1. Vrtx Closed loop
Vrtx Docs
  • Welcome 👋
  • Get Started
  • Authentication
  • Responses
  • Pagination
  • Auth
    • Token
      POST
  • Businesses
    • List businesses
      GET
    • Create business
      POST
    • Get business by ID
      GET
  • Money Movement
    • Create fund
      POST
    • Create payout
      POST
    • Get payout
      GET
    • Create refund
      POST
    • Create reversal
      POST
    • Create transfer
      POST
    • Create withdrawal
      POST
  • Labels
    • List labels
      GET
    • Create label
      POST
  • Transactions
    • List transactions
      GET
    • Get transaction
      GET
    • List wallet transactions
      GET
  • Wallets
    • List wallets
      GET
    • Create wallet
      POST
    • Lookup wallet
      GET
    • Update wallet
      PATCH
    • Get wallet
      GET
    • Get wallet balance
      GET
    • Remove label from wallet
      DELETE
    • Remove specific label
      DELETE
    • Assign label
      PUT
  • Wallet Statements
    • Retrieve wallet statement
  • Webhooks
    • Register webhook endpoint (preview)
    • List webhook endpoints (preview)
Client APIsVrtx Closed loop
Client APIsVrtx Closed loop
  1. Vrtx Closed loop

Authentication

The vrtx closed-loop APIs use a secure API Key + Secret Key authentication model.
Your backend exchanges these credentials for a Bearer Access Token, which is then used to authenticate all API requests.

Overview#

All vrtx API calls follow this flow:
1.
Your backend sends client_id and client_secret to the Token Endpoint
2.
vrtx returns a Bearer token
3.
The Bearer token is used in every subsequent request
4.
When it expires, generate a new one using the same credentials

Before You Start#

1
Create an account on vrtx
A sandbox business is created for you with a developer access. Get your account!
2
Retrieve Your Credentials
From the vrtx dashboard, navigate to Developers → API Keys to obtain:
X-API-KEY
client_secret
3
Generate a Bearer Token
Call the /auth/token endpoint using your API credentials.
4
Store Token Securely
Save the access token on your server environment.
5
Authenticate All Requests
Send the token using:
Authorization: Bearer access_token

Authentication Model#

🔐 Secure Access
The API Key and Secret Key authenticate your backend securely.
⏱ Short-Lived Tokens
Bearer tokens have a limited lifespan for improved security.
🔄 Easy Rotation
Rotate keys anytime from the vrtx developer dashboard.

Token Endpoint#

vrtx uses a single endpoint to generate access tokens: Token
ItemValue
URLPOST /v1/auth/token
Authenticationclient_id + client_secret
Token TypeBearer
Expires InDefined by system configuration (e.g. 3600 seconds)

Request#

Response#

{
  "access_token": "vrtx_at_93bf2d181ab",
  "expires_in": 3600,
  "token_type": "Bearer"
}

Using the Token#

Once generated, include the token in every API request:

Example: Get Wallets#

Understanding Scopes#

Scopes determine what your token is allowed to do inside the vrtx closed-loop ecosystem.
Scopes are always formatted as:
Read/Write Scope
If you include both scoping values, separate them with a space:
You can pass one or both scopes in the scope parameter.
FunctionReadWrite
Fetch Data✔️✔️
Create / Update❌✔️
Financial Operations❌✔️
Be careful
Use the scope that fits your needs. In production, use read and write to achieve:
Full visibility
Execute operations

Best Practice for Choosing Scopes#

Use CaseRecommended Scope
Dashboards / Reporting / Analyticsclosedloop.read
Operational systems (wallet funding, payouts, cards)closedloop.write
Full backend integration in productionclosedloop.read closedloop.write
Third-party integrationsLeast privilege (read only unless necessary)
Modified at 2025-11-27 07:04:50
Previous
Get Started
Next
Responses
Built with