Wishbone
Back to homePlatform

Built for bank procurement, school IT, and investor diligence.

Architecture overview, security posture, and interactive API reference — everything your team needs to evaluate the integration.

Bank-agnosticNot in the funds flowNo PCI storageMinimal PII
Architecture

Orchestration without coupling.

The bank never talks to the ticketing platform. The ticketing platform never talks to the bank. Wishbone speaks both languages.

1

Issuer Bank

your system

POST /v1/contributions

Wishbone

validates + records

2

Wishbone

orchestration

Priority credit instruction

School Ticketing Platform

credits patron account

3

School Platform

confirms

Signed webhook

Wishbone → Issuer

fires signed webhook back to bank

4

Issuer Bank

funds flow

Direct ACH credit

University

athletic foundation receives

“The bank never talks to the ticketing platform. The ticketing platform never talks to the bank. Wishbone speaks both languages.”

Security posture

Designed for the requirements your security team will ask about.

Encryption in transit and at rest

All data is encrypted end-to-end using TLS 1.3 in transit and AES-256 at rest. Per-school platform configurations are stored encrypted.

HMAC-SHA256 signed webhooks

Every outbound webhook carries an HMAC-SHA256 signature. Issuers verify on receipt; unverified payloads are rejected.

Exponential backoff & dead-letter handling

Failed deliveries retry with exponential backoff. After exhausting retries, events land in a dead-letter queue for investigation — nothing silently drops.

Per-attempt delivery logging

Every delivery attempt is logged with timestamp, response code, and latency. Full audit trail available for compliance review.

Idempotent webhook deduplication

Idempotency keys prevent double-processing. Replayed or duplicated webhooks are deduplicated before they affect state.

Role-based access enforcement

Access is scoped to role and school. No cross-tenant data access. Tokens are short-lived and rotated on a defined schedule.

Input validation hardening

All inbound data is validated against strict schemas at the API boundary. Malformed or unexpected payloads are rejected before processing.

Live health-check gate

A live health check against each school's ticketing platform must pass before any school goes live. No silent failures at launch.

Integration reference

Walk through the full flow.

Three scenarios — redemption request, school ticketing push, and signed webhook delivery — fully client-side. Works with network disabled.

RequestPOST /v1/contributions
{
  "idempotency_key": "idem_7f3a9c",
  "issuer_id": "iss_lowndes_bank",
  "cardholder_token": "ch_tok_94k2...",
  "school_id": "sch_sidney_tech",
  "points_redeemed": 5000,
  "cash_value": {
    "amount": 5000,
    "currency": "USD",
    "unit": "cents"
  }
}

Simulated responses for illustration. Sandbox access available to partners.

Get access

Request sandbox access.

Sandbox credentials and full API documentation are available to launch partners. Tell us about your program.

No commitment required. We'll follow up within 48 hours.

Are you an alumni or fan? Join the waitlist →