Skip to main content

Leap Financial

External Account Object Integration

VNA

API Definition

Version 1.0 April 2025

Proprietary Notice

All pages of this document contain information proprietary to Leap Financial Inc. Neither this document nor any information in it shall be duplicated, transmitted, used, or otherwise disclosed to anyone other than the organization or specific individuals to whom this document is delivered. This restriction applies to all sheets of this document. Leap Financial Inc. reserves the right to have the recipient return all copies of this document at any time. Leap Financial Inc. is a technology company that provides financial services by acting as a program manager for a bank through a bank sponsorship. It is also a registered agent for other regulated financial institutions. In this document, we refer to the Program Manager as the “Program” and as “LEAP” and to the Program Sponsor as the “Bank”.

Abstract

This document purpose is to define how a partner should integrate with Leap Financial’s External Account Object feature by providing the APIs that Leap Financial will use to Authorize the transactions with the partner and Confirm that the funds of such transactions need to be credited

Audience

This document is provided for the technical teams in charge of developing the APIs for the integration, it is assumed that the audience of this document is familiar with the concepts of API, and technical terms such as request, response and payload.

Glossary

Partner = the company implementing the endpoints with the definition provided in this document, that is the owner of the External Account Object. External Account Object = element in Partner’s system that is associated with the transaction executed by Leap Financial Remittance = transaction that is executed to move funds cross border

External Account Object Integration Overall Details

In order to be able to execute remittances transactions, Leapfinancial requires the Partner the ability to process an authorization request prior to the execution of the transaction. The Authorization request will be triggered by LeapFinancial system when a user selects that he wants to send funds to another user, and the destination Payment Method is the Partner’s External Account Object. Leap Financial provides the payload structure for the Authorization request as well as the method to be implemented, and the Partner will provide the API endpoints aligned with the definition. When the partner processes the Authorization request, the response needs to be sent to Leap Financial containing the data elements required in the API definition. Upon approval of the Authorization request, Leap Financial will execute the remittance transaction. If the transaction is successful, Leap Financial will inform the Partner that the funds can be credited to the External Account Object in the partner’s systems. Leap Financial provides the payload structure for the Credit Funds request, as well as the method to be implemented, and the Partner will provide the API endpoints aligned with the definition. Leap Financial requires that the Partner provides a confirmation that the funds have been credited to the External Account Object in their system. When the partner confirms the credit funds request, the response needs to be sent to Leap Financial containing the data elements required in the API definition.

Authentication for APIs

The API will be secured with a signature encoded in SHA256. The encoded signature will be sent by Leap Financial API calls as header parameter. The key to encode will be provided by Leap Financial In order to authenticate the call, the partner needs to run the signature with the provided key and compare the one sent in the API call header, to verify the call has been made from Leap Financial

How to Verify the signature

The following code is provided as a suggested method to verify the API Key Signature 
hmac = createHmac('SHA256', 'secretkey');
hmac.update(JSON.stringify(request.body));
//hmac.digest('hex') should be equal to header signature
hmac.digest('hex') == request.header['X-Signature']

API Definition: Authorization for Transaction

Purpose:

Leap Financial will use this endpoint to request authorization for a Transaction

Name of the Endpoint:

TxAuthorization Method:
POST Authentication
Encoded Signature. The Key to encode will be sent to the partner in a secure manner.

Request

Headers:
Headers: {X-Signature: hexadecimal} Body Format:
JSON Fields Definition:
Field nameTypeRequiredDetails
PersonalDataObjectN/APersonal Data of the Person associated with the External Account Object.where the funds of the transactions are destined (See each fields definition below)
AccountIdentifierStringYesAn Id representing the External Account Object for the Partner. This field will be Null if Leap Financial does not have an External Account Object already associated. This field details (such as format restrictions, amount of characters) need to be agreed before the integration.
AmountFloatYesAmount of the transaction with TWO decimal
Added fields february 2026 -
Currency
ExchangeRate 
public string Currency { get; set; } // 3 chars
[Required]
public decimal ExchangeRate { get; set; }
PersonalData Object field definition:
Field nameTypeRequiredDetails
PhoneNumberStringYesPhone number of the Person associated with the External Account Object
FirstNameStringYesFirst Name of the Person associated with the External Account Object
MiddleNameStringNoMiddle Name of the Person associated with the External Account Object
LastNameStringYesLast name of the Person associated with the External Account Object
LastName2StringNoSecond last name of the Person associated with the External Account Object
GenderStringYesGender of the Person associated with the External Account Object. The Possible Values Are as follows Male | Female | Other | None
BirthDateStringYesThe Birth Date of the Person associated with the External Account Object. The format accepted is as follows YYYY-MM-dd
AddressObjectYesThe Address of the Person associated with the External Account Object. (See each fields definition below)
NOTE: AS PER FEBRUARY 2025 THE IMPLEMENTATION WILL HAVE TWO OBJECTS FOR PERSONAL DATA ONE FOR SENDEAR AND ONE FOR RECEIVER 
public PersonalData SenderPersonalData { get; set; }
[Required]
public PersonalData ReceiverPersonalData { get; set; }
Address Object field definition:
Field nameTypeRequiredDetails
Address1StringYesAddress 1 of the Person associated with the External Account Object
Address2StringnoAddress 1 of the Person associated with the External Account Object
ZipCodeStringYesZip code of the Person associated with the External Account Object
CityStringYesCity code of the Person associated with the External Account Object
CountryCodeString 2 char ISO CodeYesA String with 2 char ISO code of the Country code of the Person associated with the External Account Object.
StateCodeString ISO 3166-2YesA String with 2 char ISO 3166-2 code of the State code of the Person associated with the External Account Object. See = https://en.wikipedia.org/wiki/ISO_3166-2

Response

Status Code 200 Response Fields Definition:
Field nameTypeDetails
AccountIdentifierStringThe Id representing the External Account Object for the Partner that was referenced in the request. If the Account is not found in the Partner systems this Identifier should be Null
AuthorizedBooleanTrue if it the Transaction is Authorized / False if is not Authorized
DisplayNameStringA String with the displayName for the Account, to be presented to the end-user. Cannot be Null. The maximum number of characters is 10. Accepts only letters, numbers and hyphens. Example = “MC-1234”
NonAuthorizedReasonStringIf the Transaction is not Authorized, the reason should be sent, otherwise not sent. The Text should be from the Fixed Possible Values (see definition of values below)
TrackingIdentifierStringThe Unique Id of the Authorization response.

NonAuthorizedReason Field Possible Values

AccountBlocked = the transaction has been denied because the external account object is blocked AccountBlockedByLaw = the transaction has been denied because the external account object is blocked by legal reasons (e.g. litigation) AccountBlockedByGovernment = the transaction has been denied because the external account object is blocked due to government mandated reasons (e.g. fiscal) ByVelocity = the transaction has been denied because the external account object has reached the velocity limit defined in the Partner, this is, the amount of transactions in a specific lapse of time allowed by the partner ByAmountLimit = the transaction has been denied because the external account object has reached the transaction amount limit defined in the Partner system ByAccumulateAmountLimit = the transaction has been denied because the external account object has reached the accumulated amount limit defined in the Partner system

API Definition: Confirmation for Credit Funds

Purpose:

Leap Financial will use this endpoint to let the partner know that the credit have been funded so the Partner can make the proper updates in their system in the External Account Object affected by the transaction

Name of the Endpoint:

CreditFunds Method:
POST Authentication
Encoded Signature. The Key to encode will be sent to the partner in a secure manner.

Request

Headers:
Headers: {X-Signature: hexadecimal} Body Format:
JSON Fields Definition:
Field nameTypeRequiredDetails
AccountIdentifierStringYesAn Id representing the External Account Object for the Partner.
AmountFloatYesAmount of the transaction with TWO decimal
Added fields february 2026 -
Currency
ExchangeRate 
public string Currency { get; set; } // 3 chars
[Required]
public decimal ExchangeRate { get; set; }
public string? AuthTrackingIdentifier { get; set; }

Response

Status Code 200 Fields Definition:
Field nameTypeDetails
TrackingIdentifierStringThe Unique Id of the CreditFunds response.
SuccessBooleanTrue if it the creditFunds is Successful / False if the creditFunds Failed
ResponseDescriptionStringIf the creditFunds is not successful, the reason of the Failure will be provided in this field
FEBRUARY 2026
NEW ENDPOINT
REVERSECREDIT 
Public class ReverseCreditFundsRequest
{
public string AccountIdentifier { get; set; }
public string CreditTrackingNumber { get; set; }
}
MISSING DOCUMENTATION FOR
CreateAccount Endpoint 
public class CreateAccountRequest
{
public PersonalData PersonalData { get; set; }
public List<PersonalDocument> PersonalDocuments { get; set; }
public decimal Amount { get; set; }
public string Currency { get; set; } // 3 chars
public decimal ExchangeRate { get; set; }
}
Object PersonalDocuments 
public class PersonalDocument
{
[Required]
public string Number { get; set; }
[Required]
[JsonConverter(typeof(JsonStringEnumConverter))]
public DocumentType DocumentType { get; set; }
}
DocumentTypes
Passport = 1,
StateId = 3,
ResidentCard = 4,
DriverLicense = 6,
SocialSecurityNumber = 11,
INE_IFE = 14,
ConsularId = 15,
ITIN = 16 New Endpoint = Authorization Status = GetCreditStatus 
public class GetCreditStatusRequest
{
public string AccountIdentifier { get; set; }
public string CreditTrackingNumber { get; set; }
}
public class GetCreditStatusResponse
{
public CreditStatus CreditStatus { get; set; }
public string? ResponseDescription { get; set; }
}
public enum CreditStatus
{
InProgress = 1,
Approved = 2,
Failed = 3
}