Merchant
Credits Dashboard
Manage your merchant integration settings
Used in the X-AC-Key header for all API requests.
Loading...β οΈ Old key remains valid for 1 hour after rotation.
Your USDC wallet address where payouts will be sent when approved. Supports Ethereum mainnet or Polygon (MATIC) network.
β οΈ Double-check this address before saving. Payouts sent to the wrong address cannot be recovered.
Sign JWTs with HS256 for silent SSO authentication. Include { phone: "+1...", iat, exp } claims. Max token age: 5 minutes.
No SSO secret configured. Generate one to enable silent SSO authentication.
AuthentiChain sends a signed POST request to this URL whenever a credit purchase is confirmed or refunded.
Developer Setup Instructions
Create a POST endpoint at your webhook URL
Your server must accept POST requests and respond with HTTP 200 within 5 seconds. AuthentiChain retries up to 3 times on failure.
Handle the event payload
AuthentiChain sends JSON with the following structure:
{
"event": "order.confirmed", // or "order.refunded"
"order_id": "uuid",
"external_order_id": "your-id", // if you passed one
"amount_credits": 100,
"amount_usd": "100.00",
"user_phone": "+15550001234",
"merchant_id": "uuid",
"timestamp": "2024-01-01T00:00:00Z"
}Verify the signature (strongly recommended)
Every request includes an X-AC-Signature header β an HMAC-SHA256 of the raw body signed with your API key. Verify it to prevent spoofed events:
// Node.js example
const crypto = require('crypto');
const sig = req.headers['x-ac-signature'];
const expected = crypto
.createHmac('sha256', process.env.AC_API_KEY)
.update(req.rawBody) // raw Buffer, not parsed JSON
.digest('hex');
if (sig !== expected) {
return res.status(401).send('Invalid signature');
}
// β Safe to process event
return res.status(200).send('ok');Handle duplicate deliveries
Store processed order_id values and skip re-processing if already handled. Retries can cause the same event to arrive more than once.
Host the checkout widget on your own domain (e.g. credits.yoursite.com) so customers never see an AuthentiChain URL.
Developer Setup Instructions
Choose your subdomain
Pick a subdomain on your domain, e.g. credits.yoursite.com or pay.yoursite.com. Avoid using the root domain.
Add a CNAME DNS record
In your DNS provider (Cloudflare, GoDaddy, Route53, etc.) add:
β± DNS changes can take up to 48 hours to propagate, though usually under 15 minutes.
Notify AuthentiChain to provision your SSL certificate
Once your CNAME is live, contact your AuthentiChain account manager with your subdomain. We'll provision a TLS certificate and configure the routing. This is a one-time step.
Update your widget embed to use the custom domain
Change the src of your iframe to point to your domain instead of the default portal URL:
// Before (default Vercel URL) src="https://authentichain-credits-portal.vercel.app/topup?mid=m_xxx" // After (custom domain β merchant's own) src="https://credits.yoursite.com/topup?mid=m_xxx"
The mid parameter stays the same β only the domain changes.
Custom domains require White Label tier. Contact your AuthentiChain account manager to enable this feature for your account.
Brand colors, logo, and visibility options for your checkout widget.
AuthentiChain controls all text. You can choose your brand colors, upload your logo, and hide optional messages β but all copy is managed by AuthentiChain to ensure regulatory compliance.
Brand Colors
Logo
SVG or PNG recommended. Appears above the checkout widget.
Header Layout
How the logo and tagline are arranged in the widget header.
Credits Product Name
Your brand name for the credits product. "Credits" is always appended.
Preview: "Lab Credits"
Show / Hide Optional Elements
Sub-headline (portal intro)
Phone step helper text
Admin copy: "We'll text you a code to confirm your identity."
OTP step helper text
Admin copy: "Code sent to β’β’β’-β’β’β’-XXXX"
"Secured by Stripe" note
Secured by Stripe Β· Your card will be saved for future top-ups
"1 credit = $1.00" footer
1 lab credit = $1.00 USD Β· Min $50 Β· Max $1,000
Live Preview
Lab Credits
We'll text you a code to confirm your identity.
Secured by Stripe
1 credit = $1.00 USD
Full API reference, integration guides, and SDK documentation.
π View API Docs β