Merchant APIs

Overview

Merchant APIs power core Pepay payment flows for merchants: invoices, token catalogs, settlement preferences, events, and webhooks. Use these endpoints from your backend or trusted server environment.

Authentication

Merchant APIs use a merchant-scoped API key:

Header: x-api-key: <merchant_key>
Keys are created in the Pepay Dashboard: https://pepay.io/sign-in
Keep keys server-side; never embed them in browser or mobile apps. Key management (create/list/revoke) is handled in the dashboard and is not part of the public API reference.

What belongs here

/api/v1/invoices/* for creating and managing invoices.
/api/v1/merchant/tokens* for token availability and search.
/api/v1/events/* and /api/v1/ws/token for realtime events.
Settlement and merchant settings under /api/v1/merchant/*.

Commerce APIs use x-commerce-api-key and live under /api/commerce/*.
Payor APIs use session headers (x-session-token, x-signature) for checkout UIs.

Next: Merchant invoices

Overview

API

Merchant

Tokens

Commerce

Payor

WebSockets

Webhooks

Merchant APIs

Overview

Authentication

What belongs here

Overview

API

Merchant

Tokens

Commerce

Payor

WebSockets

Webhooks

​Overview

​Authentication

​What belongs here

​Related APIs

Overview

Authentication

What belongs here

Related APIs