Global fiat<>crypto onramp and offramp with deep coverage of local rails in 173+ countries (PIX, GCash, Mobile Money, UPI). Hosted widget, redirect URL, and direct API integration.
- 01emerging-market onramp (LatAm, SEA, Africa)
- 02local payment rails (PIX, GCash, UPI)
- 03fiat offramp / cash-out
- 04redirect or iframe checkout
- 05Web3 wallet first-purchase flow
| Variable | Scope | Description |
|---|---|---|
| ALCHEMY_PAY_APP_ID | Client | Alchemy Pay `appId` issued in the partner dashboard. Required on every API call and widget URL. |
| ALCHEMY_PAY_APP_SECRET | Server | Server-side secret used to compute the `sign` parameter (RSA-SHA256 or HMAC-SHA256, depending on tenant config) over the request payload. |
| ALCHEMY_PAY_WEBHOOK_PUBLIC_KEY | Server | RSA public key (issued by Alchemy Pay) used to verify the `signature` on incoming webhook bodies before crediting orders. |
Use Alchemy Pay for fiat on/offramp with broad emerging-market rails. The simplest integration is the redirect widget: build a URL like `https://ramp.alchemypay.org/?appId=ALCHEMY_PAY_APP_ID&crypto=USDC&network=ETH&address=<wallet>&fiat=BRL&fiatAmount=200&sign=<computed>`, where `sign` is your payload signed with `ALCHEMY_PAY_APP_SECRET`. For deeper integration, server-side call `POST https://openapi.alchemypay.org/open/api/v3/...` (e.g. `merchant/order/create`) with the same signing scheme, then redirect users to the returned `payUrl`. Subscribe to webhooks for order status (`PENDING` → `PROCESSING` → `COMPLETED` / `FAILED`) and verify the RSA `signature` against `ALCHEMY_PAY_WEBHOOK_PUBLIC_KEY` before fulfilling. Use `GET /merchant/order/quote` to get a fresh fiat<>crypto rate before committing.
- ⚑Signature scheme can be RSA-SHA256 or HMAC-SHA256 depending on partner contract — confirm with onboarding which mode your `appSecret` is configured for; the API returns a generic `INVALID_SIGN` either way.
- ⚑URL parameters must be signed in alphabetical key order with empty values stripped — re-ordering or including `undefined`/empty fields silently invalidates the signature.
- ⚑Sandbox lives at `openapi-sandbox.alchemypay.org` with separate `appId`/`appSecret`; the widget redirect base is also different (`ramp-sandbox.alchemypay.org`). Mixing prod credentials with sandbox URLs returns user-facing errors.
- ⚑Coverage is highly region-specific: PIX and GCash require KYC of the *Alchemy Pay* legal entity in that region, not yours. Some payment methods (e.g. Mobile Money) are partner-restricted — confirm during onboarding.
- ⚑FX margin can be wider on minor currency pairs (e.g. NGN, IDR) than on USD/EUR — show the live quote from `/order/quote` rather than computing it client-side.
- ⚑Settlement to the destination wallet is T+0 once status is `COMPLETED`, but card disputes can claw back funds for ~120 days — the partner agreement determines who bears chargeback risk.
- ⚑Network strings (`ETH`, `BSC`, `MATIC`, `SOL`, `TRX`) are case-sensitive uppercase and must match Alchemy Pay's enum — the same chain may be enabled for crypto X but disabled for crypto Y.