Getting Started

[B2C Client] Setup Public Key

The Public Key you upload via this API will be used to encrypt the Client credentials that generated via Create Subaccount API.

Request Header

ReadMe parameters block:


Code
{
  "data": {
    "h-0": "Key Parameters",
    "h-1": "Data Type",
    "h-2": "Description",
    "0-0": "publicAccessToken",
    "0-1": "String",
    "0-2": "One time access-token generated using [this API](https://docs.onebrick.io/reference/generate-public-access-token-jwt-token)",
    "1-0": "X-Signature",
    "1-1": "String",
    "1-2": "A HMAC-SHA512 signature generated using your API secret. This is used to verify the integrity and authenticity of the request. The signature is created based on the request payload and the X-Timestamp.",
    "2-0": "X-Timestamp",
    "2-1": "DateTime",
    "2-2": "The timestamp of the request in ISO 8601 format. This is used to validate the freshness of the request. Format: `YYYY-MM-DDTHH:MM:SS.SSS±HH:MM`  \nExample: `2025-05-27T10:17:54.964+07:00`"
  },
  "cols": 3,
  "rows": 3,
  "align": [
    "left",
    "left",
    "left"
  ]
}

Request Body

Key Parameters	Data Type	Description
publicKey	File (.pem)	File containing your public Key in .pem format. Max size 100KB.

Error Response

Please check the B2C Subaccount Onboarding Product Documentation for the error response.

Last modified on June 2, 2026

SubAccount for B2C Clients [B2C Client] Create Subaccount

Getting Started

[B2C Client] Setup Public Key

The Public Key you upload via this API will be used to encrypt the Client credentials that generated via Create Subaccount API.

Request Header

ReadMe parameters block:


Code
{
  "data": {
    "h-0": "Key Parameters",
    "h-1": "Data Type",
    "h-2": "Description",
    "0-0": "publicAccessToken",
    "0-1": "String",
    "0-2": "One time access-token generated using [this API](https://docs.onebrick.io/reference/generate-public-access-token-jwt-token)",
    "1-0": "X-Signature",
    "1-1": "String",
    "1-2": "A HMAC-SHA512 signature generated using your API secret. This is used to verify the integrity and authenticity of the request. The signature is created based on the request payload and the X-Timestamp.",
    "2-0": "X-Timestamp",
    "2-1": "DateTime",
    "2-2": "The timestamp of the request in ISO 8601 format. This is used to validate the freshness of the request. Format: `YYYY-MM-DDTHH:MM:SS.SSS±HH:MM`  \nExample: `2025-05-27T10:17:54.964+07:00`"
  },
  "cols": 3,
  "rows": 3,
  "align": [
    "left",
    "left",
    "left"
  ]
}

Request Body

Key Parameters	Data Type	Description
publicKey	File (.pem)	File containing your public Key in .pem format. Max size 100KB.

Error Response

Please check the B2C Subaccount Onboarding Product Documentation for the error response.

Last modified on June 2, 2026

SubAccount for B2C Clients [B2C Client] Create Subaccount