You need a sandbox api_key and the base URL for your tenant. If you do not have them yet, ask your Leap integration contact.
If your tenant uses Request4R, JSON payloads can be exchanged as JWE under /v1/partners/request4r — see Request4R.
Send api_key on every request
Add header api_key: <your_key>. Keep this value on your server only.
Resolve a user
Call POST /auth/get-user-token-v2 with phoneNumber or email (see OpenAPI for the exact schema). On success you receive a userToken for user-scoped routes.
Call a scoped endpoint
Use the userToken in the path or body as documented (for example contacts or funding). Inspect the API Reference tab for request and response shapes.
Example: get user token
curl -sS -X POST "https://raas-partner-cv.nomas.cash/v1/auth/get-user-token-v2" \
-H "Content-Type: application/json" \
-H "api_key: YOUR_SANDBOX_API_KEY" \
-d '{"phoneNumber":"+15555550100","countryCode":"US"}'
Expected outcome
- 200: JSON body includes identifiers you need for the next step (for example a userToken or user id depending on route version).
- 400 / 404: Fix the payload or run registration—see Authentication and Introduction.
Log correlation ids and timestamps when something fails in sandbox; it speeds up support if you need help reading an error body.
Where to go next
- Authentication for errors, headers, and scope notes.
- Testing & sandbox for cards, UBN, and environment-specific tips.
- Open the API Reference tab for generated Partner endpoint pages from OpenAPI.
