Skip to main content
POST
/
settings
/
redirect-urls
Replace the redirect-URL allowlist for the current account + environment
curl --request POST \
  --url https://api-sandbox.ledgersyncappv2.com/v3/settings/redirect-urls \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "allowed_redirect_urls": [
    "https://myapp.example.com/cb",
    "https://dcp-staging.d.atrvd.com/"
  ]
}
'
{
  "environment": "sandbox",
  "allowed_redirect_urls": [
    "https://myapp.example.com/cb"
  ]
}

Authorizations

Authorization
string
header
required

Pass your secret key in the Authorization header as a Bearer token: Authorization: Bearer sk_test_... (sandbox) or Bearer sk_live_... (production).

Keys are created in the developer portal and the plaintext secret is shown exactly once at creation. Treat them like passwords — never embed them in mobile apps or front-end code.

Body

application/json
allowed_redirect_urls
string<uri>[]
required

The full set of redirect URLs allowed for this account+environment. Each POST overwrites the previous set; an empty array stores deny-all.

Maximum array length: 20

HTTPS URL with no userinfo component; rejected if it resolves to a private/loopback/cloud-metadata range.

Maximum string length: 2048

Response

The new allowlist for the calling key's environment.

environment
enum<string>
required

The environment of the API key used (the row this view describes).

Available options:
sandbox,
live
allowed_redirect_urls
string<uri>[]
required