Skip to content

Ripple Collections (0.1.0)

The Ripple Collection APIs are used to manage collections, manage payment channels, manage partners and settlements.

API environments

The Ripple Collection APIs offers the following environments:

Environment
Base URLDescription
Sandboxhttps://docs.ripple.com/products/collections/_mock/api/collectionsSandbox environment with mock data which does not require auth.
UAThttps://api.test.ripple.comUAT environment with simulated transactions.
Productionhttps://api.ripple.comProduction environment

API authentication

All API operations in UAT and Production require a Bearer access token specific to the environment you're using. Ripple provides a secure model for authentication and authorization by providing access tokens scoped for a set of credentials.

Generate client ID and client secret

You will need your client ID and client secret to obtain an access token. If you do not already have your client ID and client secret, do the following:

  1. Log into the Ripple Collections UI. 2. In the left navigation menu, click Settings. 3. Under Administration, click API Credentials. 4. In the dropdown list next to the page title, select the access environment. For example, to provision credentials for the test environment, select Test from the dropdown list. 5. In the upper right corner of the page, click New Credential. 6. Click Save and Generate Key. Caution: The client secret is displayed only once when you are creating new credentials. You cannot retrieve the secret after exiting this page. Copy and store the client secret securely and share it with authorized individuals in accordance with your organization's security policy. You can now use the client ID and client secret to generate access tokens using the Request an access token operation.

Request an access token

To get an access token, use the Request an access token operation with your client_id and client_secret. The response contains a token in the access_token field. We recommend rotating your API credentials at regular intervals according to your organization's security policy. Note: Authentication tokens are not a fixed length and can vary, avoid validating tokens based on character length.

Idempotency

When a client supplies a unique key (X-Idempotency-Key, UUID). The header is optional: if it is omitted the request is processed normally (no deduplication, no replay). Supplying the header is strongly recommended for POST operations that create side effects. Provide optional X-Idempotency-Key on POST writes for safe retries:

  • Success → cached and replayable.
  • In-flight duplicate → 409 (retry later).
  • Mismatch → 422.
  • Failure → entry removed (safe retry).
  • Only successes are replayed.

With vs Without the Header

With X-Idempotency-Key:

  • First request claims and (if successful) caches response.
  • Concurrent duplicates while in flight receive 409 + Retry-After: 1.
  • Later identical retries get the cached 2xx response.
  • Different payload/path/method using same key → 422 mismatch.

Without the header:

  • Filter bypasses idempotency entirely.
  • Each call executes independently; duplicates may create repeated side effects.

Verifying Webhooks

When receiving webhooks, the signing operation has already been performed by the platform and you must validate the signature we provide to ensure the webhook originated from us. When creating a subscription (using the subscription API), you are provided a signature_verification_key. This value is a base64‑encoded symmetric secret used to compute an HMAC-SHA256 signature for each webhook payload. You must persist this secret securely at subscription creation time.

NOTE: The returned signature_verification_key is base64-encoded binary. In the code sample below we base64‑decode it to raw bytes (you do NOT re‑encode it). You may display it in hex for debugging, but hex is not required for verification. When a webhook is dispatched:

  • We include X-Webhook-Timestamp (epoch milliseconds).
  • We include X-Webhook-Signature in the form: t=<timestamp>,v1=<hex_hmac_sha256>.
  • You reconstruct the exact signing string and verify.

Verification is a 2 step process:

Step
ActionDescription
1ReconstructConcatenate the timestamp, a dot (.), and the SHA256 hex digest of the raw request body: <timestamp>.<sha256(body)>
2VerifyHMAC-SHA256 the signing string with the decoded secret; compare the resulting hex digest to v1 (constant-time).

Fields Used in the Signature

Field
Description
TimestampRaw value from X-Webhook-Timestamp (epoch millis as a string).
BodyThe exact raw HTTP request body bytes (no parsing / reformatting).
body_hashSHA256 hex digest of the raw body.
signing_string<timestamp>.<body_hash>
SecretBase64-decoded signature_verification_key.
SignatureHex digest of HMAC_SHA256(secret, signing_string) placed in v1.

If any of these values are transformed (e.g. JSON pretty-printed, numeric formatting changed, timestamp altered) the verification will fail.

Verification Example


def verify_webhook(raw_body: bytes, timestamp: str, signature_header: str, base64_secret: str, max_age_seconds: int = 300) -> bool:
"""
Verify an incoming webhook.

Parameters:
raw_body:        Exact raw request body bytes (no mutation).
timestamp:       X-Webhook-Timestamp header (epoch millis as string).
signature_header:X-Webhook-Signature header in form "t=<timestamp>,v1=<hex>".
base64_secret:   subscription signature_verification_key (base64).
max_age_seconds: Allowed clock skew / replay window (0 disables freshness check).

Returns: True if signature is valid, else False.

"""
if not (raw_body and timestamp and signature_header and base64_secret): return False

# Parse signature header
parts = {}
try:
for seg in signature_header.split(","):
k, v = seg.split("=", 1)
parts[k.strip()] = v.strip()
except Exception:
return False

if parts.get("t") != timestamp or "v1" not in parts:
return False

# Freshness (optional)
if max_age_seconds > 0 and timestamp.isdigit():
try:
ts_int = int(timestamp)
# Detect millis
if ts_int > 1_000_000_000_000:
ts_int //= 1000
if abs(int(time.time()) - ts_int) > max_age_seconds:
return False
except ValueError:
return False

# SHA256 hex of body
body_hash = hashlib.sha256(raw_body).hexdigest()
signing_string = f"{timestamp}.{body_hash}".encode("utf-8")

# Decode secret (single base64 decode only)
try:
secret = base64.b64decode(base64_secret, validate=True)
except Exception:
return False

expected = hmac.new(secret, signing_string, hashlib.sha256).hexdigest()
provided = parts["v1"]
# Constant-time compare
return hmac.compare_digest(expected, provided)

Flask Usage Example

from flask import Flask, request, Response
import os

from verifier import verify_webhook  # assuming the function above saved as verifier.py
app = Flask(__name__)
SECRET = os.environ.get("WEBHOOK_SECRET_VERIFICATION_KEY")  # set from secure config


@app.post("/webhook")
def webhook():
raw_body = request.get_data()  # exact bytes
ts = request.headers.get("X-Webhook-Timestamp", "")
sig = request.headers.get("X-Webhook-Signature", "")
if not verify_webhook(raw_body, ts, sig, SECRET, max_age_seconds=300):
return Response("invalid signature", status=400)
# Safe to parse AFTER verification
return Response("ok", status=200)

Key Points

  • Always read raw bytes first; only parse JSON after verification.
  • Do not pretty-print or modify the JSON before hashing.
  • Reject if age window exceeded or headers malformed.
  • Use hmac.compare_digest for constant-time comparison.

Common Pitfalls

IssueCauseResolution
signature_mismatchSecret double-base64 encodedUse original subscription value directly
signature_mismatchBody re-serialized / pretty-printedHash exact raw bytes
signature_mismatchTimestamp mismatch between t and headerEnsure they match verbatim
Stale timestampClock skew or delayed processingCheck system clock; adjust max age
Invalid header formatMissing t= or v1= segmentEnsure exact format t=...,v1=...

Checklist

  • Captured raw body (not parsed then re-stringified)
  • Extracted X-Webhook-Timestamp
  • Parsed X-Webhook-Signature → t & v1
  • Computed SHA256 hex of raw body
  • Built signing string <timestamp>.<body_hash>
  • Base64-decoded stored secret
  • HMAC-SHA256 computed & constant-time compared
  • (Optional) Freshness window passed

If every box is checked and comparison succeeds, the webhook is authentic.

Download OpenAPI description
collections.json
collections.yaml
Languages
Servers
Mock server

https://docs.ripple.com/_mock/products/collections/api/collections/

https://api.test.ripple.com/

https://api.ripple.com/

Authentication

Endpoints for authentication

Operations

Collection Channels

Endpoints for managing persistent collection channels

Operations

Partners

Endpoints for managing partners who can transact

Operations

List partners

Request

Retrieves a list of partners, filterable by ID or type.

Security
Bearer
Query
idstring(uuid)

Filter partners by specific partner ID

Example: id=0c5479ff-3772-4123-b2b7-e679e71eb570
sincestring(date-time)

ISO 8601 timestamp after partner was created

Example: since=2025-06-17T12:00:00Z
untilstring(date-time)

ISO 8601 timestamp before partner was created

Example: until=2025-06-17T12:00:00Z
typestring(PartnerType)

Filter partners by type

Enum"BUSINESS""INDIVIDUAL"
Example: type=BUSINESS
statusstring(PartnerStatus)

Filter partners by type

Enum"PENDING""ON_HOLD""FAILED""ACTIVATED""DEACTIVATED"
Example: status=PENDING
external_reference_idstring

External reference id for partner

Example: external_reference_id=Ref-123
pageinteger>= 1

Page number (starts at 1)

Default 1
Example: page=1
sizeinteger>= 1

Page size (items per page)

Default 10
Example: size=10
curl -i -X GET \
  'https://docs.ripple.com/_mock/products/collections/api/collections/v0/collections/partners?id=0c5479ff-3772-4123-b2b7-e679e71eb570&since=2025-06-17T12%3A00%3A00Z&until=2025-06-17T12%3A00%3A00Z&type=BUSINESS&status=PENDING&external_reference_id=Ref-123&page=1&size=10' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

A list of partners.

Bodyapplication/json
contentArray of objects(Partner)
pageobject(PageMetadata)

Pagination metadata.

Response
application/json
{
  "content": [
    {}
  ],
  "page": {
    "page": 1,
    "size": 10,
    "total_elements": 100,
    "total_pages": 10
  }
}

Create a partner

Request

This API allows users to add new parties who can transact.

Security
Bearer
Bodyapplication/jsonrequired
namestringrequired

Full name of the partner organization or individual

Example: "Nigerian Imports Ltd."
emailstring(email)required

Email address for partner communications

Example: "nigerian@imports.com"
external_reference_idstring

External reference id for partner

Example: "Ref-123"
dataobject(PartnerMetadata)
curl -i -X POST \
  https://docs.ripple.com/_mock/products/collections/api/collections/v0/collections/partners \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Nigerian Imports Ltd.",
    "email": "nigerian@imports.com",
    "external_reference_id": "Ref-123",
    "data": {
      "type": "BUSINESS",
      "legal_entity": "Nigerian Imports Ltd.",
      "registration_number": "RC-123456-NGR",
      "registration_type": "AIIN",
      "country": "NG",
      "city": "Lagos Island",
      "postal_code": "10010",
      "address": "15 Marina Street",
      "address_line_2": "Suite 200"
    }
  }'

Responses

Partner created successfully.

Bodyapplication/json
idstring(uuid)read-onlyrequired

Unique identifier for the partner

Example: "0c5479ff-3772-4123-b2b7-e679e71eb570"
namestringrequired

Full name of the partner organization or individual

Example: "Nigerian Imports Ltd."
emailstring(email)required

Email address for partner communications

Example: "nigerian@imports.com"
external_reference_idstring

External reference id for partner

Example: "Ref-123"
dataobject(PartnerMetadata)
statusstring(PartnerStatus)required

Partner status for collection links or channels

Enum"PENDING""ON_HOLD""FAILED""ACTIVATED""DEACTIVATED"
Example: "PENDING"
reasonstring or null

Reason for current status (if applicable)

Example: null
created_atstring(date-time)read-onlyrequired

Timestamp when the partner was created

Example: "2025-09-18T22:54:00.542Z"
updated_atstring(date-time)read-onlyrequired

Timestamp when the partner was last updated

Example: "2025-09-18T23:54:00.542Z"
Response
application/json
{
  "id": "0c5479ff-3772-4123-b2b7-e679e71eb570",
  "name": "Nigerian Imports Ltd.",
  "email": "nigerian@imports.com",
  "external_reference_id": "Ref-123",
  "data": {
    "type": "BUSINESS",
    "legal_entity": "Nigerian Imports Ltd.",
    "registration_number": "RC-123456-NGR",
    "registration_type": "AIIN",
    "country": "NG",
    "city": "Lagos Island",
    "postal_code": "10010",
    "address": "15 Marina Street",
    "address_line_2": "Suite 200"
  },
  "status": "PENDING",
  "reason": null,
  "created_at": "2025-09-18T22:54:00.542Z",
  "updated_at": "2025-09-18T23:54:00.542Z"
}

Get partner by ID

Request

This API allows users to retrieve a specific partner by their ID.

Security
Bearer
Path
partner_idstring(uuid)required

Unique identifier of the partner to retrieve

Example: 0c5479ff-3772-4123-b2b7-e679e71eb570
Query
external_reference_idstring

External reference id for partner

Example: external_reference_id=Ref-123
curl -i -X GET \
  'https://docs.ripple.com/_mock/products/collections/api/collections/v0/collections/partners/0c5479ff-3772-4123-b2b7-e679e71eb570?external_reference_id=Ref-123' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Successful response

Bodyapplication/json
idstring(uuid)read-onlyrequired

Unique identifier for the partner

Example: "0c5479ff-3772-4123-b2b7-e679e71eb570"
namestringrequired

Full name of the partner organization or individual

Example: "Nigerian Imports Ltd."
emailstring(email)required

Email address for partner communications

Example: "nigerian@imports.com"
external_reference_idstring

External reference id for partner

Example: "Ref-123"
dataobject(PartnerMetadata)
statusstring(PartnerStatus)required

Partner status for collection links or channels

Enum"PENDING""ON_HOLD""FAILED""ACTIVATED""DEACTIVATED"
Example: "PENDING"
reasonstring or null

Reason for current status (if applicable)

Example: null
created_atstring(date-time)read-onlyrequired

Timestamp when the partner was created

Example: "2025-09-18T22:54:00.542Z"
updated_atstring(date-time)read-onlyrequired

Timestamp when the partner was last updated

Example: "2025-09-18T23:54:00.542Z"
Response
application/json
{
  "id": "0c5479ff-3772-4123-b2b7-e679e71eb570",
  "name": "Nigerian Imports Ltd.",
  "email": "nigerian@imports.com",
  "external_reference_id": "Ref-123",
  "data": {
    "type": "BUSINESS",
    "legal_entity": "Nigerian Imports Ltd.",
    "registration_number": "RC-123456-NGR",
    "registration_type": "AIIN",
    "country": "NG",
    "city": "Lagos Island",
    "postal_code": "10010",
    "address": "15 Marina Street",
    "address_line_2": "Suite 200"
  },
  "status": "PENDING",
  "reason": null,
  "created_at": "2025-09-18T22:54:00.542Z",
  "updated_at": "2025-09-18T23:54:00.542Z"
}

Update a partner

Request

API to update a partner to use in collections API.

Security
Bearer
Path
partner_idstring(uuid)required

Unique identifier of the partner to update

Example: 0c5479ff-3772-4123-b2b7-e679e71eb570
Bodyapplication/jsonrequired
namestring

Full name of the partner organization or individual

Example: "Nigerian Imports Ltd."
emailstring(email)

Email address for partner communications

Example: "nigerian@imports.com"
external_reference_idstring

External reference id for partner

Example: "Ref-123"
dataobject(PartnerMetadata)
curl -i -X PUT \
  https://docs.ripple.com/_mock/products/collections/api/collections/v0/collections/partners/0c5479ff-3772-4123-b2b7-e679e71eb570 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Nigerian Imports Ltd.",
    "email": "nigerian@imports.com",
    "external_reference_id": "Ref-123",
    "data": {
      "type": "BUSINESS",
      "legal_entity": "Nigerian Imports Ltd.",
      "registration_number": "RC-123456-NGR",
      "registration_type": "AIIN",
      "country": "NG",
      "city": "Lagos Island",
      "postal_code": "10010",
      "address": "15 Marina Street",
      "address_line_2": "Suite 200"
    }
  }'

Responses

Partner updated successfully.

Bodyapplication/json
idstring(uuid)read-onlyrequired

Unique identifier for the partner

Example: "0c5479ff-3772-4123-b2b7-e679e71eb570"
namestringrequired

Full name of the partner organization or individual

Example: "Nigerian Imports Ltd."
emailstring(email)required

Email address for partner communications

Example: "nigerian@imports.com"
external_reference_idstring

External reference id for partner

Example: "Ref-123"
dataobject(PartnerMetadata)
statusstring(PartnerStatus)required

Partner status for collection links or channels

Enum"PENDING""ON_HOLD""FAILED""ACTIVATED""DEACTIVATED"
Example: "PENDING"
reasonstring or null

Reason for current status (if applicable)

Example: null
created_atstring(date-time)read-onlyrequired

Timestamp when the partner was created

Example: "2025-09-18T22:54:00.542Z"
updated_atstring(date-time)read-onlyrequired

Timestamp when the partner was last updated

Example: "2025-09-18T23:54:00.542Z"
Response
application/json
{
  "id": "0c5479ff-3772-4123-b2b7-e679e71eb570",
  "name": "Nigerian Imports Ltd.",
  "email": "nigerian@imports.com",
  "external_reference_id": "Ref-123",
  "data": {
    "type": "BUSINESS",
    "legal_entity": "Nigerian Imports Ltd.",
    "registration_number": "RC-123456-NGR",
    "registration_type": "AIIN",
    "country": "NG",
    "city": "Lagos Island",
    "postal_code": "10010",
    "address": "15 Marina Street",
    "address_line_2": "Suite 200"
  },
  "status": "PENDING",
  "reason": null,
  "created_at": "2025-09-18T22:54:00.542Z",
  "updated_at": "2025-09-18T23:54:00.542Z"
}

Settlements

Endpoints for managing settlements

Operations

Transactions

Endpoints for viewing transactions across collection links and channels

Operations

Webhooks

Endpoints for managing webhook registrations

Operations