Update 0Gate branding
PATCH /branding - Update approved co-branding values from server-side code.
0Gate is the primary public integration path for hosted payment, ramp, and swap experiences. Keep secret-key operations on your server and hand only browser-safe values to the widget.
Co-branding lets the hosted widget render with your logo, colors, and name instead of the default Gate look. This endpoint writes those tokens from your server. It is a partial update: the supplied tokens are merged onto your current branding, so sending one field never wipes the rest.
Endpoint
| Field | Value |
|---|---|
| Method | PATCH |
| Path | /v1/branding |
| Area | Branding |
| Operation id | updateBranding |
| Auth boundary | Secret key from your server. |
Use it for
Set or change your co-branding tokens (logo, colors, brand name) from server-side code, without an admin step. The values you write are the same ones surfaced to the hosted widget via the embed bootstrap — set them here and they show up in the iframe.
Use this endpoint only for the partner-scoped resource it describes. Store the returned values alongside the request id and timestamps so support and reconciliation do not depend on browser callbacks alone.
Production rules
- Keep secret keys on your server. This endpoint requires an
sk_*key; a publishablepk_*key is rejected. - Send only the tokens you want to change — the update merges, it does not replace.
- Send only the documented tokens. Any other key is rejected with
400(unknown keys are not silently ignored). - Colors must be hex strings. The partner-facing contract is
#RRGGBB.logo_urlmust be an absolutehttpsURL. - Branch on machine-readable fields and the request id, not on free-form text.
- Treat examples and placeholder ids as fake data only.
Secret key only
Branding is a server-side, secret-key operation. Use a sk_* key from your backend. Publishable pk_* keys are browser-scoped to embed bootstrap and cannot read or write branding.
Merge semantics (PATCH, not replace)
A PATCH merges the tokens you send onto your current branding. Tokens you omit are left exactly as they were. To clear a token, set it explicitly to null.
| You send | Effect |
|---|---|
{ "primary_color": "#F97316" } | Updates primary_color only; every other token is unchanged. |
{ "logo_url": null } | Clears the logo; other tokens unchanged. The widget falls back to default for that token. |
{ "unexpected_key": "x" } | Rejected with 400 — the whole request fails; nothing is written. |
Unknown keys are rejected
The request body is strictly whitelisted. Any field other than the documented tokens makes the entire PATCH fail with 400 invalid_request — nothing is updated. There is no partial-apply.
Request body
All fields are optional. An empty body ({}) is a valid no-op — it changes nothing and returns your current branding. A PATCH merges the tokens you send onto your current branding (it does not replace), and unknown keys are rejected with 400. The body schema is BrandingUpdate.
| Field | Required | Type | Use it for |
|---|---|---|---|
logo_url | No | string (URI) | Partner logo as an absolute https URL (max 2048 chars). Set to null to clear. |
primary_color | No | string (hex) | Primary brand color, #RRGGBB. Set to null to clear. |
secondary_color | No | string (hex) | Secondary brand color, #RRGGBB. Set to null to clear. |
accent_color | No | string (hex) | Accent brand color, #RRGGBB. Set to null to clear. |
brand_name | No | string | Display name shown alongside the logo (max 64 chars). Set to null to clear. |
Color format
The partner-facing contract for every color token is a 6-digit hex string, #RRGGBB (for example #F97316).
Other hex forms are also accepted
Although the documented contract is #RRGGBB, the API also accepts the shorthand #RGB, the 4-digit #RGBA, and the 8-digit #RRGGBBAA (with alpha) forms. For predictable rendering across the hosted widget, prefer #RRGGBB.
Response
Returns the full, resolved Branding object after the merge — the same shape as GET /branding. Every token is present; an unset token is null.
| Field | Type | Use it for |
|---|---|---|
object | string | Always branding. A discriminator for client-side type narrowing. |
logo_url | string | null | Resolved logo URL after the merge, or null when unset. |
primary_color | string | null | Resolved primary color after the merge, or null when unset. |
secondary_color | string | null | Resolved secondary color after the merge, or null when unset. |
accent_color | string | null | Resolved accent color after the merge, or null when unset. |
brand_name | string | null | Resolved display name after the merge, or null when unset. |
Examples
curl -X PATCH https://gate-api.0bit.app/v1/branding \
-H "Authorization: Bearer sk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"primary_color": "#F97316",
"brand_name": "Acme"
}'{
"primary_color": "#F97316",
"brand_name": "Acme"
}Only primary_color and brand_name are sent. Every other token keeps its current value.
{
"object": "branding",
"logo_url": "https://cdn.acme.example/logo.svg",
"primary_color": "#F97316",
"secondary_color": "#111827",
"accent_color": "#22C55E",
"brand_name": "Acme"
}The full resolved branding after the merge. primary_color and brand_name reflect this call; the other tokens were set previously and are unchanged.
Rate limits
PATCH /v1/branding is limited to 30 requests per minute. Over the limit returns 429 with the unified error envelope; back off and retry.
Errors
All errors use the unified envelope and carry an X-Request-Id response header. Branch on code/type/statusCode, not on the free-form message.
{
"type": "invalid_request",
"code": "invalid_request",
"message": "Example validation error using fake data.",
"request_id": "req_test_000000000123",
"doc_url": null,
"statusCode": 400
}| Status | type | When it happens |
|---|---|---|
400 | invalid_request | An unknown key in the body, a color that is not a valid hex string, a logo_url that is not an absolute https URL, or a token over its length limit. |
401 | unauthorized | Missing or invalid secret key, or a pk_* key was used. |
429 | rate_limited | More than 30 requests in a minute. Back off and retry. |
5xx | server_error | Transient server failure. Retry with bounded backoff. |
Public boundary
This reference covers partner-scoped endpoint behavior, authentication, and the branding tokens you can read and write. Internal theme storage, administrative routes, and unsupported availability claims are outside the public API contract.