Email Validation - IBEx.Fi API Integration Guide

View Flow Diagram

Overview

The Email Validation API uses a generic proxy pattern to route requests to IBEX Safe. The IBEx.Fi API provides a transparent proxy endpoint that forwards requests to the IBEX Safe API, which handles the actual email validation and storage.

The proxy endpoints are:

POST /v1.1/ibexsafe/:verb : Generic proxy for IBEX Safe POST requests (where :verb is validateEmail, confirmEmail, userdata, etc.)
GET /v1.1/ibexsafe/:verb : Generic proxy for IBEX Safe GET requests

For email validation, you call:

POST /v1.1/ibexsafe/validateEmail : Request email validation - routes to IBEX Safe /validateEmail
POST /v1.1/ibexsafe/confirmEmail : Confirm email with code - routes to IBEX Safe /confirmEmail

The Email Validation API allows you to securely validate and store user email addresses in IBEX Safe's GDPR-compliant storage. This process involves two steps:

Request Email Validation : Send a verification code to the user's email address
Confirm Email : Verify the code and optionally store the email in userData

💡 Proxy Pattern :

The IBEx.Fi API acts as a transparent proxy - all parameters are forwarded to IBEX Safe as documented in IBEX Safe Endpoints
Authentication is validated by IBEx.Fi API before proxying to IBEX Safe
All IBEX Safe endpoints are accessible through the generic proxy pattern

💡 GDPR Compliance :

Email addresses are stored securely in IBEX Safe, a regulated entity (VASP) compliant with GDPR
Your dApp never stores email addresses directly, reducing your compliance burden
Users can request data deletion through IBEX Safe's privacy controls
All data is encrypted and stored according to GDPR requirements

1. Request Email Validation

To start the email validation process, send a verification code to the user's email address. This routes through the generic proxy to IBEX Safe's /validateEmail endpoint.

Endpoint : POST /v1.1/ibexsafe/validateEmail (via generic proxy POST /v1.1/ibexsafe/:verb)

Headers :

Authorization: Bearer <access_token> (required)
Content-Type: application/json (required)

Request Body :

email (string, required) : Email address to validate
externalUserId (string, required) : The external user identifier (your internal user ID)

Request Example :

POST /v1.1/ibexsafe/validateEmail
Authorization: Bearer <access_token>
Content-Type: application/json

{
  "email": "jane.doe@foo.domain",
  "externalUserId": "ext_user_123"
}

Response (200 OK) :

{
  "success": true,
  "message": "Verification code sent to email"
}

💡 Note : The verification code is sent to the provided email address. The code is typically valid for a limited time (e.g., 10-15 minutes). Make sure to prompt the user to check their email and enter the code within the validity period.

2. Confirm Email

After the user receives the verification code, confirm the email by submitting the code. You can optionally store the confirmed email in userData for future use. This routes through the generic proxy to IBEX Safe's /confirmEmail endpoint.

Endpoint : POST /v1.1/ibexsafe/confirmEmail (via generic proxy POST /v1.1/ibexsafe/:verb)

Headers :

Authorization: Bearer <access_token> (required)
Content-Type: application/json (required)

Request Body :

email (string, required) : Email address to confirm (must match the email used in validateEmail)
code (string, required) : Verification code received via email
externalUserId (string, required) : The external user identifier
userDataName (string, optional) : Key name to store the confirmed email in userData (default: "marketing.email")
optinNews (boolean, optional) : Opt-in for news updates (stored in userData as "optin.newsletter")
optinNotifications (boolean, optional) : Opt-in for notifications (stored in userData as "optin.walletAlerts")

Request Example :

POST /v1.1/ibexsafe/confirmEmail
Authorization: Bearer <access_token>
Content-Type: application/json

{
  "email": "jane.doe@foo.domain",
  "code": "123456",
  "externalUserId": "ext_user_123",
  "userDataName": "marketing.email",
  "optinNews": true,
  "optinNotifications": false
}

Response (200 OK) :

{
  "success": true,
  "message": "Email confirmed and stored"
}

💡 Note : If userDataName is provided, the confirmed email is automatically stored in userData under that key. You can retrieve it later using GET /v1.1/ibexsafe/userdata/external/:externalUserId.

3. Retrieve Stored Email

After confirming the email, you can retrieve it from userData using the standard userData retrieval endpoint.

Endpoint : GET /v1.1/ibexsafe/userdata/external/:externalUserId

Request Example :

GET /v1.1/ibexsafe/userdata/external/ext_user_123
Authorization: Bearer <access_token>

Response (200 OK) :

{
  "data": {
    "marketing.email": "jane.doe@foo.domain",
    "optin.newsletter": true,
    "optin.walletAlerts": false
  }
}

Complete Flow Example

Here's a complete example of the email validation flow:

// Step 1: Request email validation
const validateResponse = await fetch('https://api.ibex.fi/v1.1/ibexsafe/validateEmail', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${accessToken}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    email: 'jane.doe@foo.domain',
    externalUserId: 'ext_user_123'
  })
});

const validateResult = await validateResponse.json();
// { success: true, message: "Verification code sent to email" }

// Step 2: User enters code from email
const code = '123456'; // User input

// Step 3: Confirm email
const confirmResponse = await fetch('https://api.ibex.fi/v1.1/ibexsafe/confirmEmail', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${accessToken}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    email: 'jane.doe@foo.domain',
    code: code,
    externalUserId: 'ext_user_123',
    userDataName: 'marketing.email',
    optinNews: true,
    optinNotifications: false
  })
});

const confirmResult = await confirmResponse.json();
// { success: true, message: "Email confirmed and stored" }

// Step 4: Retrieve stored email (optional)
const userDataResponse = await fetch('https://api.ibex.fi/v1.1/ibexsafe/userdata/external/ext_user_123', {
  headers: {
    'Authorization': `Bearer ${accessToken}`
  }
});

const userData = await userDataResponse.json();
// { data: { "marketing.email": "jane.doe@foo.domain", "optin.newsletter": true } }

Error Handling

400 Bad Request : Invalid email format, missing required fields, or invalid code
401 Unauthorized : Invalid or missing JWT token
403 Forbidden : User does not have permission to validate email for this externalUserId
404 Not Found : External user not found
429 Too Many Requests : Too many validation requests (rate limiting)
500 Internal Server Error : IBEX Safe API error or network error

⚠️ Important Points :

Always validate email format on the client side before sending the request
Implement rate limiting on your side to prevent abuse
Store the externalUserId securely and use it consistently across requests
The verification code has a limited validity period - prompt users to enter it quickly
If confirmation fails, you can request a new code by calling validateEmail again

Technical Deep Dive - For AI Integration

This section provides detailed technical information for AI systems integrating the IBEX email validation flow, including architecture patterns, data models, and implementation details.

Email Validation - Technical Details

Generic Proxy Pattern

The IBEx.Fi API provides generic proxy endpoints: POST /v1.1/ibexsafe/:verb and GET /v1.1/ibexsafe/:verb
For email validation, :verb is validateEmail or confirmEmail, so you call POST /v1.1/ibexsafe/validateEmail or POST /v1.1/ibexsafe/confirmEmail
The proxy forwards all query parameters, headers, and body to IBEX Safe without modification
IBEX Safe handles the actual email validation and storage according to its own API documentation
See IBEX Safe Endpoints for complete IBEX Safe API documentation

POST /v1.1/ibexsafe/validateEmail

Endpoint: Generic proxy POST /v1.1/ibexsafe/:verb with verb=validateEmail
Routes to: IBEX Safe POST /validateEmail
Authentication: JWT required (validated by IBEx.Fi API before proxying)
Email validation: Format validation and domain checks (handled by IBEX Safe)
Code generation: Secure random code generation (typically 6 digits) - handled by IBEX Safe
Email delivery: Code sent via IBEX Safe's email service
Rate limiting: Prevents abuse (typically 3-5 requests per hour per email) - handled by IBEX Safe
Response format: Success confirmation message (as returned by IBEX Safe)
Use case: Initial step in email verification workflow

POST /v1.1/ibexsafe/confirmEmail

Endpoint: Generic proxy POST /v1.1/ibexsafe/:verb with verb=confirmEmail
Routes to: IBEX Safe POST /confirmEmail
Authentication: JWT required (validated by IBEx.Fi API before proxying)
Code verification: Validates code against stored verification token (handled by IBEX Safe)
Code expiration: Codes expire after a set time (typically 10-15 minutes) - handled by IBEX Safe
Email storage: Optionally stores confirmed email in userData under specified key (handled by IBEX Safe)
Opt-in handling: Stores opt-in preferences in userData (optin.newsletter, optin.walletAlerts) - handled by IBEX Safe
Response format: Success confirmation message (as returned by IBEX Safe)
Use case: Final step in email verification workflow, optionally storing email for future use

Data Model

Email Validation Request:

{
  "email": "string (valid email format)",
  "externalUserId": "string (your internal user ID)"
}

Email Confirmation Request:

{
  "email": "string (must match validateEmail email)",
  "code": "string (6-digit verification code)",
  "externalUserId": "string (must match validateEmail externalUserId)",
  "userDataName": "string (optional, default: 'marketing.email')",
  "optinNews": "boolean (optional)",
  "optinNotifications": "boolean (optional)"
}

UserData Storage (after confirmation):

{
  "data": {
    "marketing.email": "jane.doe@foo.domain",
    "optin.newsletter": true,
    "optin.walletAlerts": false
  }
}

Integration Points

UserData Integration:

Confirmed email is stored in userData under the key specified by userDataName
Opt-in preferences are stored as optin.newsletter and optin.walletAlerts
Retrieve stored email using GET /v1.1/ibexsafe/userdata/external/:externalUserId
Update email or opt-in preferences using POST /v1.1/ibexsafe/userdata

GDPR Compliance:

All email data is stored in IBEX Safe, a regulated entity (VASP) compliant with GDPR
Users can request data deletion through IBEX Safe's privacy controls
Email addresses are encrypted at rest
Access is logged and audited for compliance

Key Implementation Files

src/routes/v1.1/ibexsafe.ts : Generic proxy endpoints (POST /v1.1/ibexsafe/:verb, POST /v1.1/ibexsafe/:verb)
src/clients/IBEXSafe.ts : IBEX Safe API client (handles actual IBEX Safe communication)
docs/WIDGET_BACKEND_TO_IBEXFIAPI_ENDPOINTS.md : Complete endpoint documentation

Complete Flow - Technical Sequence

Request email validation : POST /v1.1/ibexsafe/validateEmail with email and externalUserId
Authenticate : IBEx.Fi API validates JWT token
Forward to IBEX Safe : IBEx.Fi API forwards request to IBEX Safe email validation service
Validate email format : IBEX Safe validates email format and domain
Generate verification code : IBEX Safe generates secure random code (typically 6 digits)
Send email : IBEX Safe sends verification code to user's email address
Store verification token : IBEX Safe stores verification token with expiration time
Return confirmation : IBEx.Fi API returns success message to client
User enters code : User receives email and enters code in your application
Confirm email : POST /v1.1/ibexsafe/confirmEmail with email, code, and externalUserId
Verify code : IBEX Safe verifies code against stored token and checks expiration
Store email : If userDataName provided, IBEX Safe stores email in userData
Store opt-ins : If opt-in flags provided, IBEX Safe stores preferences in userData
Return confirmation : IBEx.Fi API returns success message to client
Retrieve stored data : Client can retrieve stored email using GET /v1.1/ibexsafe/userdata/external/:externalUserId

← Back to Main Guide