WorldFirst DocsWorldFirst DocsDOCS

Create receiving accounts for customers

As a WorldFirst partner, you can easily settle funds with your Chinese customers by calling the createTransfer API. To achieve this, you need to construct a redirect URL that takes your customers to the WorldFirst portal, where they can authorize WF to set up a Receiving Account (RA). The following sections address the overall workflow, steps to build a signed redirect URL, and how to verify authorization.

Workflow

image.png

Figure 1. Workflow to create a Receiving Account (RA)

Figure 1 outlines the processes involved in creating and validating a Receiving Account:

  1. The customer initiates the account binding request to WorldFirst on your portal.
  2. The customer is redirected to WorldFirst's authorization page using a redirect URL. For detailed instructions, see Step 1: Construct a redirect URL.
  3. On the authorization page, WorldFirst prompts the customer to log in and authorize WorldFirst to establish an RA with the specified currencies and marketplace. Upon approval, WorldFirst processes the account binding request and generates a unique RA for the customer.
  4. Verify the authorization result using the following methods:
  • After authorization is completed, WorldFirst guides the customer back to your website using another redirect URL. The URL will provide result messages indicating whether the RA is created successfully. For more information, see Step 2: Verify authorization success.
  • (Optional but recommended) You can also call the inquiryAccount API to ensure that the customer's RA exists and is valid.

Procedure

Step 1: Construct a redirect URL

After the customer initiates an account binding request, you need to build a redirect URL that takes your customer to the WorldFirst authorization page.

There are two available methods to construct the redirect URL. You can choose either, but we highly recommend Method 1, as it establishes a stronger and more secure channel for exchanging resources between both ends. If you are a partner who has already completed integration, you are currently using Method 2. You may continue using Method 2 or reintegrate using Method 1 to update the redirect URL.

Method 1 (Recommended)

1. Construct a canonicalized query string

a. Build the query string

Use the following parameters to build a canonicalized query string.

Note:

  • You must comply with the sequence of the parameters as defined below. Otherwise, the URL might fail.
  • To change the bound WF Receiving Account, you must use a different requestId and ensure the value of other parameters remains the same.

clientId=clientId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&requestId=requestId

Parameter

Data type

Required

Description

clientId

String

Yes

The unique ID assigned by WorldFirst to identify an onboard Partner.

redirectUrl

String

Yes

The callback URL that the partner uses to receive the RA creation result.

Maximum length: 512 characters

referenceCustomerId

String

Yes

The unique ID assigned by the Partner to identify a Customer.

Maximum length: 64 characters

storeUrl

String

Yes

The URL of the customer's store on the partner's portal. For example, https://{domain_name}.com/seller/1/

Maximum length: 256 characters

storeName

String

Yes

The name of the customer's store on the partner's portal.

Maximum length: 256 characters

currency

String

Yes

A 3-character ISO 4217 currency code that represents the currency used by a Receiving Account. For example, USD.

Note:

  • For an RA that uses multiple currencies, separate the currencies with commas (,).
  • When changing the bound WF RA, apply all the valid currencies of the previous WF RA to this parameter.
  • Maximum length: 256 characters

requestId

String

Conditional

The unique ID that is assigned by the Partner to identity the request.

Note:

  • This parameter is only required if the Partner wants to change the currently bound WF Receiving Account.
  • Do not send the same request ID twice.
b. Encode the query string

Before proceeding to the next step, encode the entire query string. For detailed instructions, see Message Encoding.

2. Generate an RSA signature

Use SHA256withRSA and the assembled query string from the previous step to generate a signature:

Sample command line:

copy
generatedSignature=sha256withrsa(<clientId=clientId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&requestId=requestId>)

Sample signature output:

copy
KrwDE9tAPJYB...*****

3. Sign and encode the URL

URL structure

Request method: GET

The following sample URL includes the domain name and the necessary parameters. Please note that the sequence of the parameter cannot be changed, otherwise the URL will fail.

https://{portal.worldfirst.com}.com/enterprise/auth?

clientId=clientId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&requestId=requestId&signature=signature

Build the URL
  1. Build a canonicalized query string as per the table in Step 1: Construct a Canonicalized Query String. Add the signature from Step 2: Generate an RSA Signature and keep the sequence of other key-value pairs unchanged.
  2. Add the WorldFirst domain name (portal.worldfirst.com) before the query string.
  3. Encode the entire URL before publishing it. For detailed instructions, refer to the Message Encoding chapter.

See the following sample URL with values:

copy
https://{portal.worldfirst.com}.com/enterprise/auth?clientId=*****&redirectUrl=*****&referenceCustomerId=*****&storeUrl=*****&storeName=*****&currency=USD&requestId=*****&signature=KrwDE9tAPJYB...*****

Method 2

1. Construct a canonicalized query string

a. Build the query string

Use the following parameters to build a canonicalized query string.

Note:

  • You must comply with the sequence of the parameters as defined below. Otherwise, the URL might fail.
  • To change the bound WF Receiving Account, you must use a different requestId and ensure the value of other parameters remains the same.

partnerId=partnerId&extBizPartnerId=extBizPartnerId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&requestId=requestId&key=key

Parameter

Data type

Required

Description

partnerId

String

Yes

The unique ID assigned by WorldFirst to identify an onboard Partner.

Note:

  • Use the same value from extBizPartnerId.
  • Maximum length: 64 characters

extBizPartnerId

String

Yes

The unique ID assigned by WorldFirst to identify an onboard Partner.

Note:

  • Use the same value from partnerId.
  • Maximum length: 64 characters

redirectUrl

String

Yes

The callback URL that the partner uses to receive the RA creation result.

Maximum length: 512 characters

referenceCustomerId

String

Yes

The unique ID assigned by the Partner to identify a Customer.

Maximum length: 64 characters

storeUrl

String

Yes

The URL of the customer's store on the partner's portal. For example, https://{domain_name}.com/seller/1/

Maximum length: 256 characters

storeName

String

Yes

The name of the customer's store on the partner's portal.

Maximum length: 256 characters

currency

String

Yes

A 3-character ISO 4217 currency code that represents the currency used by a Receiving Account. For example, USD.

Note:

  • For an RA that uses multiple currencies, use commas (,) to separate the currencies.
  • When changing the bound WF RA, apply all the valid currencies of the previous WF RA to this parameter.
  • Maximum length: 256 characters

requestId

String

Conditional

The unique ID that is assigned by the Partner to identity the request.

Note:

  • This parameter is only required when the Partner wants to change the currently bound WF Receiving Account.
  • Do not send the same request ID twice.

key

String

Yes

The secret key generated by the partner and shared with WorldFirst.

Note:

  • Before you proceed to calculate the signature, make sure you have already shared the key with WorldFirst Technical Support.
b. Encode the query string

Before proceeding to the next step, encode the entire query string. For detailed instructions, see Message Encoding.

2. Generate an MD5 signature

Use the encoded query string from the previous step and the MD5 algorithm to create a signature.

You can use any preferred programming language or Linux commands to calculate an MD5 signature.

For further explanations and code samples, refer to the Tools chapter.

Sample signature output: f4bfcde6a3e9edab347ae849e54*****.

3. Sign and encode the URL

URL structure

Request method: GET

The following sample URL includes the domain name and the necessary parameters. Please note that the sequence of the parameter cannot be changed, otherwise the URL will fail.

https://{portal.worldfirst.com}.com/enterprise/auth?partnerId=partnerId&extBizPartnerId=extBizPartnerId&redirectUrl=redirectUrl&referenceCustomerId=referenceCustomerId&storeUrl=storeUrl&storeName=storeName&currency=currency&requestId=requestId&signature=signature

Build the URL
  1. Build a canonicalized query string as per the table in Step 1: Construct a Canonicalized Query String. Replace key with signature from Step 2: Generate a MD5 Signature and keep the sequence of other key-value pairs unchanged.
  2. Add the WorldFirst domain name (portal.worldfirst.com) before the query string.
  3. Encode the entire URL before publishing it. For detailed instructions, refer to the Message Encoding chapter.

See the following sample URL with values:

copy
https://{portal.worldfirst.com}.com/enterprise/auth?partnerId=*****&extBizPartnerId=*****&redirectUrl=*****&referenceCustomerId=*****&storeUrl=*****&storeName=*****&currency=USD&requestId=*****&signature=f4bfcde6a3e9edab347ae849e54*****

Step 2: Verify authorization success

After the customer authorizes WorldFirst to create a Receiving Account, confirm the authorization success using the following methods:

  • Receive authorization results from WorldFirst: WorldFirst returns the result through a redirect URL after authorization is completed.
  • Call the inquiryAccount API (Optional but recommended): You can call the inquiryAccount API to validate if the customer's Receiving Account (RA) is valid.

Receive authorization results from WorldFirst

Review parameters in the URL

As soon as your customer authorizes WorldFirst to set up a Receiving Account, you will get a redirect URL from WorldFirst which uses the following parameters as sequenced in the following table:

Parameter

Data type

Required

Description

partnerId

String

Yes

The unique ID assigned by WorldFirst to identify an onboard Partner.

  • Maximum length: 64 characters

referenceCustomerId

String

No

The unique ID assigned by the Partner to identify a customer.

More information:

  • Maximum length: 64 characters

resultMsg

String

Yes

The messages of OAuth results.

Note:

  • OAuth is ONLY successful when resultMsg returns SUCCESS.
  • Refer to the resultMsg table for messages that indicate OAuth failure.

More information:

  • Maximum length: 512 characters

Sample URL structure:

https://{domain_name}.com?partnerId=partnerId&referenceCustomerId=referenceCustomerId&resultMsg=resultMsg

Sample URL with values:

copy
https://{domain_name}.com?partnerId=*****&referenceCustomerId=*****&resultMsg=SUCCESS

Check the resultMsg

After obtaining the resultMsg value from WorldFirst, refer to the following table to interpret its meaning and suggested actions.

resultMsg

Status

Description

Further Action

SUCCESS

S

Success

RA creation is successful.

PARAM_ILLEGAL

F

Illegal parameter

RA creation failed due to illegal parameters. Retry with the correct parameters.

CURRENCY_ALREADY_EXISTS

F

Currency already exists

RA creation failed because the selected currency already exists. Retry with the correct currency.

CURRENCY_OUT_OF_SUPPORTED_RANGE

F

Currency is not supported

RA creation failed because WF does not support the selected currency. Retry with the correct currency.

SYSTEM_BUSY

U

System is busy

Retry later or contact WorldFirst Technical Support.

SIGNATURE_VERIFICATION_FAILED

F

Invalid signature

RA creation failed because the URL signature is verified to be invalid. Check the signature and retry.

REQUEST_ID_IDEMPOTENT

F

Repeated requestId

RA creation failed because the same requestId is used twice. Update the requestId and try again.

REFERENCE_CUSTOMER_ID_OPENED_RA

F

User already has an RA

This customer already has an RA. Change referenceCustomerId and retry.

(Optional but recommended) Call the inquiryAccount API

While optional, it is highly recommended to call the inquiryAccount API immediately after authorization. This ensures the customer's RA is ready for fund transfers. For more information, see Manage your accounts.

When the API call fails

Check whether referenceCustomerId is correct when the resultCode in the response body says PARAM_ILLEGAL.

When the API call succeeds

  • You might receive a list of Receiving Accounts (or a single RA if only one currency is specified), indicating successful RA creation.
  • Alternatively, if the response message contains no data, it indicates that the RA does not exist.

@2024 WorldFirst