Documentation Index
Fetch the complete documentation index at: https://developer.uphold.com/llms.txt
Use this file to discover all available pages before exploring further.
KYC verification model
SummaryEvery KYC process is now explicit about who is responsible for verifying it — replacing the previous implicit authoritativeness model.Details- Verification object: Every KYC process now includes a
verificationobject withmodel(uphold-verifiedorpartner-verified),method(manualorautomatic),triggers, anddependencies. uphold-verifiedforidentityandproofOfAddress: These processes now support theuphold-verifiedmodel, meaning verification is driven by a third-party provider session hosted by Uphold. No explicit update can be made — Uphold is notified by the provider and updates the process automatically.
Crypto risk assessment updated for AAQ v3
SummaryThe Crypto Risk Assessment form for UK users has been refreshed to align with the latest revision of the FCA’s appropriateness assessment requirements (AAQ v3). Because the form is delivered as a dynamic form, integrations that renderhint.schema and hint.uiSchema pick up the new questionnaire automatically.Details- New users complete the updated AAQ v3 questionnaire.
- Users who already completed the previous version are not required to reassess.
Transaction and portfolio statements
SummaryAdded two new endpoints to retrieve monthly statements for a user’s portfolio holdings and transactions.Details- Portfolio statement: Returns holdings per asset at the end of a given period, including exchange rates.
- Transactions statement: Returns a paginated list of transactions for a given period, with full transaction details and exchange rates.
- Both endpoints accept
year,month, and an optionaldenominationparameter (single asset code, defaults toUSD) to control the currency used for exchange rates.
Bank address destination node on ACH withdrawals
SummaryACH withdrawal transactions now support bank-address as a destination node, allowing withdrawals without a linked external account (e.g., microdeposit disbursements during bank account ownership verification).DocumentationAction required- 🔍 Update your integration to handle ACH withdrawal transactions where
transaction.destination.node.typeisbank-address.
Dynamic forms: restructured options with field dependencies and validation rules
SummaryThe dynamic forms used in KYC processes have been enhanced with new capabilities and a restructured options format. These changes affect theprofile and taxDetails processes.Details- Restructured
dataoption: ThedataSourceandexcludeoptions have been restructured under adataobject withsourceandexcludeproperties, withsubdivisionsadded as a new supported source alongsidecountries. - New
formatoption: Custom display formats are now defined in the UI Schema viaoptions.format(e.g.,postal-codefor postal code inputs). Standard formats likedateremain in the JSON Schema. - New
rulesoption: Controls can now define client-side validation rules such asdifference-greater-than-or-equal-to-thresholdanddifference-less-than-or-equal-to-threshold, enabling constraints like age validation. - New
dependsOnoption: Controls can declare dependencies on other fields, enabling dynamic updates (e.g., subdivision list updates when country changes).
- ⚠️ Breaking Change: The
dataSourceoption has been replaced bydata.source, andexcludeis now nested underdata.exclude. Update your custom renderers to use the new structure. - 🔍 Implement support for the new
rules,dependsOn, andformatoptions in your custom renderers.
Limit details on transaction amount errors
SummaryTransaction amount validation errors now include alimit object in the error details, providing clearer information about which limit was hit and what the allowed bounds are.- Maximum and minimum amount limits: The
limitobject now containsmaximumAmountorminimumAmount, indicating the allowed bound for the transaction. - Periodic limits: When a daily, weekly, or monthly spending limit is exceeded, the API now returns a
transaction_amount_invaliderror. Therulefield encodes the period (e.g.amount-exceeds-daily-limit) and thelimitobject includes both the total allowed amount (maximumAmount) and the remaining allowance for the period (remainingAmount).
- ⚠️ Deprecation: Update your integrations to use
limit.maximumAmountorlimit.minimumAmountinstead ofthreshold.valueintransaction_amount_invaliderror details. - The
thresholdfield is still returned but will be removed in a future release.
Simulate crypto deposit
SummaryA new test helper endpoint is now available to simulate a crypto deposit in Sandbox. This endpoint allows you to test how your application handles incoming crypto deposits without needing to perform an actual testnet transfer.DocumentationSEPA deposits and withdrawals
SummaryIntroduced support for deposits and withdrawals via the SEPA network.Details- Deposit method: Added support for SEPA deposits.
- External accounts: SEPA accounts are automatically linked after the first successful deposit.
- Withdrawals: Quotes and transactions now support linked SEPA accounts as a destination.
- Simulate bank deposit: Added support for simulating SEPA deposits in the Sandbox environment.
ACH deposits and withdrawals
SummaryIntroduced support for deposits and withdrawals via the Automated Clearing House (ACH), along with the FedNow and Wire US bank rails.Details- Account deposit method: USD accounts can now be set up with a bank deposit method using US bank rails (ACH, FedNow, Wire).
- External accounts: US bank accounts can now be added as external accounts for withdrawals.
- Create quote: The external account node now accepts an optional
networkfield to select a specific US bank rail when the external account supports multiple networks. - Transaction nodes: Bank deposits produce a
bank-addressnode that identifies the network used for the transfer. - Rail constraints: Bank rails now support an
allowed-deposit-accountsconstraint to restrict deposits to the user’s default account.
Proof-of-address support for Veriff in KYC Connector API
SummaryThe Veriff KYC Connector now supports theproof-of-address process. Proof-of-address data (e.g. utility bills, bank statements) can now be ingested from Veriff PoA sessions, in addition to the previously supported profile, address, and identity processes.DocumentationFilter assets and networks by type
SummaryThe List Assets and List Networks endpoints now support atype query parameter, allowing results to be filtered by type (e.g. crypto, fiat).DocumentationCustom TTL when creating quotes
SummaryPartners can now specify a customttl when creating a quote, changing the platform default. This is useful when processing deposits or withdrawals through your own rails (e.g. a custom card processor), where the user needs more time to complete the transaction before the quote expires.This feature must be enabled per organization — contact your Account Manager to request access.DocumentationErrors with date_invalid code now use hyphenated details.rule values
SummaryError responses with the date_invalid code have been updated to use hyphenated values in the details.rule field for better consistency. This change affects all endpoints that return date_invalid errors.DetailsThe following rule values have changed:| Before | After |
|---|---|
difference_greater_than_threshold | difference-greater-than-threshold |
difference_greater_than_or_equal_to_threshold | difference-greater-than-or-equal-to-threshold |
difference_less_than_threshold | difference-less-than-threshold |
difference_less_than_or_equal_to_threshold | difference-less-than-or-equal-to-threshold |
- ⚠️ Breaking Change: Update any error handling logic that matches on
details.rulevalues to use the new hyphenated format.
List default accounts endpoint
SummaryAdded an endpoint to list the default account for each asset owned by a user. Results can be filtered by asset code using theasset query parameter.Default accounts are where funds are credited when a push deposit does not include a reference, or when the network does not support targeting a specific account.DocumentationVeriff provider support in KYC Connector API
SummaryAdded Veriff as a new KYC provider in the KYC Connector API. Partners can now ingest and normalize KYC data from Veriff, in addition to the existing Sumsub support.Details- Supported processes:
profile,address, andidentity. - Configuration management: New endpoints to get and set Veriff integration configuration, including session-to-process mapping and Veriff API credentials.
- Webhooks: Real-time notifications for ingestion lifecycle events (
ingestion-createdandingestion-status-changed).
List default accounts endpoint
SummaryAdded an endpoint to list the default account for each asset owned by a user. Results can be filtered by asset code using theasset query parameter.Default accounts are where funds are credited when a push deposit does not include a reference, or when the network does not support targeting a specific account.DocumentationDelete user endpoint requires review information
SummaryThe Delete User endpoint now requires a request body with review information when deleting a user account.DetailsThe request body must include areview object with the following properties:reason(required): The reason code for deleting the user account. Must be one of:other,closure-per-user-request,compliance-violation,fraud-violation,business-decision.note(optional): Additional notes about the account deletion.
- ⚠️ Breaking Change: The endpoint now requires a request body with a
reviewobject. Update all calls to includereview.reason(required) and optionallyreview.notein the request body.
New asset information endpoint
SummaryAdded asset information endpoint with descriptive details about each asset. The response supports locale selection via theAccept-Language header and format selection via the format query parameter (text by default, or html).The Market Pulse API endpoints have been reorganized on the documentation for better discoverability, but the paths and schemas remain unchanged.DocumentationNews articles limit parameter
SummaryChanged default news articles to 10 and added alimit query parameter allowing partners to control the number of articles returned. The parameter accepts values between 1 and 10.DocumentationUpdate set metadata response code
Summary We’ve updated the set metadata endpoint to return a 200 response code and the resulting metadata.Market Pulse API
SummaryIntroduced the Market Pulse API, providing partners with access to real-time market insights and latest news.DocumentationNew KYC Connector API
SummaryWe’ve launched the KYC Connector API, a new integration layer that connects third-party KYC providers with Uphold’s platform. This API eliminates the need to build and maintain custom integrations by automatically ingesting and normalizing provider data into Uphold’s KYC model for processes like profile, address, identity, and proof-of-address verification.Details- Workflow-based ingestion: Create ingestions that represent a KYC ingestion workflow for a given user and track its status via polling or webhooks.
- Multi-process support: Ingest profile, address, identity, and proof-of-address KYC processes in a single workflow.
- Multi-provider support: Ingest from multiple providers, starting with Sumsub support in this release and more providers coming soon.
Deprecated amount-limit-exceeded transaction status reason code
SummaryThe transaction status reason code amount-limit-exceeded has been deprecated and replaced with provider-maximum-limit-exceeded to provide clearer error information when transactions fail due to provider-imposed limits.DocumentationAction required- ⚠️ Breaking Change: Update your integrations to check for
provider-maximum-limit-exceededinstead ofamount-limit-exceededin thestatusDetails.reasonfield of failed transactions. - ❌ The
amount-limit-exceededreason code will no longer be returned.
Business user support in Widgets
SummaryBusiness user support is now available across all widgets, enabling partners to create sessions and embed widget experiences for business users as well as individuals.The Capabilities endpoints have also been enhanced to reflect business user permissions and features.Please note that for the Payment Widget, card withdrawals and bank transfers for business users will be supported in a future release.DocumentationMetadata support in the API
SummaryIntroduced new endpoints to manage metadata for API resources. Partners can now programmatically create, update, retrieve, and delete custom metadata for supported entities, enabling more flexible integrations and resource annotations.This feature allows you to attach arbitrary key-value data to resources, such as accounts or users, to support custom workflows, tagging, or additional business logic.DocumentationTravel Rule compliance for crypto transactions
SummaryAdded Travel Rule support in the Core API: endpoints and response hints to collect the required originator and beneficiary information for crypto deposits and withdrawals.Details- Transaction RFIs: New endpoints to get, list and update requests for information (RFIs) for crypto deposits that require Travel Rule data.
- Quote Requirements: Quote responses may include a
travel-rulerequirement when additional information is needed before executing a crypto withdrawal.
- Transactions — support for transactions subject to the Travel Rule
- Create session — create
deposit-formandwithdrawal-formsessions for the Travel Rule widget; see the Travel Rule Widget for installation and setup instructions.
- 🔔 Monitor
core.transaction.status-changedfor transactions with statuson-hold. - 🔍 Check for
travel-rulerequirements in quote responses when creating crypto withdrawal quotes.
Validate network address endpoint
SummaryIntroduced a new endpoint to programmatically validate the format of a network address before initiating a transaction. This helps ensure only valid crypto addresses are used, reducing the risk of user errors and failed transfers. Currently, validation is supported for addresses on crypto networks.DocumentationSupport for multiple address formats in crypto deposit methods
SummaryThe Set up account deposit method endpoint now supports multiple crypto address formats for a single deposit method. Partners can now retrieve and display all supported address formats (e.g.,native-segwit, wrapped-segwit, pubkey-hash) for a given network and asset, improving user experience and compatibility.DocumentationNew public Postman workspace
SummaryWe’ve launched a new public Postman Workspace to reduce friction when accessing our API collections, enabling a smoother developer-experience.The previous invite-only workspace will remain accessible until 25th of January 2026, but it won’t receive further updates.Actions required- Follow the updated Make your first API call guide to set up the new Postman workspace. While the setup process is largely unchanged, environment variables have been renamed for clarity.
Skip assets cooldowns test helper
SummaryIntroduced a new test helper endpoint to instantly bypass asset cooldowns in Sandbox environments.Asset cooldowns temporarily restrict features likebuy and deposit for compliance reasons. This test helper allows you to skip the waiting period during development and testing, enabling immediate access to all asset features.For example, when testing with GB users, you can bypass the 24-hour cooldown and immediately test deposit or purchase flows.DocumentationBusiness users
SummaryThe API has been expanded to support business users, enabling interactions similar to those available for individual users.At this stage, business users must be created and KYB’ed outside the API. Reach out to your Account Manager if you have a use-case where business users are needed.Once verified, a business user can be managed through the API, including creating accounts, linking external accounts, and initiating transactions.DocumentationThe documentation now includes badges to indicate the supported subject types for each endpoint.Terms of Service update for EEA users
SummaryAddedgeneral-pt-bop as a new Terms of Service code for EEA users, available starting December 10, 2025 at 10:00 AM UTC. The existing general-lt-fcs code remains accepted through the end of 2025.DocumentationActions required- Use
general-pt-bopfor new EEA users starting December 10, 2025 at 10:00 AM UTC. - Display updated Terms of Service to existing EEA users (previous acceptances automatically migrated).
EU and UK tax reporting regulatory requirements
SummaryEnhanced KYC processes to support EU and UK tax reporting regulatory requirements. Theprofile and taxDetails processes now dynamically adapt to the user’s country, collecting additional required properties for compliance.Enforcement dates- EU users: Starting on December 10, 2025 at 10:00 AM UTC for all users.
- UK users: Starting on December 30, 2025 at 10:00 AM UTC for newly registered users.
- Profile: Collects place of birth and other citizenships for EU users
- Tax Details: Supports tax address and multiple tax residence countries with flexible data collection when tax IDs cannot be provided
- Dynamic Forms: Uses JSON Forms with progressive disclosure based on user responses
- ⚠️ Breaking Change:
profileobject structure has changed in Get KYC overview and Update profile endpoints:- Properties moved to
input.details(previouslyinput). - The
citizenshipCountryhas been renamed toprimaryCitizenship. - New
profile.hintobject with dynamicschemaanduiSchema. - The legacy static structure is deprecated but still supported for backward compatibility. See Update profile for both versions.
- Update response parsing and property names in your integration.
- Properties moved to
- 🔍 Check
taxDetails.statusand usetaxDetails.hint.schemato collect required properties.
Crypto deposits and withdrawals
SummaryExpanded support for crypto funding flows, enabling seamless deposits and withdrawals in crypto.Details- New Capabilities: Introduced
bank-depositsandcrypto-deposits. The existingdepositscapability remains available for other deposit types. - Networks: Added
network.typetoList Networksas a validation hint for frontend integrations. - Quotes / Transactions: The
crypto-addressnode now includes anexecutionobject supporting three modes —onchain,offchain, andsimulated. Learn more about it here. - CDD for US Users: All users (including US users) will require to Update customer due diligence before making a crypto deposit or crypto withdrawal.
- Crypto deposit flow
- Crypto withdrawal flow
- Create quote with node type
crypto-addressas destination - Transaction schema with node
executionobject
- ⚠️ Update your integrations to read
destination.node.execution.transactionHashinstead ofdestination.node.transactionHash. - ❌ The old property will no longer return a value.
- 🔔 Ensure your app handles Customer Due Diligence for all users (including US users) before enabling crypto deposits or withdrawals.
Assets cooldown ended webhook
SummaryIntroduced a new webhook that notifies platforms when a user’s asset cooldown period ends. This enables partners to update asset availability, unlock trading actions, and notify users in real-time, without relying on polling.DocumentationActions required- ✅ No changes needed if cooldown tracking is not required for your use case.
- 🔔 Subscribe to this webhook to refresh asset states and proactively notify users when cooldowns end.
Topper API
SummaryIntroduced the Topper API to enable KYC sharing between partners and the Topper Widget, allowing partners to complete the KYC of a Topper user directly via the Core API.DocumentationPortfolio endpoints
SummaryIntroduced a group of endpoints to provide aggregated insights into a user’s financial position across all accounts.DocumentationFPS deposits and withdrawals
SummaryIntroduced support for deposits and withdrawals via the Faster Payments System (FPS).Documentation- Added
Bankto the Network types. - Added
Bank (FPS)to the Account deposit methods. - Added
Bankto the external account types. - Added
unique-account-number-vibanto the list of Capabilities.
Asset ordering
SummaryIntroduced support for sorting assets by various criteria, including market cap, price, and price variance. This enhancement enables partners to retrieve ordered asset lists from the API, eliminating the need for custom sorting logic.DocumentationWidgets API
SummaryIntroduced the Widgets API, enabling partners to create secure sessions for embedding Uphold widgets in their applications.Documentation- Create session for the Payment Widget.
Core API
SummaryIntroduced the Core API, providing the foundational infrastructure for building financial applications on Uphold.Included featuresThis initial release introduced all foundational components of the Core API, including:- Authentication endpoint to request access tokens using the OAuth2 protocol.
- Countries endpoints to retrieve information about the supported countries.
- Users endpoints to manage users, providing full CRUD capabilities and real-time webhooks to stay informed about user changes.
- KYC endpoints to manage KYC processes, ensuring that users are compliant with regulatory requirements. It also includes webhooks to notify about KYC status changes in real time.
- Capabilities endpoints to retrieve capabilities, the actions and features that users can perform on the platform.
- Terms of Service endpoints to retrieve applicable Terms of Service and record user acceptance, ensuring compliance with legal requirements.
- Files endpoints to generate upload and download links that support file-based KYC processes.
- Assets endpoints to retrieve information about the assets available on the platform, as well as the networks and rails used to transfer them.
- Accounts endpoints to manage users’ accounts, along with webhooks to asynchronously notify about account changes and balance updates.
- External accounts endpoints to link and manage financial accounts that users own outside the platform, such as debit or credit cards, enabling both pull deposits (moving funds into Uphold) and withdrawals (sending funds out of Uphold).
- Transactions endpoints to initiate and retrieve transactions through a unified RFQ (Request for Quote) model, supporting deposits, withdrawals, trades, and transfers across multiple asset types, along with webhooks to notify about transaction changes.