Quickstart

Authenticate a user, list their wallets, and execute an internal transfer — all in under 5 minutes.

Prerequisites

A Kora Digital Banking tenant (e.g. fmfb)
A registered user with email and password
Base URL: https://api.korastratum.com/api/v1/banking

Step 1: Authenticate

cURL
Node.js
Python
Go

curl -X POST https://api.korastratum.com/api/v1/banking/auth/login \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: fmfb" \
  -d '{
    "email": "user@example.com",
    "password": "SecurePass123!"
  }'

const res = await fetch("https://api.korastratum.com/api/v1/banking/auth/login", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-Tenant-ID": "fmfb",
  },
  body: JSON.stringify({
    email: "user@example.com",
    password: "SecurePass123!",
  }),
});
const { data } = await res.json();
const token = data.tokens.accessToken;

import requests

res = requests.post(
    "https://api.korastratum.com/api/v1/banking/auth/login",
    headers={"X-Tenant-ID": "fmfb"},
    json={
        "email": "user@example.com",
        "password": "SecurePass123!",
    },
)
token = res.json()["data"]["tokens"]["accessToken"]

body := `{"email":"user@example.com","password":"SecurePass123!"}`
req, _ := http.NewRequest("POST",
    "https://api.korastratum.com/api/v1/banking/auth/login",
    strings.NewReader(body))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-Tenant-ID", "fmfb")

resp, _ := http.DefaultClient.Do(req)
defer resp.Body.Close()

Save the accessToken from the response — you'll include it as a Bearer token in every subsequent request.

{
  "success": true,
  "data": {
    "user": {
      "id": "b47ac10b-58cc-4372-a567-0e02b2c3d479",
      "email": "user@example.com",
      "firstName": "John",
      "lastName": "Doe",
      "kycStatus": "verified",
      "kycLevel": 3
    },
    "tokens": {
      "accessToken": "eyJ0eXAi...",
      "refreshToken": "eyJ0eXAi...",
      "expiresIn": 86400,
      "tokenType": "Bearer"
    }
  }
}

Step 2: List Accounts

cURL
Node.js
Python
Go

curl https://api.korastratum.com/api/v1/banking/accounts \
  -H "Authorization: Bearer eyJ0eXAi..." \
  -H "X-Tenant-ID: fmfb"

const res = await fetch("https://api.korastratum.com/api/v1/banking/accounts", {
  headers: {
    Authorization: `Bearer ${token}`,
    "X-Tenant-ID": "fmfb",
  },
});
const { data } = await res.json();
console.log(data.accounts);

res = requests.get(
    "https://api.korastratum.com/api/v1/banking/accounts",
    headers={
        "Authorization": f"Bearer {token}",
        "X-Tenant-ID": "fmfb",
    },
)
accounts = res.json()["data"]["accounts"]

req, _ := http.NewRequest("GET",
    "https://api.korastratum.com/api/v1/banking/accounts", nil)
req.Header.Set("Authorization", "Bearer "+token)
req.Header.Set("X-Tenant-ID", "fmfb")

resp, _ := http.DefaultClient.Do(req)

Response:

{
  "success": true,
  "data": {
    "accounts": [
      {
        "id": "a1b2c3d4-...",
        "accountNumber": "0000123456",
        "accountName": "John Doe",
        "balance": 1500000.00,
        "currency": "NGN",
        "accountType": "main",
        "isPrimary": true,
        "status": "active"
      }
    ]
  }
}

Step 3: Send an Internal Transfer

cURL
Node.js
Python
Go

curl -X POST https://api.korastratum.com/api/v1/banking/transfers/internal \
  -H "Authorization: Bearer eyJ0eXAi..." \
  -H "X-Tenant-ID: fmfb" \
  -H "Content-Type: application/json" \
  -d '{
    "sourceWalletId": "a1b2c3d4-...",
    "recipientAccountNumber": "0000654321",
    "amount": 50000.00,
    "narration": "Test transfer"
  }'

const res = await fetch(
  "https://api.korastratum.com/api/v1/banking/transfers/internal",
  {
    method: "POST",
    headers: {
      Authorization: `Bearer ${token}`,
      "X-Tenant-ID": "fmfb",
      "Content-Type": "application/json",
    },
    body: JSON.stringify({
      sourceWalletId: "a1b2c3d4-...",
      recipientAccountNumber: "0000654321",
      amount: 50000.0,
      narration: "Test transfer",
    }),
  }
);
const { data } = await res.json();
console.log(data.reference); // "FMFB20260227001234"

res = requests.post(
    "https://api.korastratum.com/api/v1/banking/transfers/internal",
    headers={
        "Authorization": f"Bearer {token}",
        "X-Tenant-ID": "fmfb",
    },
    json={
        "sourceWalletId": "a1b2c3d4-...",
        "recipientAccountNumber": "0000654321",
        "amount": 50000.00,
        "narration": "Test transfer",
    },
)
print(res.json()["data"]["reference"])

body := `{
    "sourceWalletId": "a1b2c3d4-...",
    "recipientAccountNumber": "0000654321",
    "amount": 50000.00,
    "narration": "Test transfer"
}`
req, _ := http.NewRequest("POST",
    "https://api.korastratum.com/api/v1/banking/transfers/internal",
    strings.NewReader(body))
req.Header.Set("Authorization", "Bearer "+token)
req.Header.Set("X-Tenant-ID", "fmfb")
req.Header.Set("Content-Type", "application/json")

resp, _ := http.DefaultClient.Do(req)

Response:

{
  "success": true,
  "data": {
    "id": "f8e7d6c5-...",
    "reference": "FMFB20260227001234",
    "status": "completed",
    "amount": 50000.00,
    "fees": 0.00,
    "totalAmount": 50000.00,
    "narration": "Test transfer",
    "timestamp": "2026-02-27T14:22:00Z"
  }
}

Internal transfers between wallets on the same tenant settle instantly with zero fees.

What's Next

Authentication — JWT lifecycle, refresh tokens, and 2FA.
Accounts & Wallets — Create wallets, freeze/unfreeze, set limits.
Transfers — External (NIBSS) and international (SWIFT) transfers.
Sandbox Testing — Test data and staging environment.

Prerequisites​

Step 1: Authenticate​

Step 2: List Accounts​

Step 3: Send an Internal Transfer​

What's Next​

Prerequisites

Step 1: Authenticate

Step 2: List Accounts

Step 3: Send an Internal Transfer

What's Next