Administration
The Administration section is intended for approved PSPs, VASPs, and local infrastructure partners that support the operation of Tyltโs Philippines PHP rail.
These partners provide the underlying local payment, disbursement, conversion, settlement, or liquidity infrastructure required to process PHP pay-ins and pay-outs. Tylt uses this infrastructure to make the Philippines PHP rail available to approved merchants through the Tylt platform, API, dashboard, and ledger systems.
Access to the administration APIs is restricted. Only authorized partner-side actors may use these endpoints.
Partner Role
The Philippines PHP rail is operated through a partner-enabled model.
Depending on the agreed configuration, the PSP / VASP partner may support one or more of the following functions:
PHP pay-in collection
Receiving or processing PHP payments through supported local payment methods.
PHP pay-out disbursement
Processing PHP disbursements to end recipients through supported local payment rails.
Fiat-to-crypto conversion
Converting PHP value into USDT or another supported settlement asset, where applicable.
Crypto-to-fiat conversion
Converting USDT or another supported settlement asset into PHP for pay-outs, where applicable.
Rate administration
Setting or updating the PHP/USDT conversion rate used for transaction creation.
Settlement support
Supporting settlement, reconciliation, and balance confirmation between the partner and Tylt.
Status reporting
Providing transaction status updates required for merchant-facing reconciliation.
The exact responsibilities of each partner depend on the commercial, operational, and regulatory arrangement agreed with Tylt.
Administration APIs
Approved administration actors may be provided access to the following APIs:
Set PSMD Rate
Allows the authorized rate actor to set or update the PHP/USDT conversion rate.
Get PSMD Rate History
Allows the authorized rate actor to retrieve historical rate insertions and updates.
These APIs are restricted and require partner-level authorization. Unauthorized API requests will be rejected.
Authentication
Administration API requests must be authenticated using Tylt-issued API credentials.
Each request must include:
X-TLP-APIKEY
API key issued by Tylt to the authorized partner or rate actor.
X-TLP-SIGNATURE
HMAC SHA-256 signature generated using the API secret and the applicable request payload.
API secrets must be stored securely and must not be exposed in frontend applications, public repositories, shared documents, or unsecured communication channels.
Tylt may revoke or rotate API credentials where required for operational, security, compliance, or contractual reasons.
Last updated