> ## Documentation Index > Fetch the complete documentation index at: https://docs.baanx.com/llms.txt > Use this file to discover all available pages before exploring further. # Welcome to Baanx API > Build powerful financial applications with cryptocurrency wallets and card payments Baanx Logo Baanx Logo ## The Complete Platform for Crypto-to-Card Finance Baanx API is a multi-tenant gateway that bridges cryptocurrency wallets with traditional card payments. Whether you're building a neobank, crypto exchange, or DeFi platform, our API provides everything you need to offer seamless financial services to your users. Secure authorization flow with hosted UI or custom authentication Custodial (platform-managed) and non-custodial (user-controlled) options Issue and manage debit cards linked to crypto wallets Grant spending authority while maintaining full custody on EVM and Solana GDPR/CCPA-compliant consent tracking with complete audit trails ## What Can You Build? Build wallets with integrated card payments for seamless crypto-to-fiat conversion Enable users to spend crypto with cards while maintaining self-custody Launch digital banks with crypto backing and traditional card rails Add card services to your crypto exchange with custodial wallets Integrate with existing Baanx accounts using OAuth 2.0 Create innovative payment experiences combining crypto and cards ## Choose Your Integration Path Building with Baanx requires two key decisions: ### Step 1: OAuth Implementation Mode Choose how your users will authenticate: **Full control over authentication UX** * ✅ Custom branded login experience * ✅ Native mobile app integration * ✅ Complete UI control * ✅ Headless/API-first systems * ❌ More integration steps (5 vs 4) * ❌ You handle user credentials **Best for:** Mobile apps, custom UX, white-label solutions **Quick setup with pre-built login** * ✅ Fastest implementation (\~30 min) * ✅ No credential handling * ✅ Built-in security * ✅ Perfect for web apps * ❌ Standard UI (limited branding) * ❌ Requires redirect flow **Best for:** Web apps, MVP/prototyping, third-party integrations **Recommendation:** Start with **API Mode** if you need custom UX or building mobile apps. Use **Hosted UI** only for quick web integrations or when custom auth UI isn't required. ### Step 2: Wallet Model Choose how keys are managed (independent of OAuth choice): **Platform manages keys** * ✅ Simpler integration * ✅ No wallet software needed * ✅ Direct card linking * ✅ Whitelist-based security * ❌ Platform custody required * ❌ Limited withdrawal flexibility **Best for:** Exchanges, neobanks, mainstream fintech apps, users new to crypto **Users control their own keys** * ✅ True self-custody * ✅ On-chain verification * ✅ Flexible withdrawals * ✅ DeFi-native approach * ❌ More complex setup * ❌ Requires wallet software (MetaMask, Phantom) * ❌ Delegation flow needed **Best for:** DeFi platforms, Web3 apps, crypto-native users, self-custody requirement **Understanding the relationship:** OAuth handles *authentication* (who the user is), while the wallet model handles *key custody* (who controls the crypto). All integrations use OAuth - you just pick the mode and wallet model that fits your use case. *** **Example:** Crypto exchange mobile app with card issuance **Your choices:** * OAuth: **API Mode** (custom login UI in your app) * Wallet: **Custodial** (you manage keys, users get simplicity) Follow [API Mode guide](/guides/oauth/api-mode) for custom login flow Learn about [platform-managed wallets](/guides/wallet/custodial/index) Enable [card linking](/guides/wallet/custodial/card-linking) Use [card operations](/guides/card/overview) to order cards **Implementation time:** \~4 hours **Example:** DeFi platform where users control their keys **Your choices:** * OAuth: **Hosted UI** (quick web integration) * Wallet: **Non-Custodial** (users maintain custody via MetaMask/Phantom) Follow [Hosted UI guide](/guides/oauth/hosted-ui) for redirect flow Review [non-custodial wallets](/guides/wallet/non-custodial/index) Follow [delegation guide](/guides/delegation/implementation) Integrate [EVM](/guides/delegation/evm-chains) or [Solana](/guides/delegation/solana) **Implementation time:** \~4 hours **Example:** Digital bank with white-label crypto cards **Your choices:** * OAuth: **API Mode** (fully branded experience) * Wallet: **Custodial** (platform security, user simplicity) Implement [API Mode](/guides/oauth/api-mode) with your branding Set up [internal wallets](/guides/wallet/custodial/index) Enable [card operations](/guides/card/overview) **Implementation time:** \~3 hours **Example:** Partner app accessing user accounts **Your choices:** * OAuth: **Hosted UI** (simplest, most secure for third parties) * Wallet: Depends on the main platform's configuration Learn [OAuth 2.0 with PKCE](/guides/oauth/quickstart) Follow [Hosted UI guide](/guides/oauth/hosted-ui) Use access tokens to [fetch user data](/api-reference/user/get-user) **Implementation time:** \~30 minutes Get up and running quickly **Perfect for:** Evaluating Baanx for your use case Start with these high-level overviews: API Mode vs Hosted UI - understand the differences Custodial vs non-custodial - choose based on your users Physical/virtual cards, PIN management, transactions How non-custodial users spend crypto with cards **New to crypto integration?** We recommend starting with **OAuth API Mode + Custodial Wallets** for the best balance of control and simplicity. ## Key Features ### Flexible Authentication Industry-standard authorization for third-party integrations with hosted UI or custom flows Traditional username/password authentication for first-party applications ### Wallet Options for Every Use Case **Platform manages keys** - Simpler integration, built-in security, whitelist-based withdrawals, direct card linking [Learn more →](/guides/wallet/custodial/index) **Users control keys** - True self-custody, blockchain delegation, multi-wallet support, on-chain verification [Learn more →](/guides/wallet/non-custodial/index) ### Card Management Issue both physical and virtual debit cards One-time tokens for viewing sensitive card details Users can view and set PINs securely Real-time transaction tracking and statements Freeze/unfreeze cards, manage limits Monitor activation, delivery, and usage ### Blockchain Delegation Support for Linea and Ethereum networks with smart contract delegation Native Solana integration with signature-based proof of ownership ### Consent Management GDPR, CCPA, and E-Sign Act compliance with immutable audit trails for all consent changes US and Global policy types with region-specific requirements (eSignAct for US users) Track all consent changes with timestamps, IP addresses, and user agent information Allow users to grant, deny, and revoke consent for marketing, SMS, and email notifications ## Multi-Tenant Architecture The Baanx API automatically routes requests to your environment based on your credentials. Each client receives unique keys for sandbox and production environments. **Required on ALL requests:** Include the `x-client-key` header in every API call for proper routing. Missing this header results in a 499 status code. ### Required Headers | Header | Required | Purpose | | --------------- | ----------------------- | -------------------------------------------- | | `x-client-key` | **Always** | Your public API key - identifies your tenant | | `Authorization` | Authenticated endpoints | Bearer token for user context | | `x-secret-key` | OAuth endpoints only | Secret key for client authentication | | `x-us-env` | Optional | Set to `true` for US region routing | ## Why Developers Choose Baanx Choose custodial or non-custodial models based on your business needs and user preferences OAuth 2.0 with PKCE, multi-tenant isolation, one-time tokens, and blockchain verification Clear documentation, OpenAPI specification, practical examples, and responsive support Battle-tested infrastructure handling real card transactions and blockchain operations ## Popular Integration Combinations **Mobile apps, neobanks, exchanges** Custom UX with platform-managed keys OAuth: API Mode | Wallet: Custodial **Time:** \~4 hours **Web apps, quick integrations** Fast setup with platform security OAuth: Hosted UI | Wallet: Custodial **Time:** \~2 hours **DeFi mobile apps, Web3 wallets** Custom UX with user-controlled keys OAuth: API Mode | Wallet: Non-Custodial **Time:** \~6 hours **DeFi web platforms** Quick OAuth setup with self-custody OAuth: Hosted UI | Wallet: Non-Custodial **Time:** \~4 hours ## Explore the Documentation **Conceptual documentation organized by domain** * [OAuth 2.0 & Authentication](/guides/oauth/quickstart) - Secure authorization flows * [User Management](/guides/user/overview) - Registration, profiles, verification * [Consent Management](/guides/consent/overview) - GDPR/CCPA-compliant consent tracking * [Wallet Management](/guides/wallet/overview) - Custodial and non-custodial options * [Non-Custodial Delegation](/guides/delegation/overview) - Blockchain delegation flows * [Card Operations](/guides/card/overview) - Card issuance and management Start with conceptual documentation **Complete endpoint documentation with examples** * [Authentication Endpoints](/api-reference/auth/oauth-authorize-initiate) - OAuth and login APIs * [User Endpoints](/api-reference/user/get-user) - User data and verification * [Card Endpoints](/api-reference/card/order) - Card operations and management * [Wallet Endpoints](/api-reference/wallet/credit) - Wallet operations and withdrawals * [Delegation Endpoints](/api-reference/delegation/token) - Blockchain delegation Detailed endpoint documentation ## Getting Started Checklist Contact your account manager to receive your `x-client-key` and `x-secret-key` for sandbox and production Select [API Mode](/guides/oauth/api-mode) (custom UX) or [Hosted UI](/guides/oauth/hosted-ui) (quick setup) based on your authentication needs Select [Custodial](/guides/wallet/custodial/index) (platform-managed) or [Non-Custodial](/guides/wallet/non-custodial/index) (user-controlled) based on your custody model Follow the [OAuth guide](/guides/oauth/quickstart) for your chosen mode to set up user authentication Implement [Consent Management](/guides/consent/overview) to track user consent for GDPR, CCPA, and E-Sign Act compliance. Consent collection is required during user registration before accessing card or wallet features. Use your sandbox credentials to test the full integration before going live, including consent collection flows Schedule an operational "go live" meeting with your account manager to review your integration and initiate the approval process for production credentials ## Need Help? Contact your technical account manager for implementation assistance Check [troubleshooting guides](/guides/oauth/troubleshooting) or contact support at [support@baanx.com](mailto:support@baanx.com) Download the complete OpenAPI 3.1 specification for your tools **Ready to get started?** Most developers begin with the [OAuth Quickstart](/guides/oauth/quickstart) to understand authentication, then move to their specific use case (wallets, cards, or delegation).