Payment Agent REST

Discover payment agents and execute agent-facilitated deposits and withdrawals.

Overview

The Payment Agent APIs let applications find active payment agents, retrieve an agent's full profile, and move funds — agent deposits and client withdrawals — through them. Payment agents deposit funds into a client's wallet via the transfer endpoint, while clients withdraw through an agent using a one-time verification code. All endpoints are standard REST calls and require the payment OAuth2 scope.

REST API

These are standard REST APIs using HTTP methods (GET, POST). All requests require the Deriv-App-ID: YOUR_APP_ID header and an Authorization: Bearer YOUR_OAUTH_TOKEN token carrying the payment scope.

OpenAPI Specification

View the complete OpenAPI 3.1.0 specification for detailed schema definitions and examples:

OpenAPI Spec →

Typical Workflow

Discovering agents

Call GET /payment-agents/v1/agent-statistics to find which currencies and countries are served.
List agents for a currency with GET /payment-agents/v1/agents, optionally filtered by country. Results are paginated; use page and per_page to page through them.
Fetch a single agent's full profile with GET /payment-agents/v1/agents/{id}.

Client withdrawal

Request a one-time code via POST /payment-agents/v1/withdraw/verification_code. The code is sent to the client's registered email or phone and is valid until it expires.
Submit the withdrawal with the 6-digit code via POST /payment-agents/v1/withdraw.
If you supplied a request_id, poll GET /payment-agents/v1/withdraw/{request_id} until the status settles.

Agent deposit— an authenticated payment agent deposits funds directly into a client's wallet with POST /payment-agents/v1/transfer (completes synchronously).

Available Endpoints

List Payment AgentsGet

Returns a paginated list of active payment agents that support the requested currency. Results include publicly listed agents, plus any agent you've previously received a transfer from even if that agent isn't publicly listed. An optional country filter further restricts to agents that serve that country. Each result includes the agent's profile and its commission rates for the requested currency./payment-agents/v1/agents

Get Payment AgentGet

Returns the full profile of a single payment agent, including agents not publicly listed in the directory. Use this when you already have an agent's id and need their full details. The response always includes a currencies array with the agent's commission rates and withdrawal limits for each supported currency, and a urls array with the agent's associated websites. Pass me as the id to return the authenticated client's own agent profile./payment-agents/v1/agents/{id}

Payment Agent StatisticsGet

Returns the aggregate set of countries and currencies covered by at least one active, publicly listed payment agent. Use this to determine which currency and country filter values are meaningful before calling the agent list - results may lag newly onboarded agents by a short period./payment-agents/v1/agent-statistics

Transfer (Deposit)Post

Lets an authenticated payment agent deposit funds directly into a client's Deriv wallet, identified by their account nickname (to_nickname). On success, returns a transaction status with status "complete" and a transaction_id. Transfers complete synchronously in the same response./payment-agents/v1/transfer

Withdrawal Verification CodePost

Requests a one-time verification code be sent to the client's registered contact (email or phone). Call this before submitting a withdrawal via POST /payment-agents/v1/withdraw - the code must be included as verification_code in that request. The code is valid until expires_at (epoch seconds). A new code cannot be requested before next_request_at (epoch seconds)./payment-agents/v1/withdraw/verification_code

WithdrawPost

Withdraws funds from the authenticated client's account through a payment agent. Requires a 6-digit verification_code obtained from POST /payment-agents/v1/withdraw/verification_code. A withdrawal is initially requested (transaction_id is null at this stage), then pending, and finally complete, rejected, or failed. Supply an optional request_id to track status afterwards via GET /payment-agents/v1/withdraw/{request_id}./payment-agents/v1/withdraw

Withdrawal StatusGet

Returns the current status of a withdrawal previously submitted with a request_id. Use this to poll a withdrawal through its lifecycle — requested, then pending — until it reaches complete, rejected, or failed (transaction_id is null while the status is requested). A request_id that doesn't match any of your withdrawals returns RequestIDNotFound./payment-agents/v1/withdraw/{request_id}

Authentication

All endpoints require the Deriv-App-ID header and an Authorization: Bearer YOUR_OAUTH_TOKEN header. The token must carry the payment scope; otherwise the API returns 403 Forbidden.

OAuth2 Scopes

Endpoint	Scope
`GET /payment-agents/v1/agents`	`payment`
`GET /payment-agents/v1/agents/{id}`	`payment`
`GET /payment-agents/v1/agent-statistics`	`payment`
`POST /payment-agents/v1/transfer`	`payment`
`POST /.../withdraw/verification_code`	`payment`
`POST /payment-agents/v1/withdraw`	`payment`
`GET /.../withdraw/{request_id}`	`payment`

1curl -X GET "https://api.derivws.com/payment-agents/v1/agents?currency=USD" \
2  -H "Deriv-App-ID: YOUR_APP_ID" \
3  -H "Authorization: Bearer YOUR_OAUTH_TOKEN"

Response Status Codes

The API uses standard HTTP status codes to indicate success or failure:

2xx Success

200 OK — Request successful

4xx/5xx Errors

400 Bad Request — Invalid parameters or business rule failure

401 Unauthorized — Invalid or missing authentication

403 Forbidden — Token lacks the payment scope

404 Not Found — Agent not found

500 Internal Server Error — Server-side error

504 Gateway Timeout — Upstream service timeout

Not all codes apply to every endpoint. 404 Not Found applies only to GET /payment-agents/v1/agents/{id}, and GET /payment-agents/v1/agent-statistics does not return 400.

Error Response Format

All error responses follow a consistent envelope with an empty data object, an errors array, and metadata:

1{
2  "data": {},
3  "errors": [
4    {
5      "status": 400,
6      "code": "WalletFundsInsufficient",
7      "detail": {
8        "message": "The agent's wallet does not hold enough funds for this transfer"
9      }
10    }
11  ],
12  "metadata": {
13    "endpoint": "/payment-agents/v1/transfer",
14    "method": "POST",
15    "timing": 38
16  }
17}

Error codes include: AgentIDInvalid, AgentNotFound, AgentInactive, AgentSelfTransfer, AgentSelfWithdraw, AgentCurrencyUnsupported, InvalidAgentID, NicknameNotFound, NoClientWallet, ClientCountryUnsupported, WithdrawalAmountMinimum, WithdrawalAmountMaximum, WalletFundsInsufficient, InvalidOTP, OtpRateLimitExceeded, RequestIDUsed, RequestIDNotFound, InvalidRequestIDFormat, TransferFailed, WithdrawalFailed, OTPValidationFailed, OtpValidationRateLimitExceeded, VerificationCodeFormatInvalid, VerificationCodeRequestFailed, WalletLookupFailed, NicknameLookupFailed, ClientIdentityLookupFailed

Statement List Payment Agents

Any other questions? Get in touch