This page provides a general overview of the Victor API and environments. When you're ready to continue, visit Generating a Token.
This guide assumes you have access to one of our environments, visit Request API Access for more information.
The Victor API uses JSON Web Tokens (JWTs) and API keys to authenticate each request. Each JWT is signed with your private key and the API key is added as subject claim to the JWT payload.
The Victor APIs use the ISO 8601 date and time format and require the time zone to be set to Zulu time (Z). For example, complete date plus hours, minutes, seconds and, a decimal fraction of a second use the format
YYYY-MM-DDThh:mm:ss.sTZD (eg 1997-07-16T19:20:30.45Z).
The Victor Platform provides support for both Staging (testing) and Production (live) Environments. Requests made to the Staging environment will not hit banking networks and therefore can't affect your account balances and will not incur costs. API keys generated in one environment will not be valid in another environment. In order to avoid confusion, each environment has its own URL:
Victor uses conventional HTTP response codes to indicate the success or failure of a request. Codes in the 2xx range indicate success, codes in the 4xx range indicate a failure due to the information in your request, and codes in the 5xx range indicate an issue with the Victor Platform.
In the next section we'll go over how to Generate a Token to authenticate with the Victor API.
Updated 5 months ago