrations to use the corrected path.

Get All Cardholders

Updated: Fixed incorrect path that caused 404 Resource Not Found.

What Changed:

  • Correct path: GET {{baseUrl}}/zoqq/api/v1/card/cardholder
  • Old/wrong path: {{baseUrl}}/zoqq/api/v1/cardHolders (removed)
  • This is a GET endpoint — no request body. Full examples remain in the API Reference.

Impact

Clients using the old path will receive 404 — update integrations to use the corrected GET path. If 404 persists, verify baseUrl, token validity, and case-sensitive routing.

Activate Card

Updated: Activation now requires passing id as a query parameter.

What Changed:

  • Correct format: POST {{baseUrl}}/zoqq/api/v1/card/activate?id={{CardID}}
  • Old documentation incorrectly placed id in the request body
  • Body is not required for this endpoint

Impact

Clients must include the id in the URL. If omitted, server returns: “id is a required parameter and is missing.”

Update Card

Updated:

  • Endpoint now requires card_id as a query parameter.
  • updated_by field is now part of the request body.

What Changed:

  • Correct path: PATCH {{baseUrl}}/zoqq/api/v1/card?id={{CardID}}
  • Old path: {{baseUrl}}/zoqq/api/v1/card did not include the id in the URL.
  • updated_by field was not present in previous documentation. Body structure remains the same except for the addition of updated_by.

Impact:

Clients must pass id in the URL; otherwise response: "id is a required parameter and is missing." Requests using the old endpoint with missing id will fail. Clients need to add updated_by in the request body.

Update Cardholder

Updated:
The endpoint now requires the cardholder id in the URL.

What Changed:

  • Corrected path: PATCH /zoqq/api/v1/card/cardholder?id={{CardholderID}}
  • Old path: /zoqq/api/v1/cardHolders (id was sent in the body)
  • updated_by and updated_at can now be included in the body.

Impact:

If id is not passed in the URL, the server returns: 404 Resource Not Found. Clients must update their integrations to use the new path and URL-based id.

Get Card Transactions

Updated: The endpoint now requires the card id in the URL.

What Changed:

  • Updated path: GET {{baseUrl}}/zoqq/api/v1/card/transaction?id={CardID}
  • Previously, card id was expected in the request body
  • Now, the request body must be empty

Impact:

If card id is not passed in the URL, the request will fail. Clients must remove body params and include the id only in the query parameter.

Get All Webhooks

Updated: Endpoint structure and response format have been updated.

What Changed:

  • New endpoint: GET {{baseUrl}}/getallwebhooks?program_code={{Shared ProductID By Zoqq}}
  • Old endpoint {{baseUrl}}/zoqq/api/v1/webhook/getallwebhook is deprecated
  • Response now returns data inside a data array
  • Includes event_description field in results

Impact:

Clients must update their integrations to use the new endpoint and response format. Older endpoint may return incomplete or unsupported responses.

Subscribe Webhook

Updated: Endpoint, request body fields, and authentication requirements have been updated.

What Changed:

  • New endpoint: POST {{baseUrl}}/api/subscribe
  • Old endpoint {{baseUrl}}/zoqq/api/v1/webhook/subscribe is deprecated
  • Added new field sender_email (required)
  • Added new field updated_by (optional — used only during webhook update)
  • subscription_type now supports two values: w (webhook) and n (notification)
  • Now requires x-api-key to be passed in the request body

Impact:

Clients must migrate to the new endpoint and update their request body to include sender_email, optional updated_by, and x-api-key. Old payload structure will fail and may result in request rejection.

Update Webhook

Updated: Endpoint, method type, and required request fields have been updated.

What Changed:

  • New endpoint: PATCH {{baseUrl}}/api/subscribe}

  • Old endpoint PUT {{baseUrl}}/zoqq/api/v1/webhook/update is deprecated

  • HTTP method changed from PUT → PATCH

  • Expanded request body with additional required fields:

    • subscription_type
    • agent_code
    • subagent_code
    • program_code
    • company_code
    • created_by
    • updated_by
    • x-api-key

  • Old payload structure with only event_name, webhook_url, and modified_by is no longer valid

Impact:

Clients must update their integration to use the new PATCH endpoint and send the full request body. Old requests will fail and return validation errors.

Delete Webhook

Updated: Endpoint and request structure have been modified.

What Changed:

  • New endpoint: DELETE {{baseUrl}}/api/subscribe}

  • Old endpoint DELETE {{baseUrl}}/zoqq/api/v1/webhook/delete is deprecated

  • Request body format updated with additional mandatory fields

  • New required fields added:

    • subscription_type
    • agent_code
    • subagent_code
    • program_code
    • company_code
    • created_by
    • webhook_url
    • updated_by

  • Old payload with just event_name & deleted_by is no longer supported

Impact:

Clients must switch to the new endpoint and include all required fields in the request body. Old delete request formats will return validation errors.

Get Card Limit API Removed

Updated: The standalone Get Card Limit API has been removed.

What Changed:

  • The Get Card Limit API endpoint is no longer available.

  • Card transaction limits and remaining amounts can now be retrieved from the Get Card Details API.

  • The Get Card Details API returns:

    • Purchase transaction limits
    • Cash withdrawal limits
    • Remaining available amounts for both purchase and cash withdrawals

Impact:

Clients using the Get Card Limit API must migrate to the Get Card Details API to obtain card limit and usage information. Requests to the removed endpoint will no longer be supported.

New API Additions

CARDS

1. GET Cardholder Details: Fetches complete information for a specific cardholder using their ID.

2. DELETE Cardholder: Deletes an existing cardholder from the system.

3. GET All Cards by Cardholder ID: Returns all cards associated with a given cardholder.

CARD SIMULATION

Introduced Card Simulation capability to simulate card transactions for testing authorization, processing, and settlement flows prior to go-live.

FOREIGN EXCHANGE

1. GET Current Rate: Provides the latest FX rate for the requested currency pair.

PAYOUT

1. GET Beneficiary by ID: Retrieves beneficiary details using a unique ID.

2. Delete Beneficiary: Deletes an existing beneficiary using the BeneficiaryID.

3. GET Payout Status: Checks the current status of a payout.

4. PATCH Cancel Payout: Cancels an initiated payout (if eligible).

5. GET Scheduled Payout List: Fetches all scheduled payouts for the account.

WEBHOOK

1. Retrieve Subscribed Webhook: Gets the list of subscribed webhooks.

All New API Playground

We’ve introduced a Try It Out section for every API, allowing users to interactively test endpoints directly in our sandbox environment. This enables faster validation of requests and real-time visibility into responses, making integration and debugging much easier.