Overview
The FriiMe Activation Code URL Request API allows approved partners to request a signed activation deeplink to onboard their users into the FriiMe app.
What you get back
A deeplink of the form:
https://friiworld.com/app?redirect_to=...
A deeplink of the form:
https://friiworld.com/app?redirect_to=...
Key constraints
Expires in 30 mins One-time use On-chain verified
Expires in 30 mins One-time use On-chain verified
Base URL
https://portal.friiworld.comAuthentication
All requests must include a Frii-issued API key as a Bearer token.
| Header | Value |
|---|---|
Authorization |
Bearer YOUR_FRIIME_API_KEY |
Content-Type |
application/json |
Example
Authorization: Bearer YOUR_FRIIME_API_KEY
Content-Type: application/jsonXRPL Prefund Requirement
Partners must send at least 1 XRP on XRPL before requesting an activation deeplink. The API will verify the transaction on-chain.
| Requirement | Value |
|---|---|
| Minimum amount | 1 XRP (or more) |
| Destination account | rPxkAbUo4eTS3W3FCLb2NxaJJrh2aQko2T |
| Sender account | The partner XRPL account (must match r_address) |
Send the prefund, then submit its
tx_hash and sender r_address.
Endpoint
| Method | Path |
|---|---|
| POST | /api/friime/generate_activation_code |
Full URL
https://portal.friiworld.com/api/friime/generate_activation_codeRequest
JSON Body
{
"r_address": "rXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"tx_hash": "ABC123DEF456...",
"aff_user_id": "partner_user_12345"
}Field Definitions
| Field | Type | Required | Description |
|---|---|---|---|
r_address |
string | Yes | XRPL account that sent the prefund transaction (must match on-chain sender). |
tx_hash |
string | Yes | Transaction hash of the prefund payment (≥ 1 XRP to Frii’s prefund account). |
aff_user_id |
string | Yes | Partner’s internal user ID (stored by FriiMe for partner lookups). |
Rules
| Rule | Description |
|---|---|
| Expiry | Activation deeplinks expire after 30 minutes. |
| One-time use | Each activation code can be consumed once. |
| tx_hash uniqueness | The provided tx_hash can be used for only one user activation. |
| Renewal | If the code expires unused, you may re-submit to generate a replacement (30 mins). |
cURL Example
curl -X POST "https://portal.friiworld.com/api/friime/generate_activation_code" \
-H "Authorization: Bearer YOUR_FRIIME_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"r_address": "rXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"tx_hash": "ABC123DEF456...",
"aff_user_id": "partner_user_12345"
}'Response
Success (HTTP 200)
{
"status": "OK",
"message": "",
"data": {
"deeplink": "https://friiworld.com/app?redirect_to=https%3A%2F%2Fportal.friiworld.com%2F...",
"aff_user_id": "partner_user_12345",
"expires_at": "2025-01-16 12:30:00"
},
"success": true
}Response Fields
| Field | Description |
|---|---|
data.deeplink | Signed activation URL to open the FriiMe activation flow. |
data.aff_user_id | Echo of the partner user identifier you submitted. |
data.expires_at | Expiry timestamp (30 minutes after issuance). |
success | true if issuance succeeded. |
Errors
Invalid or Missing Bearer Token (HTTP 401)
{
"message": "Unauthenticated."
}Activation Code Already Used
{
"success": false,
"status": "failed",
"error_code": "CODE_USED",
"message": "This activation code has already been used",
"errors": [],
"user_errors": null
}Transaction Not Found / Verification Failed
{
"success": false,
"status": "failed",
"error_code": "ACCOUNT_VERIFICATION_FAILED",
"message": "Account verifaction error",
"errors": [],
"user_errors": null
}Account Address Does Not Match Transaction
{
"success": false,
"status": "failed",
"error_code": "HASH_CHECK_FAILED",
"message": "Account address does not match transaction",
"errors": [],
"user_errors": null
}No Matching Record (Renewal Attempt)
{
"success": false,
"status": "failed",
"error_code": "NO_RECORD",
"message": "No record was found matching this address and tx hash.",
"errors": [],
"user_errors": null
}Typical Integration Flow
- Partner sends ≥ 1 XRP to
rPxkAbUo4eTS3W3FCLb2NxaJJrh2aQko2T. - Partner captures the
tx_hashand senderr_address. - Partner calls
/api/friime/generate_activation_codewith JSON payload. - Frii verifies the XRPL transaction and issues a signed activation deeplink.
- Partner redirects the user to
data.deeplink. - User completes onboarding inside the FriiMe app.
Security Notes
- Activation codes are cryptographically strong and time-limited.
- Activation URLs are signed to reduce tampering risk.
- Prefund transactions are verified on XRPL (sender, destination, and amount ≥ 1 XRP).
Note: The API key should be treated as a secret and stored securely (e.g., server-side only).