Embed Widget Setup Checklist¶

Use this checklist when setting up and installing the Embed Widget. For detailed steps, see the Embed Widget Guide.

Prerequisites¶

[ ] Implement endpoint to call POST /partners/user-token when user opens deposit/withdraw flow
[ ] Pass required fields: external_user_id, email
[ ] Pass phone only if you already have it; otherwise let Gyzer collect it later for verified US users
[ ] Store or forward token and widget_url from the response
[ ] Generate a new token per user session (token is single-use, expires ~10 min)

[ ] Add your domain(s) to allowed_origins via PATCH /partners/settings
[ ] Use full URLs with https:// (or http:// for local dev)
[ ] Include all domains that will embed the widget (e.g. https://app.yourdomain.com, https://yourdomain.com)

If you use SumSub for KYC and want to skip re-verification in Gyzer:

[ ] Obtain Gyzer's SumSub client ID from Gyzer team
[ ] Add Gyzer as recipient in SumSub: Reusable identity → Partners → Recipients
[ ] Ensure your KYC flow meets the minimum requirements for provider approval (US)
[ ] Call SumSub's share token API with forClientId = Gyzer's client ID
[ ] Pass sumsub_share_token in POST /partners/user-token request

Item	Value
Token endpoint	`POST /partners/user-token`
Auth header	`X-Partner-Key: <api_key>`
Required fields	`external_user_id`, `email`
Response field	`widget_url` (embed URL for iframe)
Token TTL	~10 minutes, single-use

Embed Widget Guide – Full integration details
Widget Installation Guide – Registration, activation
SumSub Share Token Guide – SumSub API for share tokens
Minimum KYC Flow (Non-US) / Minimum KYC Flow (US) – Provider approval requirements