# Changelog ## March 2026 ### 31 March * Consolidated Client Credentials Token and User Tokens into a single [OAuth Token](/api-reference/oauth-token) endpoint ### 30 March * Updated [Auth and Security guide](/guides/developer/auth-and-security) * New [OAuth 2.0 setup guide](/guides/developer/auth-and-security/oauth-2-setup) * New [Client credentials tokens guide](/guides/developer/auth-and-security/client-credentials-token) * New [User access tokens guide](/guides/developer/auth-and-security/user-access-token) * New [Refresh tokens guide](/guides/developer/auth-and-security/refresh-tokens) ### 26 March * Rename `Push Provisioning` api reference section to `Digital Wallet` * Update [digital wallet guide](/guides/product/issue-cards/card-digital-wallet) * Add [payment token activation endpoint](/api-reference/digital-wallet/digitalwalletactivatepaymenttoken) to activate a card payment token for manual provisioning * Add [cards#manual-provisioning-verification](/guides/developer/webhooks/event-types#cards-manual-provisioning-verification) webhook ### 18 March * Add new [Event Ordering](/guides/developer/webhooks/event-ordering) guide. Webhook events may not be delivered in the order they occurred — this guide explains how to use ordering fields to reconcile the correct sequence. * Add schema version `4.0.0` for all [webhook event types](/guides/developer/webhooks/event-types). This version provides consistent millisecond-precision timestamps across all events, making it easier to determine event order. We recommend updating your [subscriptions](/api-reference/webhook) to use `4.0.0` to order events reliably. ### 12 March * Add [guide](/guides/developer/headers/correlation-id) for `X-External-Correlation-Id` header usage * Update error codes for [verify PIN](/api-reference/strong-customer-authentication/scapinverify) and [verify device fingerprint](/api-reference/strong-customer-authentication/scadevicefingerprintverify) endpoints ### 9 March * Add [relayed authorisation guide](/guides/product/issue-cards/relayed-authorisation) to card issuance * Update [card transaction api](/api-reference/card-transaction) to include relayed authorisation data * Update [card transaction webhook](/guides/developer/webhooks/event-types#cards-transaction-state-change) to include relayed authorisation data ### 3 March * Add fees and previous instructing agent in [swift-in simulation endpoint](/guides/product/receive-money/test-and-go-live) ## February 2026 ### 26 February * Add details for submitting Tax Residency Kyc Requirement [KYC Requirement Submit](/api-reference/kyc-review/kycreviewrequirementsubmit) ### 20 February * Adds support for providing the following on originators of third-party transfers * `nationality`: for `PRIVATE` originators * `businessRegistrationDate`: for `BUSINESS` originators ## January 2026 ### 15 January * Multiple ID fields are now explicitly documented as `int64` (64-bit integer). Please ensure your integration stores these IDs using the appropriate 64-bit type (e.g., Long in Java, BIGINT in SQL). Key fields to note: - transfer ID - approaching the `int32` upper bound - recipient ID - approaching the `int32` upper bound - card transaction ID - past the `int32` upper bound - user ID - profile ID - balance ID - See [detailed data type changelog](/changelog/int64-changes) for all updated fields and endpoints.