Skip to content

v16.0.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 06 Apr 09:57
· 19 commits to master since this release
v16.0.0
2e79793

Changelog

2026-04-06

Breaking Change

Add required autoDeposit field to InteracAddress schema

Products: Trading (Beta)

Scope: API + SDKs

  • What's new
    The autoDeposit boolean field has been added as a required field in the InteracAddress schema. This field indicates whether funds are deposited directly into the recipient's bank account without a security question.

  • Impact
    Clients consuming Interac payment instructions in order responses must update their models and schema validation to account for the always-present autoDeposit field.

Affected endpoints:

  1. Create an order
  2. Get order details

Remove UNSTAKE and WITHDRAW from GetTransactionOperation enum

Products: Transactions

Scope: API + SDKs

  • What's new
    The UNSTAKE and WITHDRAW values have been removed from the GetTransactionOperation enum as they were not supported operation types. Clients referencing these values in transaction operation fields should update their implementations accordingly.

  • Impact
    SDK clients that depend on UNSTAKE or WITHDRAW as valid operation field values in transaction responses must remove those references, as they are no longer part of the spec.

Affected endpoints:

  1. Get transaction history
  2. Get a specific transaction by Fireblocks transaction ID
  3. Get a specific transaction by external transaction ID

Change ScreeningRiskLevelEnum to provider-specific free-form values

Products: Compliance, Transactions

Scope: API + SDKs

  • What's new
    The fixed enum constraint on ScreeningRiskLevelEnum (previously VERY_HIGH, SEVERE, HIGH, MEDIUM, LOW, UNKNOWN) has been removed; the field is now a free-form string whose values are provider-dependent. Known current values include Chainalysis (severeRisk, highRisk, mediumRisk, lowRisk, noRiskInfo) and Elliptic (noRiskDetected), while legacy SCREAMING_SNAKE_CASE values may still appear on older transactions.

  • Impact
    Strict enum validation against the old fixed values will break. Update client code to treat the risk field as an open-ended string and handle provider-specific formats.

Affected endpoints:

  1. Get transaction history
  2. Get a specific transaction by Fireblocks transaction ID
  3. Get a specific transaction by external transaction ID
  4. Provides all the compliance details for the given screened transaction.

Add SECURITY_ADMIN and SECURITY_AUDITOR to UserRole enum

Products: Api User, Console User

Scope: API + SDKs

  • What's new
    Two new role values, SECURITY_ADMIN and SECURITY_AUDITOR, have been added to the UserRole enum schema. These roles now appear in API key and console user list responses when workspace members are assigned these security-focused roles.

  • Impact
    Update client code that strictly validates the role field in user list responses to handle the new SECURITY_ADMIN and SECURITY_AUDITOR values.

Affected endpoints:

  1. Get API Keys
  2. Get console users

Redesign Manifest schema and remove it from AccountBasedAccessProvider in GET /providers

Products: Trading (Beta)

Scope: API + SDKs

  • What's new
    The Manifest schema has been redesigned: the previous assetTypes and capabilities arrays are replaced by structured order, quote, and rate objects, each with a supported flag. The order object includes executionTypes (MARKET, QUOTE) and optional settlementTypes (DVP, PREFUNDED); quote includes optional settlementTypes; rate is a base object with just supported. The manifest field has been moved from AccountBasedAccessProvider to BaseProvider, making it present on all provider types in the list response with the new structure. The old AssetTypeEnum and Capability schemas have been removed.

  • Impact
    Update any code reading manifest.assetTypes or manifest.capabilities from provider objects in GET /providers to use the new manifest.order, manifest.quote, and manifest.rate structure. Account-based provider clients that previously accessed manifest on those objects will continue to find it, but with the new schema.

Affected endpoints:

  1. Get providers

Added

Add Legal Entities management endpoints

Products: Legal Entities

Scope: API + SDKs

  • What's new
    Seven new endpoints have been added under /legal_entities to support registering, retrieving, and managing legal entity records validated against the GLEIF registry. These endpoints enable workspaces to assign vault accounts to legal entities, set a default legal entity, and paginate through registrations and vault mappings.

  • Impact
    Use the new Legal Entities endpoints to programmatically manage LEI-based legal entity registrations and their vault account associations within your workspace.

Affected endpoints:

  1. Register a new legal entity
  2. List legal entities (Paginated)
  3. Get a legal entity
  4. Set default legal entity
  5. Assign vault accounts to a legal entity
  6. List vault accounts for a legal entity (Paginated)
  7. Get the legal entity for a vault account

Add address registry legal entity, tenant, and vault opt-out endpoints

Products: Compliance

Scope: API + SDKs

  • What's new
    New endpoints are available under /v1/address_registry for resolving enriched legal entity data by blockchain address, managing workspace-level opt-in/opt-out participation in the address registry, and controlling vault-level exclusions with cursor-based pagination. These give compliance teams full programmatic control over address registry participation and Travel Rule entity resolution.

  • Impact
    Use the new endpoints to look up enriched legal entity data (including verification status, LEI, and Travel Rule providers), manage workspace and vault-level address registry participation, and paginate through opted-out vault accounts.

Affected endpoints:

  1. Look up legal entity by blockchain address
  2. Get address registry participation status for the authenticated workspace
  3. Opt the workspace in to the address registry
  4. Opt the workspace out of the address registry
  5. List vault-level address registry opt-outs (paginated)
  6. Add vault accounts to the address registry opt-out list
  7. Remove all vault-level address registry opt-outs for the workspace
  8. Get whether a vault account is opted out of the address registry
  9. Remove a single vault account from the address registry opt-out list

Add securityQuestion and securityAnswer fields to InteracAddress

Products: Trading (Beta)

Scope: API + SDKs

  • What's new
    The optional securityQuestion and securityAnswer string fields have been added as declared properties in the InteracAddress schema. These fields provide the security question and answer used for Interac transfers when auto-deposit is disabled.

  • Impact
    Clients can now read and model the securityQuestion and securityAnswer fields from Interac payment instructions returned in order responses.

Affected endpoints:

  1. Create an order
  2. Get order details

Add pagination support and vaultAccountId filter to staking positions

Products: Staking

Scope: API + SDKs

  • What's new
    A new paginated endpoint /staking/positions_paginated enables cursor-based pagination with configurable page size and ordering for staking positions. The existing /staking/positions endpoint also gains an optional vaultAccountId query parameter to filter results by vault account.

  • Impact
    Use the new paginated endpoint for efficient large-scale data retrieval, and apply the vaultAccountId filter on either endpoint to scope results to a specific vault account.

Affected endpoints:

  1. List staking positions
  2. List staking positions (Paginated)

Add providerResponse field and extend travel rule enum values

Products: Compliance, Transactions

Scope: API + SDKs

  • What's new
    A new optional providerResponse field has been added to the ComplianceScreeningResult and ComplianceScreeningResultFullPayload schemas, providing direct access to the raw, provider-specific screening payload. Travel rule enum schemas have also been extended: TravelRuleActionEnum gains PASS and FREEZE, TravelRuleStatusEnum gains REJECTED, CANCELED, and BLOCKING_TIME_EXPIRED, and TravelRuleVerdictEnum gains WAIT, FREEZE, and CANCEL.

  • Impact
    Clients can now read the full raw provider response via the providerResponse field on compliance screening result objects. Update integrations to handle the new travel rule enum values where exhaustive matching is performed.

Affected endpoints:

  1. Get transaction history
  2. Get a specific transaction by Fireblocks transaction ID
  3. Get a specific transaction by external transaction ID
  4. Provides all the compliance details for the given screened transaction.

Add did and status fields to TravelRuleOwnershipProof

Products: Transactions, Travel Rule

Scope: API + SDKs

  • What's new
    Two new optional fields, did (Decentralized Identifier) and status (verification status string), have been added to the TravelRuleOwnershipProof schema used in transaction creation and Travel Rule validation requests. These fields enable richer ownership proof records by associating a DID-based identity and its verification outcome with each proof object.

  • Impact
    Clients submitting ownership proofs via originatorProof or beneficiaryProof may now optionally include did and status fields. No existing integrations are broken; update integrations that manage DID-based proofs to populate these new fields.

Affected endpoints:

  1. Create a new transaction
  2. Validate Full Travel Rule Transaction

Add ROBINHOOD_CHAIN_TESTNET_TEST support to NFT endpoints

Products: NFTs

Scope: API + SDKs

  • What's new
    The ROBINHOOD_CHAIN_TESTNET_TEST blockchain descriptor has been added to NFT endpoint parameters and response schemas, extending blockchain coverage across NFT ownership and token data APIs. This allows querying, refreshing, and managing NFT ownership for the Robinhood Chain Testnet network.

  • Impact
    NFT endpoints now accept and return ROBINHOOD_CHAIN_TESTNET_TEST as a valid blockchainDescriptor value; update your integration to use this new value when working with Robinhood Chain Testnet NFTs.

Affected endpoints:

  1. Refresh vault account tokens
  2. List all owned tokens (paginated)
  3. List owned collections (paginated)
  4. List tokens by IDs
  5. List token data by ID

Add tagIds to bulk vault request and approvalRequestId to response

Products: Vaults

Scope: API + SDKs

  • What's new
    Optional tagIds and approvalRequestId fields have been added to the bulk vault account creation request and job response schemas, respectively. This enables clients to associate tag IDs with bulk-created vault accounts and track approval requests when a protected tag triggers an approval flow.

  • Impact
    Update client code to optionally pass tagIds in bulk vault creation requests and handle the new approvalRequestId field in job creation responses.

Affected endpoints:

  1. Bulk creation of new vault accounts
  2. Bulk creation of new deposit addresses

Add optional customerIntegrationId and X-Request-ID response headers

Products: TRLink

Scope: API + SDKs

  • What's new
    An optional customerIntegrationId UUID field has been added to the TRLinkCreateIntegrationRequest schema, allowing tenants enabled for client-provided integration IDs to supply a custom identifier instead of a server-generated one. Additionally, X-Request-ID response headers are now formally documented across all TRLink endpoints for request tracing.

  • Impact
    Use the new customerIntegrationId field when creating an integration if your tenant is CSM-enabled for custom IDs; omit it otherwise to retain the existing auto-generated behavior. SDK clients can now access the X-Request-ID header from all TRLink responses for correlation and tracing.

Affected endpoints:

  1. Create customer
  2. Get all customers
  3. Create customer integration
  4. Connect customer integration
  5. Disconnect customer integration
  6. List supported assets
  7. Get supported asset by ID
  8. Get public key for PII encryption
  9. Test connection
  10. Create Travel Rule Message
  11. Assess Travel Rule requirement
  12. Get TRM by ID
  13. Cancel Travel Rule Message
  14. Redirect Travel Rule Message
  15. List VASPs
  16. Get VASP by ID
  17. Get customer by ID
  18. Update customer
  19. Delete customer
  20. Get customer integrations
  21. Get customer integration by ID
  22. List available TRSupport partners
  23. Get TRLink policy
  24. Set destination travel rule message ID
  25. Set transaction travel rule message ID

Add GET /providers/{providerId} endpoint and privacyPolicyUrl field

Products: Trading (Beta)

Scope: API + SDKs

  • What's new
    A new GET /providers/{providerId} endpoint has been added, returning a TradingProviderDetails response (either AccountBasedProviderDetails or DirectProviderDetails) with full manifest details per provider. A new optional privacyPolicyUrl field has also been added to the DirectAccessProvider schema in the GET /providers response to surface privacy policy links for direct-access providers.

  • Impact
    Use the new GET /providers/{providerId} endpoint to retrieve detailed per-provider manifest data including order, quote, and rate requirements. Use privacyPolicyUrl to display privacy policy links for direct-access providers.

Affected endpoints:

  1. Get providers
  2. Get trading provider by ID

Deprecated

Deprecate getLegalEntityByAddress query-parameter endpoint

Products: Compliance

Scope: API + SDKs

  • What's new
    The GET /v1/address_registry/legal_entity endpoint has been marked deprecated in favor of GET /v1/address_registry/legal_entities/{address}. The existing response fields (companyName, countryCode, companyId) remain unchanged; only the deprecation marker and documentation have been updated.

  • Impact
    Migrate to GET /v1/address_registry/legal_entities/{address} to access the enriched legal entity field set including verification status, LEI, Travel Rule providers, and contact email.

Affected endpoints:

  1. [Deprecated] Look up legal entity by address (query parameter)

Deprecate legacy AML and travel rule fields in compliance screening

Products: Compliance, Transactions

Scope: API + SDKs

  • What's new
    Multiple fields in ComplianceScreeningResult and ComplianceScreeningResultFullPayload have been marked deprecated—prevBypassReason, extendedRisk, refId, destRecordId, and addressResolutionSignature—as they are no longer returned in API responses. The AmlResult, AmlStatusEnum, TravelRuleResult, and ScreeningTravelRuleResult schemas have also been deprecated in favor of the unified compliance screening model.

  • Impact
    Remove references to these deprecated fields and schemas from your client code, as they will not be present in responses. Use the risk field instead of extendedRisk, and screeningStatus instead of AmlStatusEnum-based status fields.

Affected endpoints:

  1. Get transaction history
  2. Get a specific transaction by Fireblocks transaction ID
  3. Get a specific transaction by external transaction ID
  4. Provides all the compliance details for the given screened transaction.
Assets 2
Loading