# Settings & Configuration ![settings page](/files/LmxsOzz8cKQxYb081wtz) The **Settings** page lets you configure your organization details, banking information, payment providers, identity verification integrations, crypto wallets, custody providers, API access, webhooks, custom domains, and legal agreements. ## Organization Details * **Organization Name** — Your company or project name. This is displayed in the admin panel and used in communications. * **Reply-To Email** — The email address used as the reply-to address on all investor-facing emails (order confirmations, payment reminders, etc.). Emails are sent from Bitbond but replies go to this address. * **Invest Page Subdomain** — The slug for your public **Invest Page** URLs (e.g. `acme-gmbh`). * **Discoverable** — When enabled, your offerings are listed on the global directory of public offerings; when disabled, only investors with a direct link can access your **Invest Page**. If you disable discoverability while you have published offerings, a notice will remind you that those offerings will be hidden from the directory. Click **Save** after making changes. *** ## Integrations The **Integrations** section covers all payment rails, KYC/KYB providers, crypto wallet configuration, and investor custody settings. ### Bank Accounts for Wire Transfers If you accept bank transfer payments, add one or more company bank accounts here. The platform supports three account kinds, so you can collect investor wires in their local currency: * **SEPA (Europe)** — IBAN + BIC, typically denominated in EUR. * **United States** — ACH routing (9 digits), optional wire routing, account number, and account type (checking/savings), typically denominated in USD. * **United Kingdom** — Sort code (`12-34-56`) + 8-digit account number, typically denominated in GBP. You may also store an IBAN/BIC on the same record so the account doubles as a SEPA fallback. For each account you can set: * **Label** — A short internal name (e.g. “Main EUR account”). * **Currency** — The 3-letter ISO currency code; investor offerings denominated in this currency are routed to this account. * **Primary** — Exactly one account may be marked primary. The primary account is used as a fallback when no account matches an offering’s currency. * **Bank name/address** and **Beneficiary address** — Optional, shown to investors on the wire‐instructions screen and in confirmation/reminder emails. #### How investors are routed 1. Match the offering’s `base_currency` to a bank account `currency` (case-insensitive). 2. If no exact match exists, fall back to the **primary** account. 3. If no match and no primary is configured, the order is rejected at checkout. Add at least one account to enable the **Bank Transfer** payment method when creating or editing offerings. #### Migration from legacy single-account fields Tenants who previously had a single SEPA IBAN/BIC configured at the tenant level are automatically migrated to a primary SEPA bank account on first deploy of this feature. The legacy fields remain readable on the API for one release for backwards compatibility but are no longer editable from the UI — manage all bank accounts from this section instead. *** ### Payment Providers #### Card Payments ([Checkout.com](https://www.checkout.com)) \[Checkout.com] processes credit and debit card payments (Visa, Mastercard) for your offerings. Configure: * **Secret Key** (`sk_…`) — Your secret API key. Found under **Settings → Keys** in the Checkout.com Dashboard. * **Public Key** (`pk_…`) — Used to initialize the card payment widget on the investor checkout page. It’s safe to expose this on the frontend. * **Webhook Secret** — Used to verify incoming payment notification webhooks. Found under **Settings → Webhooks** in the Checkout.com Dashboard. * **Processing Channel ID** — Optional channel identifier for routing transactions within Checkout.com. Found under **Settings → Processing Channels** in your Checkout.com Dashboard. #### Crypto Payments ([Coinbase Commerce](https://www.coinbase.com/commerce)) \[Coinbase Commerce] is our recommended hosted PSP for accepting crypto payments. You can choose to keep proceeds as cryptocurrency or settle to fiat manually. * **Coinbase Commerce API Key** — Found under **API keys** in your Coinbase Commerce dashboard. * **Coinbase Commerce Webhook Secret** — Used to verify incoming webhooks. Set this under **Webhook subscriptions** in the Coinbase Commerce dashboard. * **Accepted Assets** — A comma-separated list of asset symbols (e.g. `USDC, USDT`). * **Accepted Chains** — A comma-separated list of blockchain names for hosted checkout (e.g. `ethereum, polygon`). * **Settlement Preference** — Choose `keep_crypto` or `cashout_manual` to control how Coinbase settles proceeds. *** ### Stablecoin Payments (Direct On-Chain) Extended public keys (xPub) allow the system to generate unique deposit addresses for each investor without exposing private keys. The Offering Manager never holds or has access to your private keys. * **EVM xPub (HD Wallet)** — Export your xPub from your HD wallet (e.g., Ledger, Trezor, or any BIP-44 compatible wallet). This is used to derive unique Ethereum/EVM deposit addresses for stablecoin payments (USDC, USDT, etc.). Once an EVM xPub is configured, the direct **Stablecoin** payment method becomes available when creating or editing offerings. *** ### KYC / Identity Verification You can choose one or both supported providers to verify investor identity before they can invest: #### Sumsub Sign up at \[Sumsub] and generate your credentials: * **App Token** — Generated under **Developers → Integration** in the Sumsub dashboard. * **Secret Key** — Generated alongside the App Token. Used to sign API requests and verify webhooks. * **Webhook Secret** — Copy or generate this in your Sumsub **Webhook settings** to validate incoming notifications. * **KYC Level** — Select the verification level (e.g. `basic`, `enhanced`). * **KYB Level** — If you perform business verification, select the appropriate level. #### Blockpass Sign up at \[Blockpass] and create a service: * **Client ID** — Found in your Blockpass service dashboard. * **Webhook Secret** — Set and copy this secret in your service’s webhook configuration. Click **Save** after entering or updating any credentials. *** ### Investor Custody You can require investors to bring their own wallet (BYO), let them choose, or provision a custodial wallet via a supported custody provider. Select your provider under **Custody Provider**, then configure credentials for Tangany or Fireblocks. #### Tangany Link: [Tangany](https://tangany.com) Tangany is a custodial solution for EVM-compatible chains and stablecoins. * **Custody Provider** — Select **Tangany** to enable custodial wallets. * **Default Investor Wallet Policy** — Choose one of: * `byo_only` — Investor must use their own wallet. * `investor_choice` — Investor may select BYO or custodial. * `custodial_only` — A custodial wallet is provisioned for the investor. * **Tangany Subscription** — Your Tangany subscription ID. * **API Base URL** — Your Tangany API base endpoint (e.g. `https://api.tangany.com`). * **Auth Base URL** — Your Tangany authentication endpoint. * **Client ID** & **Client Secret** — Credentials from your Tangany dashboard. * **Wallet Label Template** — A naming template for custodial wallets (e.g. `{{ investor.email }}`). #### Fireblocks Fireblocks provides multi-chain custody across EVM, Solana, Stellar, and XRPL. * **Custody Provider** — Select **Fireblocks** to enable Fireblocks vault provisioning. * **Default Investor Wallet Policy** — Same options as Tangany (`byo_only`, `investor_choice`, `custodial_only`). * **Fireblocks API Key** — Your public API key from the Fireblocks dashboard. * **Fireblocks Private Key (PEM)** — The private key in PEM format associated with your API key. * **Fireblocks API Base URL** — The base endpoint for Fireblocks API calls. * **Vault Name Template** — A naming template for newly created vault accounts (e.g. `Investor-{{ investor.id }}`). * **Asset ID Overrides** — Optional per-chain asset identifiers. Supported families: `evm`, `stellar`, `solana`, `xrpl`. Leave blank to use built-in defaults. Click **Save** after entering or updating any custody credentials. *** ## API Access Generate an API key for programmatic access to your offerings, orders, investors, bank accounts, and settings. API access is available on the **Enterprise** plan. * Click **Generate API Key** to create or rotate your key. Note that rotation invalidates the previous key immediately. * The key is displayed only once — copy it immediately and store it securely. * Use the key in the `Authorization` header (`Bearer `) of API requests. * Visit for the interactive OpenAPI reference. * For an overview of endpoints and usage examples, see [API Overview](https://github.com/bitbond/offering-manager-docs/blob/main/offering-manager/offering-manager/api-overview.md). If you’d like to upgrade to Enterprise for full programmatic control, please contact sales: . *** ## Webhooks & Event Subscriptions Use the **Webhooks** section to configure outbound callbacks for platform events (orders, payments, KYC updates, etc.): 1. Add one or more webhook endpoints. 2. Subscribe to the events you want to receive (e.g. `order.created`, `investor.kyc.completed`). 3. Provide a signing secret to validate incoming webhook deliveries. 4. Click **Save** to register your endpoint. If any recent deliveries have failed, a **Webhook Health Alert** will appear, showing failure details and timestamps. Investigate and retry as needed. *** ## Custom Investor Domain By default, your **Invest Page** is hosted at: ``` https://om.bitbond.com/invest/[subdomain]/[offering-slug] ``` To use your own domain (e.g. `sto.acme.com`), a **Professional** plan is required. 1. Enter your custom domain (e.g. `sto.acme.com`) in the **Custom Domain** field. 2. Click **Save Domain**. 3. Follow the DNS configuration instructions: * Create a CNAME record pointing your domain to `om.bitbond.com`. * (Optional) Route through [Cloudflare](https://cloudflare.com) with the Proxy/SSL feature enabled. 4. Wait for DNS propagation (up to 24 hours). To remove the custom domain, clear the field and click **Save Domain**. To upgrade from the Free plan to Professional, visit the [Billing](https://github.com/bitbond/offering-manager-docs/blob/main/admin/billing/README.md) area. *** ## Data Processing Agreement (DPA) The **Data Processing Agreement** section shows your acceptance status for the current GDPR-compliant DPA. * If **accepted**, you’ll see the date, version, and who accepted it. * If the accepted version is outdated, you’ll be prompted to re-accept the current DPA. * Click **View accepted DPA** to read the text you previously accepted. * If **not yet accepted**, contact your Bitbond representative or support to complete the acceptance flow. Ensure a current DPA is in place before collecting personal data from investors. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bitbond.com/asset-tokenization-suite/offering-manager/settings-and-configuration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.