Get 0Gate branding
GET /branding - Read partner co-branding tokens used by the hosted widget.
0Gate is the primary public integration path for hosted payment, ramp, and swap experiences. Keep secret-key operations on your server and hand only browser-safe values to the widget.
Co-branding lets the hosted widget render with your logo, colors, and name instead of the default Gate look. This endpoint reads back your resolved tokens — the exact values the embed bootstrap surfaces to the iframe — so your server can confirm what an end user will see.
Endpoint
| Field | Value |
|---|---|
| Method | GET |
| Path | /v1/branding |
| Area | Branding |
| Operation id | getBranding |
| Auth boundary | Secret key from your server. |
Use it for
Read your current partner co-branding tokens (logo, colors, brand name) used by the hosted widget. There are no path or query parameters — the tokens are scoped to the authenticated key's partner.
Use this endpoint only for the partner-scoped resource it describes. Store the returned values alongside the request id and timestamps so support and reconciliation do not depend on browser callbacks alone.
Production rules
- Keep secret keys on your server. This endpoint requires an
sk_*key; a publishablepk_*key is rejected. - These are the same tokens surfaced to the hosted widget via the embed bootstrap — read them here to confirm what the iframe will render.
- An all-
nullresponse is normal: it means the default Gate branding is in effect, not an error. - Branch on machine-readable fields and the request id, not on free-form text.
- Treat examples and placeholder ids as fake data only.
Secret key only
Branding is a server-side, secret-key operation. Use a sk_* key from your backend. Publishable pk_* keys are browser-scoped to embed bootstrap and cannot read or write branding.
Request
This endpoint takes no path parameters, no query parameters, and no body. Authentication alone selects the partner whose branding is returned.
| Header | Required | Value |
|---|---|---|
Authorization | Yes | Bearer sk_… — your server secret key. |
Response
Returns the resolved Branding object. Every token is present on the object; an unset token is null. When all tokens are null, the widget falls back to the default Gate branding.
| Field | Type | Use it for |
|---|---|---|
object | string | Always branding. A discriminator for client-side type narrowing. |
logo_url | string | null | Partner logo as an absolute https URL, or null when unset. |
primary_color | string | null | Primary brand color as a hex string (#RRGGBB), or null when unset. |
secondary_color | string | null | Secondary brand color as a hex string (#RRGGBB), or null when unset. |
accent_color | string | null | Accent brand color as a hex string (#RRGGBB), or null when unset. |
brand_name | string | null | Display name shown alongside the logo, or null when unset. |
Examples
curl https://gate-api.0bit.app/v1/branding \
-H "Authorization: Bearer sk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"{
"object": "branding",
"logo_url": "https://cdn.acme.example/logo.svg",
"primary_color": "#F97316",
"secondary_color": "#111827",
"accent_color": "#22C55E",
"brand_name": "Acme"
}A partner that has set every token. The hosted widget renders with this logo, palette, and name.
{
"object": "branding",
"logo_url": null,
"primary_color": null,
"secondary_color": null,
"accent_color": null,
"brand_name": null
}No co-branding configured. The widget uses the default Gate branding. This is the starting state for every partner.
Rate limits
GET /v1/branding is limited to 60 requests per minute. Over the limit returns 429 with the unified error envelope; back off and retry.
Errors
All errors use the unified envelope and carry an X-Request-Id response header. Branch on code/type/statusCode, not on the free-form message.
{
"type": "unauthorized",
"code": "unauthorized",
"message": "Example auth error using fake data.",
"request_id": "req_test_000000000123",
"doc_url": null,
"statusCode": 401
}| Status | type | When it happens |
|---|---|---|
401 | unauthorized | Missing or invalid secret key, or a pk_* key was used. |
429 | rate_limited | More than 60 requests in a minute. Back off and retry. |
5xx | server_error | Transient server failure. Retry with bounded backoff. |
Public boundary
This reference covers partner-scoped endpoint behavior, authentication, and the resolved branding tokens. Internal theme storage, administrative routes, and unsupported availability claims are outside the public API contract.