Base URL
Core Concepts
Partner Isolation
Every API call is scoped to your partner account. You can only access users, cards, and transactions that belong to you. This isolation is enforced at the API layer — no cross-partner data access is possible.Service IDs
Resources are identified by service IDs rather than internal database IDs:| Resource | Format | Example |
|---|---|---|
| User | {slug}-rain-user-{uid} | acme-rain-user-abc123def456ghi |
| Card | {slug}-rain-card-{uid} | acme-rain-card-xyz789jkl012mno |
| Transaction | {slug}-rain-card-transactions-{uid} | acme-rain-card-transactions-pqr345 |
Idempotency
All mutating endpoints (POST, DELETE) require anidempotency-key header to prevent duplicate operations:
400 error indicating the key was already used. Keys expire after 5 minutes.
Response Format
All responses follow the same shape:Success
Error
Integration Flow
Get your API key
Obtain your API key (prefixed
sk_staging_ or sk_live_) from your partner dashboard.Configure webhooks
Set your webhook URL via Set Webhook to receive event notifications.
Create users
Create users via the Create User endpoint. Users go through Persona KYC verification.
Issue cards
Once a user is KYC-approved, create a card for them.
Fund and manage