6οΈβ£Account Creation
Now that you have created and verified a first customer record, you are able to onboard the customer on OffBlocks accounts. To do so, you need to use /customers/{customerId}/account
POST
request.
Creates new account for the customer and generates a challenge to be signed in order to create a related blockchain account
Unique customer ID
HTTP message signature
HTTP message signature input
Idempotency key (UUID)
Content digest
Type of the account
Currencies of the account, at least one is required (ISO-4217)
POST /v1/customers/{customerId}/accounts HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer JWT
Signature: text
Signature-Input: text
Idempotency-Key: 123e4567-e89b-12d3-a456-426614174000
Content-Digest: text
Content-Type: application/json
Accept: */*
Content-Length: 45
{
"type": "card_account",
"currencies": [
"text"
]
}
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"customerId": "123e4567-e89b-12d3-a456-426614174000",
"chainId": "eip155:1:0xab16a96D359eC26a11e2C2b3d8f8B8942d5Bfcdb",
"status": "initiating",
"type": "card_account",
"currencies": [
"text"
],
"createdAt": "2025-07-06T19:02:53.606Z",
"updatedAt": "2025-07-06T19:02:53.606Z",
"challenge": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZZd0VBWUhLb1pJemowQ0FRWUZLNEVFQUFvRFFnQUUzTEw1RldmVFgvL3BJaXNEL0xneFVIT2lxdlFTSUVWTgpGekloOTdLZXBlWk1iZVZsUGd1akZ4Yk5MN2x1ZVhRQnBpUWUzNmZLN0xSbXZNNHdEaWZFTkE9PQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0="
}
Let's say we want to open a new card account (the only option for the time being) that's using Euro as a base currency (we don't support multi-currency accounts just yet):
{
"type": "CARD_ACCOUNT",
"currencies": [
"EUR"
]
}
If everything was successful, you will receive a response with status 201 (Created)
which looks similar to the following:
{
"challenge": "NWRmMzU5ZjAtZDI5OS00MGExLTgwMjMtMTdjNzdhNTAxNDRj",
"createdAt": "2024-01-12T15:07:17.358440283Z",
"currencies": [
"EUR"
],
"customerId": "04c5851c-4386-5bd9-9f89-08312f8aee3a",
"id": "ae61c362-4136-49af-8e01-544457fe265b",
"status": "initiating",
"type": "card_account",
"updatedAt": "2024-01-12T15:07:17.358440283Z"
}
If everything went well, you will receive an account challenge to sign as a base64 encoded string. This is required to proceed to deployment stage. Signatures are not currently verified in our Sandbox environment, however they are still required to be submitted.
In order to submit a signed challenge, use a POST
request to /accounts/{accountId}/challenge/sign
endpoint.
Signs previously issued challenge to sign account creation or deletion transaction on-chain
Unique account ID
HTTP message signature
HTTP message signature input
Idempotency key (UUID)
Content digest
Cryptographic signature generated using owner's EOA private key according to chain-specific algorithm. Signature is used for signing on-chain transactions such as creating a new account, authorising a recurring payment or setting up spending limits
Unique signer account ID in a form of a valid on-chain address
eip155:1:0xab16a96D359eC26a11e2C2b3d8f8B8942d5Bfcdb
Original base64 encoded challenge provided by this API for owner to sign
LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZZd0VBWUhLb1pJemowQ0FRWUZLNEVFQUFvRFFnQUUzTEw1RldmVFgvL3BJaXNEL0xneFVIT2lxdlFTSUVWTgpGekloOTdLZXBlWk1iZVZsUGd1akZ4Yk5MN2x1ZVhRQnBpUWUzNmZLN0xSbXZNNHdEaWZFTkE9PQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0=
Base64 encoded signature
IfvwaW1eCqLvQaK0/7YjvK8HBGHWHPclHHQWH4L+w6Q3CFS8CjSzq0h8G8AhzTGMc0xRrik3TyvrDm8t1JtL9Bw=
POST /v1/accounts/{accountId}/challenge/sign HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer JWT
Signature: text
Signature-Input: text
Idempotency-Key: 123e4567-e89b-12d3-a456-426614174000
Content-Digest: text
Content-Type: application/json
Accept: */*
Content-Length: 415
{
"ownerId": "eip155:1:0xab16a96D359eC26a11e2C2b3d8f8B8942d5Bfcdb",
"challenge": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZZd0VBWUhLb1pJemowQ0FRWUZLNEVFQUFvRFFnQUUzTEw1RldmVFgvL3BJaXNEL0xneFVIT2lxdlFTSUVWTgpGekloOTdLZXBlWk1iZVZsUGd1akZ4Yk5MN2x1ZVhRQnBpUWUzNmZLN0xSbXZNNHdEaWZFTkE9PQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0=",
"signature": "IfvwaW1eCqLvQaK0/7YjvK8HBGHWHPclHHQWH4L+w6Q3CFS8CjSzq0h8G8AhzTGMc0xRrik3TyvrDm8t1JtL9Bw="
}
No content
{
"ownerId": "eip155:280:0x43158f45b5EbD7b1179130131DF00393928C2691",
"challenge": "NWRmMzU5ZjAtZDI5OS00MGExLTgwMjMtMTdjNzdhNTAxNDRj",
"signature": "c2lnbmF0dXJl"
}
Please, not that the signature also must be a base64 encoded string. If signature is verified, you will receive an empty response with status code 204 (No Content)
.
If, for any reason, the original challenge is lost or cannot be signed immediately, you can fetch it again using a dedicated endpoint. If we encounter an error during signature validation via /sign
endpoint, a new challenge will be issued for you to retrieve.
Retrieves challenge to sign account creation or deletion transaction on-chain. This operation invalidates any previously issued challenges for the account
Unique account ID
HTTP message signature
HTTP message signature input
GET /v1/accounts/{accountId}/challenge HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer JWT
Signature: text
Signature-Input: text
Accept: */*
{
"challenge": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZZd0VBWUhLb1pJemowQ0FRWUZLNEVFQUFvRFFnQUUzTEw1RldmVFgvL3BJaXNEL0xneFVIT2lxdlFTSUVWTgpGekloOTdLZXBlWk1iZVZsUGd1akZ4Yk5MN2x1ZVhRQnBpUWUzNmZLN0xSbXZNNHdEaWZFTkE9PQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0="
}
Once the challenge has been successfully signed, we will proceed to deployment stage. The account will be automatically deployed and activated, which you can verify by making a GET
request to /accounts/{accountId}
.
Retrieves account's details
Unique account ID
HTTP message signature
HTTP message signature input
GET /v1/accounts/{accountId} HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer JWT
Signature: text
Signature-Input: text
Accept: */*
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"customerId": "123e4567-e89b-12d3-a456-426614174000",
"chainId": "eip155:1:0xab16a96D359eC26a11e2C2b3d8f8B8942d5Bfcdb",
"status": "initiating",
"type": "card_account",
"currencies": [
"text"
],
"createdAt": "2025-07-06T19:02:53.606Z",
"updatedAt": "2025-07-06T19:02:53.606Z"
}
{
"chainId": "eip155:280:0x18102C007e4B4FBED74105E8D1e4FF4545Dbed8f",
"createdAt": "2024-01-12T15:07:17.35844Z",
"currencies": [
"EUR"
],
"customerId": "04c5851c-4386-5bd9-9f89-08312f8aee3a",
"id": "ae61c362-4136-49af-8e01-544457fe265b",
"status": "active",
"type": "card_account",
"updatedAt": "2024-01-12T15:09:31.118452Z"
}
From there we can proceed to issuing cards for the account.
Last updated