# Settings & Configuration ![settings page](https://1296188560-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPhtayBZtqzlQ0pTHYlIS%2Fuploads%2Fgit-blob-9ef6d5f6378d60302281a646126c86ddeccaf2fe%2Fsettings-page.png?alt=media) The **Settings** page lets you configure your organization details, banking information, payment providers, identity verification integrations, crypto wallets, API access, custom domains, and account security. ## Organization Details * **Organization Name** — Your company or project name. This is displayed in the admin panel and used in communications. * **Reply-To Email** — The email address used as the reply-to address on all investor-facing emails (order confirmations, payment reminders, etc.). Emails are sent from Bitbond but replies go to this address. Click **Save** after making changes. ## Bank Details for Wire Transfers If you accept bank transfer payments, enter your banking information here. These details are shown to investors when they select Bank Transfer as their payment method during checkout. * **Bank Name** — The name of your bank (e.g., "Deutsche Bank"). * **Account Holder Name** — The name on the bank account (e.g., "Acme GmbH"). * **IBAN** — Your International Bank Account Number. * **BIC / SWIFT** — Your bank's BIC or SWIFT code. Click **Save** after making changes. Once bank details are configured, the Bank Transfer payment method becomes available when creating or editing offerings. ## Third-Party Integrations All sensitive API keys and secrets are encrypted with AES-256 before being stored. The Settings page shows the current configuration status for each integration — a green checkmark means the credential is configured, and a grey icon means it is not yet set up. ### Status Overview * Checkout.com Secret Key * Checkout.com Public Key * Checkout.com Webhook Secret * EVM xPub * Blockpass Client ID * Blockpass Webhook Secret * Sumsub App Token * Sumsub Secret Key * Custodian API Key (if enabled for on-chain custody) ### Payment Providers (Checkout.com) [Checkout.com](https://www.checkout.com) processes credit and debit card payments (Visa, Mastercard) for your offerings. * **Secret Key** (`sk_…`) — Your secret API key. Found under **Settings → Keys** in the Checkout.com Dashboard. * **Public Key** (`pk_…`) — Used to initialize the card payment widget on the investor checkout page. It’s safe to expose this on the frontend. * **Webhook Secret** — Used to verify incoming payment notification webhooks. Found under **Settings → Webhooks** in the Checkout.com Dashboard. To get started, create an account at [Checkout.com](https://www.checkout.com) and obtain your API keys. Click **Save** after entering or updating any credentials. ### KYC / Identity Verification You can choose one or both of the supported providers to verify investor identity before they can invest: #### Sumsub Sign up at [Sumsub](https://sumsub.com) and generate your credentials: * **Sumsub App Token** — Generated under **Developers → Integration** in the Sumsub dashboard. * **Sumsub Secret Key** — Generated alongside the App Token. Used to sign API requests and verify webhooks. #### Blockpass Sign up at [Blockpass](https://www.blockpass.org) and create a service: * **Blockpass Client ID** — Found in your Blockpass service dashboard. * **Blockpass Webhook Secret** — Set and copy this secret in your service’s webhook configuration. Click **Save** after entering or updating any credentials. ## Crypto Wallets Extended public keys (xPub) allow the system to generate unique deposit addresses for each investor without exposing private keys. The Offering Manager never holds or has access to your private keys. * **EVM xPub (HD Wallet)** — Export your xPub from your HD wallet (e.g., Ledger, Trezor, or any BIP-44 compatible wallet). This is used to derive unique Ethereum/EVM deposit addresses for stablecoin payments (USDC, USDT, etc.). Once an EVM xPub is configured, the Stablecoin payment method becomes available when creating or editing offerings. ## API Access The Offering Manager provides a public API for programmatic access to your tenant’s data and operations. * Click **Generate New API Key** to create a new API key. Note that this replaces any previously generated key — existing integrations using the old key will stop working. * The key is displayed once and cannot be retrieved again — copy it immediately and store it securely. * Use the key in the `Authorization` header of API requests. * Click **View API Documentation** to open the interactive OpenAPI reference at in a new tab. For more details, see API Overview. ## Custom Investor Domain By default, your investor-facing landing pages are accessible at a URL like ``` https://om.bitbond.com/invest/[subdomain]/[offering-slug] ``` You can point your own domain (e.g., `sto.acme.com`) to your investor portal instead. To set up a custom domain: 1. Enter your domain (e.g., `sto.acme.com`) in the **Custom Domain** field. 2. Click **Save Domain**. 3. Follow the DNS configuration instructions displayed on the page. Typically, you need to create a CNAME record pointing your domain to `om.bitbond.com`. 4. Once DNS propagates (which can take up to 24 hours), your investor pages will be accessible at your custom domain. To remove a custom domain, clear the field and click **Save Domain**. ### Setup Instructions 1. In your DNS provider, add a **CNAME record**: ``` sto.acme.com → om.bitbond.com ``` 2. **SSL (HTTPS):** We recommend routing your domain through [Cloudflare](https://cloudflare.com) (free plan). Enable the *Proxy* option (orange cloud) so Cloudflare handles SSL automatically — no certificate management needed on your side. 3. DNS propagation can take up to 24 hours. Once complete, your investor portal will be accessible at your custom domain. ## Change Password You can change your account password from the Settings page: 1. Enter your current password. 2. Enter a new password (minimum 8 characters). 3. Confirm the new password. 4. Click **Change Password**. ## Two-Factor Authentication (2FA) Two-factor authentication adds an extra layer of security to your account using a Time-based One-Time Password (TOTP) authenticator app (such as Google Authenticator, Authy, or 1Password). ### Enabling 2FA 1. Click **Set Up 2FA** in the Security section. 2. Scan the QR code with your authenticator app. 3. Enter the 6-digit code displayed by your authenticator app. 4. Click **Verify & Enable**. 5. Save the backup codes displayed — these are one-time-use codes you can use if you lose access to your authenticator app. Store them in a secure location. ### Disabling 2FA 1. Click **Disable 2FA**. 2. Enter a current 6-digit code from your authenticator app to confirm. 3. Click **Disable**. When 2FA is enabled, you will be prompted for a code from your authenticator app each time you log in, after entering your email and password.