01 / IDENTITY
Customer onboarding
Create individual or business customers and launch provider-hosted KYC sessions. Money movement stays locked until approval is active.
Built in sandbox
Private sandbox now open
One API for money that moves across every rail.
Give your customers compliant onramps, offramps, virtual accounts, quotes, and transfers without placing provider credentials in their hands.
Every tenant is isolated. Every end customer completes provider KYC.
POST /v1/transfers
sandbox
{
"quote_id": "quo_7Jx...",
"source": {
"currency": "usdc",
"payment_rail": "base"
},
"destination": {
"currency": "usd",
"payment_rail": "ach"
}
}
✓
201 transfer created
request signed · fee recorded · audit logged
284 ms
01 Tenant-scoped API keys
02 Provider KYC boundary
03 Idempotent transfers
04 Fee ledger included
The platform
Infrastructure your product can build on, without rebuilding the regulated layer.
02 / ACCOUNTS
Virtual accounts
Issue reusable fiat deposit details for approved customers and define where converted funds settle.
Bridge adapter built03 / ORCHESTRATION
Quotes and transfers
Lock route, pricing, and platform fees in a quote before a signed, idempotent transfer reaches a provider.
API ready04 / ROUTING
Provider-aware routing
Keep one Monet contract while provider adapters evolve behind the server boundary. Availability remains approval-dependent.
BloxFi integration nextA controlled flow of funds
Your users see your product. Providers see the correctly identified customer and the full transaction context.
Create a customer
Your tenant sends only the required customer profile.
POST /v1/customers
Complete KYC
The provider records consent and verifies the end customer.
POST /kyc-sessions
Price the route
Monet returns provider, platform, and network fees explicitly.
POST /v1/quotes
Move the funds
A signed request executes once and creates a durable audit trail.
POST /v1/transfers
Designed for the real trust boundary
One provider relationship does not mean one shared identity.
Monet holds provider credentials server-side. Each developer gets a scoped API key, each request is signed, and every customer remains a distinct KYC record at the underlying provider.
AUTH
HMAC SHA-256 request signing
Timestamp and nonce replay protection
SCOPE
Tenant and permission isolation
Per-key scopes with optional IP allowlists
STATE
Idempotent write operations
Safe retries across client and provider timeouts
AUDIT
Request, fee, and ledger records
Traceable operations without leaking provider secrets
Developer first
Start in the mock sandbox. Change providers later.
The public contract stays stable while live provider access remains gated by commercial and compliance approval.
Node.js
Signed request
const response = await monet.customers.create({
external_id: "user_1042",
type: "individual",
full_name: "Avery Morgan",
email: "avery@example.com",
country_code: "US"
})
console.log(response.customer.id)Developer console
Sandbox workspace
Signed in
Loading…
Provider calls are simulated while the live program is reviewed.
Google authenticates the developer. API keys authenticate servers.
Browser sessions never receive provider keys or HMAC secrets. Tenant provisioning and production access remain server-controlled.