localStorage on this domain only — they do not leave your browser until you click a Fire button. If your browser blocks live calls (CORS), each runner falls back to a pre-filled curl you can paste into a terminal. Need a fresh JWT? Sign in to the widget as your test trader and copy the Authorization header from any GraphQL request in DevTools → Network.
X-Dev-Secret header; the service-side check rejects when config.exchange is not VAKOTEST or doesn't contain UAT. Production never executes these.Open the QA Helper Console above, fill in 3 fields, then drive the lifecycle.
API base URL, your Trader JWT, and the dev secret. Click Save. Values persist in your browser.COMPLETED and Fire. Pushes the webhook to Alfred — customer transitions to COMPLETED + your widget unblocks.session_id. Fire emit-onramp or emit-offramp with that ID. Watch the balance change.Authorization header from any GraphQL request. It's a Bearer token; paste it (without the "Bearer " prefix) into the QA console.The /psp/alfred/__dev/* route paths. Same paths as before — a backend refactor moved them to a new controller but kept the URLs.
| Endpoint | Purpose | Output |
|---|---|---|
POST /__dev/provision-customer | Run EnsureAlfredCustomerOperation for caller | Customer object incl. customerId. |
POST /__dev/seed-kyc-and-provision?country=XX | Pre-fill KYC fields per country preset, then provision | Fresh customer + seeded fields. |
POST /__dev/approve-kyc | Push KYC COMPLETED webhook to Alfred (convenience alias) | Customer transitions to COMPLETED. |
POST /__dev/emit-onramp | Simulate full ONRAMP webhook chain | 4 events fired → DepositManualCreateJob. |
POST /__dev/emit-offramp | Simulate OFFRAMP success/failure chain | WithdrawalComplete/Reject job dispatched. |
GET /__dev/statuses | List allowed status values | For dropdown population in dev tooling. |
POST /__dev/emit-kyc-status | Push an arbitrary KYC status (incl. UPDATE_REQUIRED) to Alfred using the live submissionId | Wraps the raw POST /webhooks helper. Resolves customerId + submissionId server-side. |
Click a card to expand its Feature Breakdown. Fire live (or copy the curl). Each runner uses the config from the console above.
POST /psp/alfred/__dev/emit-kyc-status resolves your customerId + live submissionId server-side and pushes the synthetic KYC webhook to Alfred, which fans it back and updates alfred_kyc_status through the production code path.CREATED, IN_REVIEW, COMPLETED, FAILED, UPDATE_REQUIRED.approve-kyc. The old approve-kyc card had a Fire button but no status picker — it is just a convenience alias for "push COMPLETED". Use this runner with the dropdown for everything.POST /psp/alfred/__dev/emit-kyc-status Authorization: Bearer <trader JWT> X-Dev-Secret: <dev secret> { "status": "UPDATE_REQUIRED" } → 200 { customerId, submissionId, status, alfred: { message: "success" } }
AR · MX · BR · CO · CL · PE · DO · BO · PY · US · CN · HK.{"first_name":"Custom"}).tax_id, type_document_col) left from previous seeds.alfred_customer_id + cached submission so each call starts clean.EnsureAlfredCustomerOperation as production.POST /psp/alfred/__dev/seed-kyc-and-provision?country=BR Authorization: Bearer <trader JWT> X-Dev-Secret: <dev secret> { "document_number": "12345678909" } # optional overrides → 200 { ok: true, country: "BR", seeded: {…}, customer: {…} }
kyc_status=approved + the required country/address fields, but alfred_customer_id hasn't been created yet — this endpoint runs EnsureAlfredCustomerOperation identically to the real kyc_approved event listener.customerId persisted to users_properties).POST /psp/alfred/__dev/provision-customer Authorization: Bearer <trader JWT> X-Dev-Secret: <dev secret> → 200 { ok: true, kyc_type: "individual", customer: { customerId, statusKyc, country } }
approve-kyc is just a one-shot "push KYC COMPLETED". The KYC status runner above supersedes it (pick COMPLETED there). Listed here for completeness.submissionId from Redis (cached at submit-text time).POST /webhooks { referenceId: submissionId, eventType: "KYC", status: "COMPLETED" }.POST /psp/alfred/webhook handler with a real HMAC signature — so the kyc-property alfred_kyc_status is updated through the production code path.statusKyc: "COMPLETED" on Alfred's side AND alfred_kyc_status: "APPROVED" on ours.POST /psp/alfred/__dev/approve-kyc Authorization: Bearer <trader JWT> X-Dev-Secret: <dev secret> → 200 { user_id, customerId, submissionId, alfred: { message: "success" } }
scenario: "success" walks: FIAT_DEPOSIT_RECEIVED → TRADE_COMPLETED → ON_CHAIN_INITIATED → ON_CHAIN_COMPLETED. Final event triggers DepositManualCreateJob and credits USDT.scenario: "failure" fires a single FAILED event with failureReason: "QA_SIMULATED_FAILURE". Widget should show the failed-step marker on the last good status.POST /psp/alfred/session) and must have transactionId (created via POST /psp/alfred/initiate-deposit).traderId from JWT must match session.user_id or Alfred returns ALFRED_DEV_SESSION_NOT_OWNED.POST /psp/alfred/__dev/emit-onramp Authorization: Bearer <trader JWT> { "session_id": "<…>", "scenario": "success" } → 200 { fired: [ "FIAT_DEPOSIT_RECEIVED", "TRADE_COMPLETED", "ON_CHAIN_INITIATED", "ON_CHAIN_COMPLETED" ] }
scenario: "success" emits FIAT_TRANSFER_COMPLETED → setWithdrawalStatus({ status: completed }) → enqueues WithdrawalCompleteJob. Payment moves to completed.scenario: "failure" emits FAILED with reason → setWithdrawalStatus({ status: rejected }) → enqueues WithdrawalRejectJob. Payment moves to rejected and the user's balance is restored.POST /psp/alfred/__dev/emit-offramp Authorization: Bearer <trader JWT> { "session_id": "<…>", "scenario": "failure" } → 200 { fired: ["FAILED"], setWithdrawalStatus: "rejected" }