The examples below use
http://localhost:8080 as the API base URL for local development against the open-source reference implementation. Production base URLs (sandbox + live) are communicated during partner onboarding.- Exchanged a partner JWT for an access token.
- Listed available contract templates.
- Submitted an SPV creation request with
Idempotency-Key. - Verified the resulting
spv_request.createdwebhook.
You need a sandbox
client_id, the matching EdDSA private key, and a registered webhook URL + signing secret. Email sara@zestholdco.com to provision.1. Mint a JWT assertion
Build a JWT with the following claims:
Sign it with EdDSA using the private key registered with Zest.
New to JWT assertions? See Curity’s JWT-assertion walkthrough for an end-to-end primer on the grant type.
2. Exchange it for an access token
3. Submit an SPV request
Your
templateId is assigned by Zest during partner onboarding. Use the value you were given for <your_template_id> below — see Contract templates for details.201 Created):
4. Same call in Python
5. Same call in Node.js
6. Verify the webhook
You should receive aPOST to your webhook URL with body:
Zest-Signature header before processing — see Verification.
Next steps
- Authentication — JWT-bearer details and common pitfalls.
- SPV Requests — full lifecycle.
- Webhooks Overview — event shape, ordering, dedup.