API Reference
The Flutter SDK (
prophetx_sdk) mirrors the React Native surface — same provider, same options, same event payloads. Differences are called out per-section: hooks becomeChangeNotifierflow controllers onProphetX.of(context), callbacks fire on DartFunctiontypes, and the event bus is a DartStream.
ProphetXProvider
Props
Environment
Pass a preset name or a custom config object:
| Name | Embed URL | API Base URL |
|---|---|---|
"production" | https://embed.prophetx.co | https://api.prophetx.co |
"staging" | https://embed-staging.prophetx.co | https://api-ss-staging.betprophet.co |
"sandbox" | https://embed-sandbox.prophetx.co | https://api-ss-sandbox.betprophet.co |
Custom config:
type EnvironmentConfig = {
embedUrl: string;
apiBaseUrl: string;
};AuthConfig
Optional. When provided, the SDK manages authentication internally — you don't need to pass token yourself.
| Field | Type | Required | Description |
|---|---|---|---|
apiBaseUrl | string | Yes | API base URL for authentication requests. |
refreshBufferSeconds | number | No | Auto-refresh the token this many seconds before expiry. Default: 30. |
onAuthStateChanged | (state: AuthState) => void | No | Called whenever auth state changes. |
getCredentials | () => LoginCredentials | Promise<LoginCredentials> | No | Returns credentials on demand for auto-refresh. Avoids storing plaintext credentials in memory. |
storage | StorageAdapter | No | Custom storage adapter. Defaults to browser localStorage. |
http | HttpAdapter | No | Custom HTTP adapter. Defaults to fetch. |
random | RandomAdapter | No | Custom random number adapter. |
DevToolsConfig
| Field | Type | Required | Description |
|---|---|---|---|
enabled | boolean | No | Enable or disable devtools. |
logLevel | "none" | "error" | "warn" | "info" | "debug" | No | Log level threshold. |
redactPII | boolean | No | When true, masks tokens, passwords, and emails in log output. |
onEvent | (entry: DevToolsLogEntry) => void | No | Custom log sink — receives every log entry. |
Deposit flow
Opens the deposit flow. The SDK renders a modal that handles the full deposit UI. React/React Native expose this via the useDeposit hook; the Flutter SDK exposes a DepositFlow controller on ProphetX.of(context).deposit.
Controller surface
| Surface | Field | Type | Description |
|---|---|---|---|
| React / React Native | open | (options?: OpenDepositOptions) => void | Opens the deposit modal. |
| React / React Native | close | () => void | Closes the deposit modal programmatically. |
| React / React Native | isOpen | boolean | Whether the deposit modal is currently open. |
| Flutter | open | ([OpenDepositOptions?]) => void | Opens the deposit modal. |
| Flutter | close | () => void | Closes the deposit modal programmatically. |
| Flutter | isOpen | bool | Whether the deposit modal is currently open. Notifies via ChangeNotifier. |
OpenDepositOptions
| Option | Type | Description |
|---|---|---|
onSuccess | (transactionId: string, amount?: number) => void | Fires when the deposit completes. Store transactionId on your backend to track the deposit. |
onError | (code: string, message: string) => void | Fires on any error. See Error Codes. |
onCancel | () => void | Fires when the user closes the modal without completing the deposit. |
onReady | () => void | Fires when the embed iframe has loaded and is ready to interact. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Fires when the user's location is outside a permitted jurisdiction. |
The JavaScript SDK's
OpenOptionsalso acceptstoken,theme, andonSessionExpired— these are passed per-call instead of through a provider.
Withdraw flow
Opens the withdrawal flow. Follows the same pattern as the deposit flow above. React/React Native expose useWithdraw; Flutter exposes ProphetX.of(context).withdraw.
Controller surface
| Surface | Field | Type | Description |
|---|---|---|---|
| React / React Native | open | (options?: OpenWithdrawOptions) => void | Opens the withdraw modal. |
| React / React Native | close | () => void | Closes the withdraw modal programmatically. |
| React / React Native | isOpen | boolean | Whether the withdraw modal is currently open. |
| Flutter | open | ([OpenWithdrawOptions?]) => void | Opens the withdraw modal. |
| Flutter | close | () => void | Closes the withdraw modal programmatically. |
| Flutter | isOpen | bool | Whether the withdraw modal is currently open. Notifies via ChangeNotifier. |
OpenWithdrawOptions
| Option | Type | Description |
|---|---|---|
onSuccess | (transactionId: string, amount?: number) => void | Fires when the withdrawal completes. |
onError | (code: string, message: string) => void | Fires on any error. See Error Codes. |
onCancel | () => void | Fires when the user closes the modal without completing the withdrawal. |
onReady | () => void | Fires when the embed iframe has loaded and is ready to interact. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Fires when the user's location is outside a permitted jurisdiction. |
Onboarding flow
Opens the onboarding flow — combines terms acceptance, identity verification (KYC), and an optional first deposit into a single guided experience. React/React Native expose useOnboarding; Flutter exposes ProphetX.of(context).onboarding.
Controller surface
| Surface | Field | Type | Description |
|---|---|---|---|
| React / React Native | open | (options?: OpenOnboardingOptions) => void | Opens the onboarding modal. |
| React / React Native | close | () => void | Closes the onboarding modal programmatically. |
| React / React Native | isOpen | boolean | Whether the onboarding modal is currently open. |
| Flutter | open | ([OpenOnboardingOptions?]) => void | Opens the onboarding modal. |
| Flutter | close | () => void | Closes the onboarding modal programmatically. |
| Flutter | isOpen | bool | Whether the onboarding modal is currently open. Notifies via ChangeNotifier. |
OpenOnboardingOptions
| Option | Type | Description |
|---|---|---|
onSuccess | (transactionId: string, amount?: number) => void | Fires if the user completes a deposit during onboarding. |
onTermsAccepted | (acceptedAt: string) => void | Fires when the user accepts T&C during onboarding. acceptedAt is the ISO 8601 acceptance timestamp. |
onKycSuccess | (identityUuid: string) => void | Fires when identity verification passes. |
onKycFailed | (reason: string) => void | Fires when identity verification fails. |
onKycPending | () => void | Fires when identity verification is submitted but not yet resolved. |
onError | (code: string, message: string) => void | Fires on any error. See Error Codes. |
onCancel | () => void | Fires when the user closes the modal. |
onReady | () => void | Fires when the embed iframe has loaded and is ready to interact. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Fires when the user's location is outside a permitted jurisdiction. |
Terms flow
Opens the terms and conditions acceptance flow as a standalone step. Use this when a user is otherwise verified but has not yet accepted ProphetX's legal documents — for example, an existing user whose terms version has changed, or a new user who skipped acceptance during onboarding. React/React Native expose useTerms; Flutter exposes ProphetX.of(context).terms.
Controller surface
| Surface | Field | Type | Description |
|---|---|---|---|
| React / React Native | open | (options?: OpenTermsOptions) => void | Opens the terms modal. |
| React / React Native | close | () => void | Closes the terms modal programmatically. |
| React / React Native | isOpen | boolean | Whether the terms modal is currently open. |
| Flutter | open | ([OpenTermsOptions?]) => void | Opens the terms modal. |
| Flutter | close | () => void | Closes the terms modal programmatically. |
| Flutter | isOpen | bool | Whether the terms modal is currently open. Notifies via ChangeNotifier. |
OpenTermsOptions
| Option | Type | Description |
|---|---|---|
onTermsAccepted | (acceptedAt: string) => void | Fires when the user accepts. acceptedAt is the ISO 8601 timestamp returned by the server. |
onError | (code: string, message: string) => void | Fires on any error. See Error Codes. |
onCancel | () => void | Fires when the user closes the modal without accepting. |
onReady | () => void | Fires when the embed iframe has loaded and is ready to interact. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Fires when the user's location is outside a permitted jurisdiction. |
What users see
Once you call open(), the embed renders the acceptance screen inside the modal. You don't render any of these screens yourself — the embed owns them.
- Document list. The user sees ProphetX's legal documents (Privacy Policy, Terms of Use, Market Participant Agreement, Risk Disclosure Statement), each with a checkbox and a link that opens the full document in a new tab. An "Accept all" checkbox toggles all documents at once.
- Continue. The Continue button is disabled until every document is checked. Tapping it submits acceptance to ProphetX in a single request.
- Terminal state. One of two outcomes fires:
- Accepted —
onTermsAccepted(acceptedAt)is called with the ISO 8601 acceptance timestamp. The embed shows a brief success screen, then closes. - Failed —
onError(code, message)is called. The embed shows an error screen with a "Try Again" affordance that returns the user to the document list so they can resubmit.
- Accepted —
KYC flow
Opens the identity verification (KYC) flow as a standalone step. Use this when you want to verify a user's identity without the full onboarding experience. React/React Native expose useKyc; Flutter exposes ProphetX.of(context).kyc.
Controller surface
| Surface | Field | Type | Description |
|---|---|---|---|
| React / React Native | open | (options?: OpenKycOptions) => void | Opens the KYC modal. |
| React / React Native | close | () => void | Closes the KYC modal programmatically. |
| React / React Native | isOpen | boolean | Whether the KYC modal is currently open. |
| Flutter | open | ([OpenKycOptions?]) => void | Opens the KYC modal. |
| Flutter | close | () => void | Closes the KYC modal programmatically. |
| Flutter | isOpen | bool | Whether the KYC modal is currently open. Notifies via ChangeNotifier. |
OpenKycOptions
| Option | Type | Description |
|---|---|---|
onSuccess | (transactionId: string, amount?: number) => void | Fires if a transaction completes as part of the KYC flow. |
onKycSuccess | (identityUuid: string) => void | Fires when identity verification passes. |
onKycFailed | (reason: string) => void | Fires when identity verification fails. |
onKycPending | () => void | Fires when identity verification is submitted but not yet resolved. |
onError | (code: string, message: string) => void | Fires on any error. See Error Codes. |
onCancel | () => void | Fires when the user closes the modal. |
onReady | () => void | Fires when the embed iframe has loaded and is ready to interact. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Fires when the user's location is outside a permitted jurisdiction. |
What users see
Once you call open(), the embed walks the user through a short multi-step flow inside the modal. You don't render any of these screens yourself — the embed owns them.
- Phone entry. The user enters their mobile number. The embed submits it and triggers an SMS one-time passcode (OTP).
- OTP verification. A 6-digit code arrives via SMS. The user enters it. A "Resend code" affordance is available, and a back button returns to phone entry.
- Additional inputs (sometimes). Depending on what the identity provider needs to complete verification, the user may be asked for extra information — most commonly a date of birth. If no extra inputs are needed, this step is skipped.
- Identity confirmation. The embed displays the personal information returned by the identity provider (name, date of birth, address, last 4 of SSN, phone, email) for the user to review and confirm.
- Terminal state. One of three outcomes fires:
- Verified —
onKycSuccess(identityUuid)is called. The user is now cleared for transactions. - Pending review —
onKycPending()is called. The user has not been auto-approved and is under manual review. The flow cannot continue from here; check status on your backend or wait for a webhook. - Failed —
onKycFailed(reason)is called. Verification was rejected and cannot be retried in this session.
- Verified —
The embed renders its own success / pending / failed result screen with a close button before the corresponding callback fires.
Latency and retries
| Behavior | Detail |
|---|---|
| OTP delivery | Via SMS. Typical delivery is seconds, but carrier delays of a minute or more are not uncommon. |
| OTP attempts | The user gets 3 attempts to enter the code correctly. After the 3rd failure the embed transitions to an error screen with a retry affordance. |
| Resend | The user can request a fresh code from the OTP screen. The attempt counter resets when a resend succeeds. |
| Back navigation | From the OTP screen, the user can return to phone entry to correct a typo. From the identity confirmation screen, the user can return to phone entry to start over. |
| Pending and Failed | Both are non-recoverable in the current session. Do not prompt the user to retry — the flow has terminated. |
Wallet
Fetches and returns the user's current wallet balance. Requires ProphetXProvider with an environment configured. React/React Native expose useWallet; Flutter exposes ProphetX.of(context).wallet (a ChangeNotifier).
Return value (React / React Native)
| Field | Type | Description |
|---|---|---|
balance | WalletBalance | null | Current balance, or null if not yet fetched. |
loading | boolean | Whether a fetch is in progress. |
error | ProphetXApiError | null | Last error, or null. |
refetch | () => Promise<void> | Call to re-fetch the balance. Not automatic — call it on mount and after deposits/withdrawals. |
WalletBalance
| Field | Type | Description |
|---|---|---|
totalBalance | number | The user's available balance. |
currency | string | Currency code (e.g. "USD"). |
JavaScript SDK
The vanilla SDK exposes a wallet property on the SDK instance:
| Method | Type | Description |
|---|---|---|
sdk.wallet.getBalance() | () => Promise<WalletBalance> | Returns the user's balance. sdk.wallet is null if auth was not configured. |
Flutter
ProphetX.of(context).wallet is a WalletClient that extends ChangeNotifier. Pair it with ListenableBuilder to react to balance / loading / error transitions.
| Field | Type | Description |
|---|---|---|
balance | WalletBalance? | Current balance, or null if not yet fetched. |
loading | bool | Whether a fetch is in progress. |
error | Object? | Last error, or null. |
refetch | Future<WalletBalance?> Function() | Re-fetches the balance. Call on mount and after deposits/withdrawals. |
Auth
Manages user authentication. Requires ProphetXProvider with the auth prop configured. React/React Native expose useAuth; Flutter exposes ProphetX.of(context).auth (an AuthManager that extends ChangeNotifier).
Return value (React / React Native)
| Field | Type | Description |
|---|---|---|
state | AuthState | Current authentication state. See AuthState. |
login | (credentials: LoginCredentials) => Promise<LoginResult> | Authenticate with email and password. |
logout | () => void | Clear the token and reset state. |
token | string | null | Current JWT, or null if unauthenticated. |
isAuthenticated | boolean | Convenience boolean — true when state.status === "authenticated". |
AuthState
| Status | Fields | Description |
|---|---|---|
"unauthenticated" | — | No active session. |
"authenticating" | — | Login in progress. |
"authenticated" | token: string, expiresAt: number | Active session with a valid JWT. |
"expired" | lastToken: string | Session expired. Contains the last token for reference. |
"error" | error: ProphetXAuthError | Authentication failed. |
LoginCredentials
| Field | Type | Required | Description |
|---|---|---|---|
email | string | Yes | User's email address. |
password | string | Yes | User's password. |
deviceId | string | No | Optional device identifier. |
LoginResult
| Field | Type | Description |
|---|---|---|
token | string | Signed JWT. |
expiresAt | number | Unix timestamp (ms) when the token expires. |
ProphetXAuthError
| Field | Type | Description |
|---|---|---|
type | "AUTH_ERROR" | Always "AUTH_ERROR". |
code | "INVALID_CREDENTIALS" | "NETWORK_ERROR" | "SERVER_ERROR" | "TIMEOUT" | Error category. |
message | string | Human-readable error message. |
status | number | undefined | HTTP status code, if applicable. |
JavaScript SDK
The vanilla SDK exposes an auth property on the SDK instance:
| Method | Type | Description |
|---|---|---|
sdk.auth.login(credentials) | (LoginCredentials) => Promise<LoginResult> | Authenticate. |
sdk.auth.logout() | () => void | Clear the session. |
sdk.auth.getToken() | () => string | null | Get the current JWT. |
sdk.auth.getState() | () => AuthState | Get the current auth state. |
sdk.auth.onStateChange(cb) | (cb: (state: AuthState) => void) => () => void | Subscribe to state changes. Returns an unsubscribe function. |
sdk.auth.handleSessionExpired() | () => Promise<string | null> | Re-authenticates using the getCredentials callback from AuthConfig. |
sdk.auth.destroy() | () => void | Tear down the auth manager and clear timers. |
sdk.authisnullifAuthConfigwas not passed tocreateProphetX.
Flutter
ProphetX.of(context).auth is an AuthManager that extends ChangeNotifier. state is a sealed hierarchy (Unauthenticated, Authenticating, Authenticated, Expired, AuthError) — match on it with Dart 3 pattern syntax.
| Member | Type | Description |
|---|---|---|
login | Future<LoginResult> Function(LoginCredentials) | Authenticate with email + password. Throws ProphetXAuthError. |
logout | void Function() | Clear the session. |
token | String? | Current JWT, or null when not in the Authenticated state. |
isAuthenticated | bool | true when state is Authenticated. |
state | AuthState | Sealed hierarchy. See enum below. |
handleSessionExpired | Future<String?> Function() | Re-authenticates using the getCredentials callback from AuthConfig. Used internally as the default onSessionExpired. |
AuthState subtypes: Unauthenticated, Authenticating, Authenticated(token, expiresAt), Expired(lastToken), AuthError(error). expiresAt on Flutter is Unix seconds (the JS SDKs use milliseconds).
ProphetXAuthError.code is the Dart enum AuthErrorCode { invalidCredentials, networkError, serverError, timeout }.
Events
Subscribes to all SDK events globally. Useful for analytics, logging, or cross-cutting concerns that apply regardless of which flow is open. React/React Native expose useEvents; Flutter exposes a broadcast Stream on ProphetX.of(context).events.
ProphetXEventHandlers (React / React Native)
All fields are optional. Pass only the events you care about.
| Handler | Payload | Description |
|---|---|---|
onReady | — | Embed iframe loaded and ready. |
onSuccess | { transactionId: string, amount?: number } | Transaction completed. |
onError | { code: string, message: string } | An error occurred. |
onCancel | — | User closed the modal. |
onKycSuccess | { identityUuid: string } | Identity verification passed. |
onKycFailed | { reason: string } | Identity verification failed. |
onKycPending | — | Identity verification submitted, awaiting result. |
onGeofenceBlocked | { stateCode: string, reason: string } | User's location is not permitted. |
Note:
useEventsreceives payload data as objects (e.g.{ transactionId, amount }), while flow hook callbacks receive them as positional arguments (e.g.(transactionId, amount)).
Flutter event types
The Flutter SDK uses a sealed ProphetXEvent hierarchy. Subscribe to a single subtype with events.on<T>(handler) or to the full union with events.stream.listen(...).
| Event subtype | Fields | Description |
|---|---|---|
ReadyEvent | — | Embed iframe loaded and ready. |
SuccessEvent | transactionId: String, amount: num? | Transaction completed. |
ErrorEvent | code: String, message: String | An error occurred. |
CancelEvent | — | User dismissed the modal. |
KycSuccessEvent | identityUuid: String | Identity verification passed. |
KycFailedEvent | reason: String | Identity verification failed. |
KycPendingEvent | — | Identity verification submitted, awaiting result. |
GeofenceBlockedEvent | stateCode: String, reason: String | User's location is not permitted. |
SessionExpiredEvent | — | The session token has expired. |
SessionRefreshedEvent | token: String | A new session token was obtained after expiry. |
FlowOpenEvent | flow: String | A flow modal was opened. flow is "deposit", "withdraw", "onboarding", or "kyc". |
FlowCloseEvent | flow: String | A flow modal was closed. |
ProphetXEmbed
Low-level iframe component. Use this when you need direct control over the embed lifecycle — most integrations should use the hooks above instead.
This component is only available in
@prophetx/sdk-react.
function CustomEmbed() {
const ref = useRef<ProphetXEmbedHandle>(null);
return (
<ProphetXEmbed
ref={ref}
open={true}
onOpenChange={(open) => console.log("Open state:", open)}
src="https://embed.prophetx.co/deposit"
token={token}
title="Deposit"
theme={{ mode: "dark" }}
onSuccess={(transactionId, amount) => console.log("Success:", transactionId)}
onError={(code, message) => console.error("Error:", code, message)}
onCancel={() => console.log("Cancelled")}
onReady={() => console.log("Ready")}
onGeofenceBlocked={(stateCode, reason) => console.log("Blocked:", stateCode)}
onKycSuccess={(identityUuid) => console.log("KYC passed:", identityUuid)}
onKycFailed={(reason) => console.log("KYC failed:", reason)}
onKycPending={() => console.log("KYC pending")}
onSessionExpired={async () => {
const fresh = await fetchToken();
return fresh;
}}
/>
);
}Props
| Prop | Type | Required | Description |
|---|---|---|---|
open | boolean | Yes | Controls whether the embed is visible. |
onOpenChange | (open: boolean) => void | Yes | Called when the open state should change (e.g. user closes the modal). |
src | string | Yes | Full URL of the embed page to load. |
token | string | Yes | Partner session JWT. |
title | string | No | Accessible title for the iframe. |
theme | EmbedTheme | No | Theme overrides. |
locale | string | No | BCP 47 locale tag (e.g. "en", "es"). Sent to the embed via PROPHETX_LOCALE. Defaults to "en". |
onSuccess | (transactionId: string, amount?: number) => void | No | Transaction completed. |
onError | (code: string, message: string) => void | No | An error occurred. |
onCancel | () => void | No | User closed the modal. |
onReady | () => void | No | Embed iframe loaded and ready. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | No | Location not permitted. |
onKycSuccess | (identityUuid: string) => void | No | Identity verification passed. |
onKycFailed | (reason: string) => void | No | Identity verification failed. |
onKycPending | () => void | No | Identity verification pending. |
onSessionExpired | () => Promise<string | null> | No | Return a fresh JWT or null to abort. |
ProphetXEmbedHandle (ref)
Access the imperative handle via useRef<ProphetXEmbedHandle>:
| Method | Type | Description |
|---|---|---|
sendMessage | (message: { type: string; payload?: unknown }) => void | Send a raw postMessage to the iframe. |
reload | () => void | Reload the iframe. |
JavaScript SDK instance
The object returned by createProphetX().
| Method / Property | Type | Description |
|---|---|---|
openDeposit(opts) | (OpenOptions) => void | Open the deposit flow. |
openWithdraw(opts) | (OpenOptions) => void | Open the withdraw flow. |
openOnboarding(opts) | (KycOpenOptions) => void | Open the onboarding flow. |
openKyc(opts) | (KycOpenOptions) => void | Open the KYC flow. |
openTerms(opts) | (TermsOpenOptions) => void | Open the terms acceptance flow. |
close() | () => void | Close any open flow. |
destroy() | () => void | Tear down the SDK — removes DOM elements, clears listeners, destroys auth manager. |
updateTheme(theme) | (EmbedTheme) => void | Update the theme on a currently open embed. |
on(event, handler) | See EventEmitter | Subscribe to an event. Returns an unsubscribe function. |
off(event, handler) | See EventEmitter | Unsubscribe from an event. |
auth | AuthManager | null | Auth manager instance. null if AuthConfig was not provided. |
wallet | WalletClient | null | Wallet client instance. null if auth was not configured. |
OpenOptions (JavaScript SDK)
| Option | Type | Description |
|---|---|---|
token | string | Session JWT. Required unless using the auth module. |
theme | EmbedTheme | Per-flow theme overrides. |
locale | string | BCP 47 locale tag (e.g. "en", "es"). Defaults to "en". |
onSuccess | (transactionId: string, amount?: number) => void | Transaction completed. |
onError | (code: string, message: string) => void | An error occurred. |
onCancel | () => void | User closed the modal. |
onReady | () => void | Embed loaded and ready. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Location not permitted. |
onSessionExpired | () => Promise<string | null> | Return a fresh JWT or null to abort. |
KycOpenOptions (JavaScript SDK)
| Option | Type | Description |
|---|---|---|
token | string | Session JWT. Required unless using the auth module. |
theme | EmbedTheme | Per-flow theme overrides. |
locale | string | BCP 47 locale tag (e.g. "en", "es"). Defaults to "en". |
onKycSuccess | (identityUuid: string) => void | Identity verification passed. |
onKycFailed | (reason: string) => void | Identity verification failed. |
onKycPending | () => void | Identity verification pending. |
onError | (code: string, message: string) => void | An error occurred. |
onCancel | () => void | User closed the modal. |
onReady | () => void | Embed loaded and ready. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Location not permitted. |
onSessionExpired | () => Promise<string | null> | Return a fresh JWT or null to abort. |
TermsOpenOptions (JavaScript SDK)
| Option | Type | Description |
|---|---|---|
token | string | Session JWT. Required unless using the auth module. |
theme | EmbedTheme | Per-flow theme overrides. |
locale | string | BCP 47 locale tag (e.g. "en", "es"). Defaults to "en". |
onTermsAccepted | (acceptedAt: string) => void | User accepted T&C. acceptedAt is the ISO 8601 acceptance timestamp. |
onError | (code: string, message: string) => void | An error occurred. |
onCancel | () => void | User closed the modal without accepting. |
onReady | () => void | Embed loaded and ready. |
onGeofenceBlocked | (stateCode: string, reason: string) => void | Location not permitted. |
onSessionExpired | () => Promise<string | null> | Return a fresh JWT or null to abort. |
Events
The SDK has three event layers. Most integrations only use callback events (passed to open()). Use the EventEmitter for global analytics or logging. Use the postMessage protocol only if building a custom integration without the SDK.
Callback events
Passed as options to open() on each flow hook. See the individual hook sections above for the full list per flow.
Summary of all callback events across flows:
| Callback | Available on | Payload |
|---|---|---|
onSuccess | All flows | (transactionId: string, amount?: number) |
onError | All flows | (code: string, message: string) |
onCancel | All flows | — |
onReady | All flows | — |
onGeofenceBlocked | All flows | (stateCode: string, reason: string) |
onKycSuccess | useOnboarding, useKyc | (identityUuid: string) |
onKycFailed | useOnboarding, useKyc | (reason: string) |
onKycPending | useOnboarding, useKyc | — |
EventEmitter
A typed pub/sub system available in all three SDKs. In React/React Native, use useEvents. In JavaScript, use sdk.on() / sdk.off().
| Event name | Payload type | Description |
|---|---|---|
ready | — | Embed iframe loaded and ready to interact. |
success | { transactionId: string; amount?: number } | Transaction completed successfully. |
error | { code: string; message: string } | An error occurred. |
cancel | — | User dismissed the modal. |
kycSuccess | { identityUuid: string } | Identity verification passed. |
kycFailed | { reason: string } | Identity verification failed. |
kycPending | — | Identity verification submitted, awaiting result. |
geofenceBlocked | { stateCode: string; reason: string } | User's location is outside a permitted jurisdiction. |
resize | { height: number } | Embed content height changed. Useful for inline (non-modal) embeds. |
sessionExpired | — | The session token has expired. |
sessionRefreshed | { token: string } | A new session token was obtained after expiry. |
open | { flow: string } | A flow modal was opened. flow is "deposit", "withdraw", "onboarding", or "kyc". |
close | { flow: string } | A flow modal was closed. |
EventEmitter API:
// Subscribe — returns an unsubscribe function
const unsub = sdk.on("success", ({ transactionId, amount }) => { ... });
// Unsubscribe by reference
sdk.off("success", handler);
// Unsubscribe via return value
unsub();postMessage protocol
Raw messages exchanged between the host page and the ProphetX iframe via window.postMessage. The SDK handles these automatically — use this reference only if you are building a custom integration without the SDK.
Outbound messages (iframe to host)
These messages are sent by the ProphetX embed to your page:
| Message type | Payload | Description |
|---|---|---|
PROPHETX_READY | — | Embed loaded and ready. |
PROPHETX_EMBED_LOADED | — | Iframe DOM content loaded. |
PROPHETX_SUCCESS | { transactionId: string; amount?: number } | Transaction completed. |
PROPHETX_ERROR | { code: string; message: string } | An error occurred. |
PROPHETX_CANCEL | — | User dismissed the flow. |
PROPHETX_RESIZE | { height: number } | Embed content height changed. |
PROPHETX_GEOFENCE_BLOCKED | { stateCode: string; reason: string } | Location not permitted. |
PROPHETX_KYC_SUCCESS | { identityUuid: string } | Identity verification passed. |
PROPHETX_KYC_FAILED | { reason: string } | Identity verification failed. |
PROPHETX_KYC_PENDING | {} | Identity verification pending. |
PROPHETX_SESSION_EXPIRED | — | Session token expired. |
Inbound messages (host to iframe)
Send these messages to the ProphetX iframe:
| Message type | Payload | Description |
|---|---|---|
PROPHETX_SESSION | { token: string } | Provide the session JWT when opening a flow. |
PROPHETX_SESSION_REFRESH | { token: string } | Provide a refreshed JWT after a PROPHETX_SESSION_EXPIRED event. |
PROPHETX_THEME | EmbedTheme | Update the embed's theme. |
PROPHETX_CLOSE | — | Close the embed. |
Example — listening without the SDK:
window.addEventListener("message", (event) => {
// Validate origin
if (event.origin !== "https://embed.prophetx.co") return;
const { type, payload } = event.data;
switch (type) {
case "PROPHETX_READY":
console.log("Embed ready");
break;
case "PROPHETX_SUCCESS":
console.log("Transaction:", payload.transactionId, payload.amount);
break;
case "PROPHETX_ERROR":
console.error("Error:", payload.code, payload.message);
break;
case "PROPHETX_CANCEL":
console.log("Cancelled");
break;
case "PROPHETX_SESSION_EXPIRED":
// Fetch a new token and send it back
fetchToken().then((token) => {
iframe.contentWindow.postMessage(
{ type: "PROPHETX_SESSION_REFRESH", payload: { token } },
"https://embed.prophetx.co"
);
});
break;
}
});EmbedTheme
Theme overrides applied to the embed UI. Pass via the theme prop on ProphetXProvider (React/React Native), as part of OpenOptions (JavaScript SDK), or dynamically via sdk.updateTheme().
type EmbedTheme = {
mode?: "light" | "dark";
primaryColor?: string;
colorOverrides?: Partial<ColorOverrides>;
spacingOverrides?: Partial<SpacingOverrides>;
radiusOverrides?: Partial<RadiusOverrides>;
fontSizeOverrides?: Partial<FontSizeOverrides>;
};Top-level fields
| Field | Type | Description |
|---|---|---|
mode | "light" | "dark" | Base color scheme. Defaults to "dark". |
primaryColor | string | Primary brand color. Applied to primary, primaryHover, cta, and ctaHover tokens. |
colorOverrides
Fine-grained color tokens. All fields are optional CSS color strings.
| Token | Description |
|---|---|
primary | Primary brand color |
primaryHover | Hover state for primary elements |
primaryForeground | Text/icon color on primary backgrounds |
secondary | Secondary color |
secondaryHover | Hover state for secondary elements |
background | Page background |
surface | Card/panel background |
surfaceElevated | Elevated surface (modals, dropdowns) |
text | Default text color |
textMuted | De-emphasized text |
textSubtle | Least prominent text (placeholders, hints) |
border | Default border color |
borderSubtle | Subtle border (dividers, separators) |
error | Error text/icon color |
errorBackground | Error background (alerts, badges) |
success | Success text/icon color |
successBackground | Success background |
warning | Warning text/icon color |
warningBackground | Warning background |
cta | Call-to-action button color |
ctaHover | CTA hover state |
ctaForeground | Text on CTA buttons |
filled | Filled/solid button color |
filledHover | Filled button hover state |
filledForeground | Text on filled buttons |
danger | Destructive action color |
dangerHover | Destructive action hover state |
dangerForeground | Text on destructive action buttons |
spacingOverrides
| Token | Description |
|---|---|
xs | Extra-small spacing |
sm | Small spacing |
md | Medium spacing |
lg | Large spacing |
xl | Extra-large spacing |
radiusOverrides
| Token | Description |
|---|---|
sm | Small border radius |
md | Medium border radius |
lg | Large border radius |
full | Fully rounded (pill shape) |
fontSizeOverrides
| Token | Description |
|---|---|
xs | Extra-small font size |
sm | Small font size |
md | Medium (base) font size |
lg | Large font size |
xl | Extra-large font size |
DevToolsLogEntry
Entries emitted by the devtools system. Receive them via DevToolsConfig.onEvent.
| Field | Type | Description |
|---|---|---|
timestamp | number | Unix timestamp (ms). |
category | "auth" | "message" | "api" | "lifecycle" | "event" | Log category. |
level | "error" | "warn" | "info" | "debug" | Severity level. |
message | string | Human-readable log message. |
data | Record<string, unknown> | undefined | Optional structured data. |
Type exports
All types are exported from the SDK package you're using. Import them alongside components and hooks:
Updated about 6 hours ago