Skip to main content

About Login

Account Info

Account Information displays all data associated with your account, including your Mock Wallets (Avenia API Wallets), which are automatically created when you set up your Business Account. Detailed information on these wallet capabilities will be provided later.

fluxogram relation between access and accounts

HTTP GET Request:

https://api.sandbox.avenia.io:10952/v2/account/account-info

Parameters

FieldTypeDescription
subAccountIdstringThe ID of your sub-account. Instead of fetching data from your main account, it retrieves data from this sub-account.
tip

Remember that you can only pass a subAccountId if you have already created a subAccount.

note

When you create a business account, the Bank Account - BRL is automatically initialized, providing a PIX key (linked to your entire Business Account) and a unique BR Code for each account and subaccount.

cURL Example:

curl -X GET "https://api.sandbox.avenia.io:10952/v2/account/account-info" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Sample JSON Response:

{
  "id": "00000000-0000-0000-0000-000000000000",
  "accountInfo": {
    "id": "11111111-1111-1111-1111-111111111111",
    "accountType": "INDIVIDUAL",
    "name": "xxxxx",
    "countrySubdivisionTaxResidence": "BR-SP",
    "countryTaxResidence": "BRA",
    "identityStatus": "CONFIRMED",
    "fullName": "xxxxx",
    "birthdate": "9999-99-30T00:00:00Z",
    "taxId": "99999999999"
  },
  "wallets": [
    {
      "id": "be85cef0-d70a-47cc-9847-9014570efed5",
      "walletAddress": "0xXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
      "chain": "EVM"
    }
  ],
  "brCode": "00020126740014br.gov.bcb.pix01365c2c61a1-134b-4c34-958f-ea3122ac717f0212Avenia Deposit5204000053039865802BR5917Avenia API Ltda6009Sao Paulo621005060000016304DBD5",
  "createdAt": "2025-02-18T17:00:39.854943Z"
}

Account Balance

Here, we’ll retrieve all current balances for your main account or subaccount.

info

Keep in mind that the operation is still being performed by the subaccount, so it’s also necessary to include the subAccountId parameter here.

HTTP Get Request

https://api.sandbox.avenia.io:10952/v2/account/balances

Example Json Response

{
  "balances": {
    "ARSA": "0",
    "BRLA": "518",
    "EURC": "0",
    "USDC": "1.753243",
    "USDM": "0",
    "USDT": "0"
  }
}

Account Metadata

The Account Metadata endpoint provides configuration flags and currency unlock status for your account or subaccount.

info

This endpoint returns various account configuration settings, including which currencies are unlocked for operations.

HTTP GET Request

https://api.sandbox.avenia.io:10952/v2/account/metadata

Parameters

FieldTypeRequiredDescription
subAccountIdstringNoThe ID of your sub-account. Instead of fetching data from your main account, it retrieves data from this sub-account.

cURL Example

curl -X GET "https://api.sandbox.avenia.io:10952/v2/account/metadata" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Sample JSON Response

{
   "skipLiveness": false,
   "easierLevel1": false,
   "brlUnlocked": true,
   "usdUnlocked": false,
   "eurUnlocked": false,
   "arsUnlocked": false
}

Response Fields Explained

FieldTypeDescription
skipLivenessbooleanWhether liveness check is skipped during KYC
easierLevel1booleanWhether easier Level 1 KYC requirements are applied
brlUnlockedbooleanWhether BRL currency operations are unlocked
usdUnlockedbooleanWhether USD currency operations are unlocked
eurUnlockedbooleanWhether EUR currency operations are unlocked
arsUnlockedbooleanWhether ARS currency operations are unlocked
tip

Use this endpoint to check which currencies are available for your account before attempting operations.

Access

An Access is linked to account credentials, functioning as a login that grants access tokens. It allows management of both the Business Account and SubAccounts, depending on the assigned permissions.

Each access can create up to 100 additional accesses, but only admin accesses can create new ones.

warning

YOU NEED TO HAVE MFA OTP ENABLED TO CREATE AND EDIT ACCESSES

Access Creation

explanation fluxogram about accesses

The creation process consists of two steps:

  1. The Access Admin initiates the creation by providing the email and OTP of the new access. A validation request is then sent to the specified email.
  2. With the email token, the new access completes the process by setting up a password.

Access Creation (STEP 1)

HTTP POST Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/
FieldTypeDescription
otpstringOne-time password required for creation.
emailstringEmail of the new access being created.
payInbooleanPermission for pay-ins.
payOutbooleanPermission for pay-outs.
convertbooleanPermission for conversions.
onChainbooleanPermission for on-chain transactions.

Sample JSON body:

{
  "otp": "999999",
  "email": "your.new.access.email@provider.com",
  "permissions": {
    "payIn": true,
    "payOut": true,
    "convert": true,
    "onChain": true
  }
}

cURL Example:

curl -X POST "https://api.sandbox.avenia.io:10952/v2/auth/accesses/" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" \
-d '{
  "otp": "999999",
  "email": "your.new.access.email@provider.com",
  "permissions": {
    "payIn": true,
    "payOut": true,
    "convert": true,
    "onChain": true
  }
}'

A token will be sent to the provided email to complete the process.

Validation of Access Creation (STEP 2)

HTTP POST Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/validate/{token}
FieldTypeDescription
passwordstringNew password for the access.
passwordConfirmstringMust match the password field.

Sample JSON Body:

{
  "password": "UseAStrongPassword123!",
  "passwordConfirm": "UseAStrongPassword123!"
}

cURL Example:

curl -X POST "https://api.sandbox.avenia.io:10952/v2/auth/accesses/validate/eyJhdXXXXXXXXXXXXXXX" \
-H "Content-Type: application/json" \
-d '{"password": "UseAStrongPassword123!", "passwordConfirm": "UseAStrongPassword123!"}'

Once validated, the new access is ready.

Update Access Permissions

HTTP PATCH Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/

Sample JSON Body:

{
  "id": "00000000-0000-0000-0000-000000000000",
  "otp": "999999",
  "permissions": {
    "payIn": true,
    "payOut": true,
    "convert": true,
    "onChain": true
  }
}

cURL Example:

curl -X PATCH "https://api.sandbox.avenia.io:10952/v2/auth/accesses/" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" \
-d '{ ... }'

View Accesses

HTTP GET Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/
ParameterTypeDescription
emailstringFilters accesses by specified email.
payInbooleanFilters based on pay-in permission.
payOutbooleanFilters based on pay-out permission.
convertbooleanFilters based on conversion permission.
onChainbooleanFilters based on on-chain permission.

cURL Example:

curl -X GET "https://api.sandbox.avenia.io:10952/v2/auth/accesses?email=your.new.access.email@provider.com&payIn=true&payOut=true&convert=true&onChain=true" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Sample JSON Response

{
  "accesses": [
    {
      "id": "00000000-0000-0000-0000-000000000000",
      "email": "your.new.access.email@provider.com",
      "createdAt": "2025-02-07T19:54:17.727744Z",
      "updatedAt": "2025-02-07T19:54:17.727744Z",
      "frozenUntil": "0001-01-01T00:00:00Z",
      "accessPermission": {
        "id": "00000000-0000-0000-0000-000000000000",
        "permissions": {
          "admin": true,
          "payIn": true,
          "payOut": true,
          "convert": true,
          "onChain": true
        },
        "updatedAt": "2025-02-07T19:54:17.727744Z"
      },
      "mfa": {
        "id": "00000000-0000-0000-0000-000000000000",
        "createdAt": "2025-02-18T00:36:47.329722Z",
        "updatedAt": "2025-02-18T00:36:47.329722Z"
      }
    },
    ...
  ]
}

View a Specific Access

HTTP GET Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/{ACCESS_UUID_HERE}
FieldTypeDescription
idstringThe ID of an existing access.

cURL Example:

curl -X GET "https://api.sandbox.avenia.io:10952/v2/auth/accesses/00000000-0000-0000-0000-000000000000" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Sample JSON Response

{
  "id": "00000000-0000-0000-0000-000000000000",
  "email": "your.new.access.email@provider.com",
  "createdAt": "2025-02-07T19:54:17.727744Z",
  "updatedAt": "2025-02-07T19:54:17.727744Z",
  "frozenUntil": "0001-01-01T00:00:00Z",
  "accessPermission": {
    "id": "00000000-0000-0000-0000-000000000000",
    "admin": true,
    "payIn": true,
    "payOut": true,
    "convert": true,
    "onChain": true,
    "updatedAt": "2025-02-07T19:54:17.727744Z"
  },
  "mfa": {
    "id": "00000000-0000-0000-0000-000000000000",
    "createdAt": "2025-02-18T00:36:47.329722Z",
    "updatedAt": "2025-02-18T00:36:47.329722Z"
  }
}

Delete an Access

HTTP DELETE Request:

https://api.sandbox.avenia.io:10952/v2/auth/accesses/{ACCESS_UUID_HERE}?otp=999999
FieldTypeDescription
idstringThe ID of an existing access.
otpstringOne-time password (OTP) required to confirm delete.

cURL Example:

curl -X DELETE "https://api.sandbox.avenia.io:10952/v2/auth/accesses/00000000-0000-0000-0000-000000000000?otp=999999" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

And that's it. After the OK, that access has been deleted.

Viewing Current Access Information

HTTP GET Request:

https://api.sandbox.avenia.io:10952/v2/account/access-info

cURL Example:

curl -X GET "https://api.sandbox.avenia.io:10952/v2/account/access-info" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Account Limits

This guide explains how to retrieve the operational limits for your account or subaccount. Limits are defined monthly and are crucial for understanding your account's transaction capacity.

info

To view the limits of a subaccount, simply include the subAccountId as a parameter in the request.

Get Account Limits

HTTP GET Request:

https://api.sandbox.avenia.io:10952/v2/account/limits

cURL Example:

curl -X GET "https://api.sandbox.avenia.io:10952/v2/account/limits" \
-H "Authorization: Bearer eyJhdXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

Sample JSON Response:

{
  "limitInfo": {
    "blocked": false,
    "createdAt": "2025-07-22T03:24:29.032379Z",
    "limits": [
      {
        "currency": "*",
        "maxFiatIn": "100000",
        "maxFiatOut": "100000",
        "maxChainIn": "100000",
        "maxChainOut": "100000",
        "usedLimit": {
          "year": 2025,
          "month": 7,
          "usedFiatIn": "0",
          "usedFiatOut": "0",
          "usedChainIn": "0",
          "usedChainOut": "0"
        }
      },
      {
        "currency": "BRL",
        "maxFiatIn": "600000",
        "maxFiatOut": "600000",
        "maxChainIn": "600000",
        "maxChainOut": "600000",
        "usedLimit": { "..." }
      },
      {
        "currency": "USD",
        "maxFiatIn": "100000",
        "maxFiatOut": "100000",
        "maxChainIn": "100000",
        "maxChainOut": "100000",
        "usedLimit": { "..." }
      }
    ]
  }
}

Response Fields Explained

The response contains a limitInfo object with the following fields:

FieldTypeDescription
blockedbooleanIf true, all operations for this account are blocked due to limit restrictions.
createdAtstringThe timestamp when the limit information was generated.
limitsarray of objectsAn array containing limit details for different currencies.

Each object inside the limits array has the following structure:

FieldTypeDescription
currencystringThe currency of the limit. A value of * represents the global limit, which is consumed by any operation in any currency, expressed in USD. Other values (e.g., BRL, USD) represent specific limits for operations conducted in that currency.
maxFiatInstringThe maximum monthly limit for fiat deposits.
maxFiatOutstringThe maximum monthly limit for fiat withdrawals.
maxChainInstringThe maximum monthly limit for on-chain deposits.
maxChainOutstringThe maximum monthly limit for on-chain withdrawals.
usedLimitobjectAn object detailing the consumed limit for the current month (year, month), broken down by operation type (usedFiatIn, usedFiatOut, etc.). The values are expressed in the specified currency.
tip

Currency-specific limits are expressed in their own value. For example, a maxFiatIn of 100000000 for the ARS currency means a limit of 100 million Argentine Pesos.

Conclusion

You have learned how to manage Account Information and Accesses, including:

  • ✅ Retrieving Account Information
  • ✅ Checking Account Balances
  • ✅ Retrieving Account Metadata
  • ✅ Managing Accesses
  • ✅ Creating and Validating a New Access
  • ✅ Updating Access Permissions
  • ✅ Viewing Accesses
  • ✅ Deleting an Access
  • ✅ Checking Your Current Access Information
  • ✅ Get account limits

Following these steps provides a structured approach to handling authentication, authorization, and account management.