Our REST APIs are not meant to be called directly by partner’s frontend applications, but rather by partner’s backend systems. A side-effect of this is that Uphold is unable to extract metadata of user’s requests, such as the user’s IP address, user agent, and other information that would be typically available otherwise.

To address this, Uphold provides a way for partners to pass users’ request metadata via headers. This metadata will be used to enrich the request and provide better insights into the end user’s actions. In fact, certain APIs require parts of the metadata to be present in order to function correctly, so it is highly recommended to include it in all API requests made by partners on behalf of their end users.

Partners should include the following headers in their API requests:

  • X-Uphold-User-Ip: The IP address of the end user.
  • X-Uphold-User-Agent: The user agent string of the end user’s device.
  • X-Uphold-User-Origin: The original Origin header if the request was made from a browser.
  • X-Uphold-User-Country: The country code (ISO 3166 - two letter) associated with the geolocation of the end user.
  • X-Uphold-User-Subdivision: The subdivision code (ISO 3166) associated with the geolocation of the end user.
  • X-Uphold-User-City: The city associated with the geolocation of the end user.