Skip to content

Latest commit

 

History

History
80 lines (56 loc) · 8.79 KB

_applications.md

File metadata and controls

80 lines (56 loc) · 8.79 KB

Applications

Registering an application

Developers will need to register their application before getting started. A registered application will be assigned a unique Client Id and Client Secret.

Security Notice: Your Client Secret should never be shared, must be kept secret at all times and should only be used from your server-side application.

Considerations

  • For security reasons, your application must be secured with a valid SSL certificate issued by a known Certificate Authority.
  • Likewise, the provided Redirect URL when registering the application must be a valid static subresource. Notice that this property cannot be dynamically reconfigured during authorization requests for security reasons.
  • The Redirect URL can also be a valid URI with a non-http/https protocol which is useful for mobile and desktop applications, for example: my-app://uphold/connect.
  • Users can revoke access to your application at any time. Your application must be prepared for this and, if necessary, should request authorization from the user again.
  • Your application may be suspended in an automated fashion in accordance with our Terms of Service.
  • Standard rate limits apply to all issued access tokens.

Permissions

When requesting authorization from a user the application must specify the level of access needed. These scopes are displayed to the user on the authorization form and currently the user cannot opt-out of individual scopes.

The following scopes are supported by the API:

Scope Description
accounts:read Can view all accounts and their information.
cards:read Can view all cards and their information.
cards:write Can create and update any card.
contacts:read Can view all contacts and their information.
contacts:write Can create and update any contact.
transactions:deposit Can create a deposit transaction.
transactions:read Can view any transaction.
transactions:transfer:application Can create a transaction between the user and the application.
transactions:transfer:others Can create a transaction between different users.
transactions:transfer:self Can create a transaction between a user's cards.
transactions:withdraw Can create a withdrawal transaction.
user:read Can view the user and their information.

Deprecated scopes

The following scopes are deprecated and will be removed in a future version of the API:

Scope Description
transactions:write Can create a transaction from any origin to any destination (another card or an external address), cancel and resend transactions. This scope is now deprecated in favor of the more fine-grained write scopes above (deposit, transfer and withdraw).
Important Notice: Only specify scopes that your application absolutely needs.

You can always request more scopes later by asking for user consent again.

Resources

We prefer that you use these image resources when connecting your applications to Uphold.

Connect Button
small (125x41), large (249x82)

Connect Button
small (206x41), large (412x82)

Connect Button
small (199x41), large (397x82)

Connect Button
small (125x41), large (249x82)

Connect Button
small (206x41), large (412x82)

Connect Button
small (199x41), large (397x82)

Connect Button
small (124x40), large (247x80)

Connect Button
small (205x40), large (410x80)

Connect Button
small (198x40), large (395x80)

Connect Button
small (125x41), large (249x82)

Connect Button
small (206x41), large (412x82)

Connect Button
small (199x41), large (397x82)

Connect Button
small (129x50), large (258x100)

Connect Button
small (129x50), large (258x100)

Connect Button
small (129x50), large (258x100)