Skip to content

Partner Admin API (Partner Portal)

This document describes the partner-scoped admin API that lets Partners (authenticated via API key) view their users, their transactions, and manage a limited subset of their settings.

Authentication

All endpoints require:

  • Header: X-Partner-Key: <partner_api_key>

API keys are issued and managed by Gyzer admins in the /admin dashboard.

Base URL

  • All routes are under: /partners
  • Production: https://partners.gyzernetwork.com/partners
  • Staging/Sandbox: https://partners-staging.gyzernetwork.com/partners

Endpoints

Partner profile

  • GET /partners/me
  • Returns partner identity info for the authenticated key.

Users

  • POST /partners/users

  • Creates a new user attributed to the authenticated partner.

  • GET /partners/users

  • Lists users where users.partner_id == current_partner.id.

  • Query params:

    • limit (1..100, default 50)
    • offset (>=0, default 0)
    • search (optional): searches by email/phone; numeric values also match id/telegram_id
    • status (optional)
    • created_from (optional, ISO datetime)
    • created_to (optional, ISO datetime)

  • GET /partners/users/{user_id}

  • Returns the user if (and only if) the user belongs to the authenticated partner.
  • Returns 404 if not found or not attributed to this partner.

Transactions

  • GET /partners/transactions
  • Lists transactions attributed to the authenticated partner (user_transaction.partner_id == partner.id).
  • Excludes EXPIRED transactions by default.

  • Query params:

    • limit (1..100, default 50)
    • offset (>=0, default 0)
    • user_id (optional)
    • direction (optional): DEPOSIT or WITHDRAWAL
    • status (optional)
    • created_from (optional, ISO datetime)
    • created_to (optional, ISO datetime)
    • include_legacy (optional, default false): also include transactions where partner_id IS NULL but the transaction's user_id belongs to a user whose users.partner_id matches the partner.

  • GET /partners/transactions/{direction}/{transaction_id}

  • Returns transaction details if (and only if) it belongs to the authenticated partner.
  • Path params:
    • direction: DEPOSIT or WITHDRAWAL
    • transaction_id: integer ID
  • Query params:
    • include_legacy (optional, default false)
  • Returns 404 if not found or not attributed to this partner.

Transaction responses include partner snapshot fields when present, such as: - partner_share_percent - partner_share_amount - gyzer_fee_amount_snapshot - gyzer_fee_percent_snapshot - fee_split_mode - fee_currency

User token (embed widget)

  • POST /partners/user-token
  • Issues a short-lived token for the embed widget flow.
  • Required body: external_user_id, email
  • Optional body: phone, sumsub_share_token, applicant_id, wallet_address, wallet_chain
  • If phone is omitted, Gyzer collects it later only for verified US users before DTR account creation resumes.
  • Returns: token, expires_at, expires_in, widget_url (embed URL for iframe)

Payout report

  • GET /partners/reports/payout
  • Returns your partner payout report (transaction counts and partner fee amounts).
  • Only includes completed transactions (PROCESS_COMPLETED, SUCCESS, COMPLETED).
  • Query params:
    • period (optional, default month): today, week, month, all, or custom
    • from_date (optional, ISO datetime): required when period=custom
    • to_date (optional, ISO datetime): end of range when period=custom
    • reference_currency (optional, default USD): currency for total conversion; set to empty to skip
  • Response: period, start_date, end_date, partners (list with your data), reference_currency

Settings (restricted updates)

  • GET /partners/settings

  • Returns the current partner settings (including fee terms for visibility).

  • PATCH /partners/settings

  • Allows updating only:
    • widget_css
    • logo_url
    • allowed_origins
    • metadata
  • Attempts to change fee terms are not supported by this endpoint.
  • allowed_origins validation rules:
    • must be http://... or https://...
    • no whitespace
    • invalid values cause a 400 error

Examples

List users

curl -sS -H "X-Partner-Key: $PARTNER_KEY" \\
  "https://partners.gyzernetwork.com/partners/users?limit=50&offset=0"

List transactions (deposits only)

curl -sS -H "X-Partner-Key: $PARTNER_KEY" \\
  "https://partners.gyzernetwork.com/partners/transactions?direction=DEPOSIT&limit=50&offset=0"

Get a transaction

curl -sS -H "X-Partner-Key: $PARTNER_KEY" \\
  "https://partners.gyzernetwork.com/partners/transactions/DEPOSIT/123"

Issue user token (embed widget)

curl -sS -X POST -H "X-Partner-Key: $PARTNER_KEY" -H "Content-Type: application/json" \\
  -d '{
    "external_user_id": "user_12345",
    "email": "user@example.com",
    "phone": "+1234567890",
    "wallet_address": "0x...",
    "wallet_chain": "ERC20"
  }' \\
  "https://partners.gyzernetwork.com/partners/user-token"

Get payout report

curl -sS -H "X-Partner-Key: $PARTNER_KEY" \\
  "https://partners.gyzernetwork.com/partners/reports/payout?period=month"

With custom date range:

curl -sS -H "X-Partner-Key: $PARTNER_KEY" \\
  "https://partners.gyzernetwork.com/partners/reports/payout?period=custom&from_date=2025-01-01T00:00:00&to_date=2025-01-31T23:59:59"

Patch settings (branding only)

curl -sS -X PATCH -H "X-Partner-Key: $PARTNER_KEY" -H "Content-Type: application/json" \\
  -d '{
    "logo_url": "https://cdn.example.com/brand/logo.png",
    "allowed_origins": ["https://app.example.com"],
    "metadata": {"tier": "gold"}
  }' \\
  "https://partners.gyzernetwork.com/partners/settings"