Authentication

Tokens

Token
Used for
Where to use

Merchant API token

Server-to-server operations

Authorization: Bearer <MERCHANT_API_TOKEN>

Payment session token

Session-scoped operations (e.g., connect wallet, funding tx)

Authorization: Bearer <paymentSessionToken>

Never expose your merchant API token in client-side code.

Idempotency

Certain endpoints accept a requestId to make retries safe. Reusing the same requestId will not duplicate the operation.

  • Provided on: Create payment session, Create capture

  • Format: any unique string (UUID recommended)

PreviousCore Concepts DefinedNextPayment Lifecycle