Skip to main content
The Card Partners API lets you issue virtual cards, manage users, fund and withdraw from cards, and track transactions — all through a single integration.

Base URL

https://services-staging.bitmama.io/api

Core Concepts

Partner Isolation

Every API call is scoped to your partner account. You can only access users, cards, and transactions that belong to you. This isolation is enforced at the API layer — no cross-partner data access is possible.

Service IDs

Resources are identified by service IDs rather than internal database IDs:
ResourceFormatExample
User{slug}-rain-user-{uid}acme-rain-user-abc123def456ghi
Card{slug}-rain-card-{uid}acme-rain-card-xyz789jkl012mno
Transaction{slug}-rain-card-transactions-{uid}acme-rain-card-transactions-pqr345
Use these IDs in all API calls and store them on your end for reference.

Idempotency

All mutating endpoints (POST, DELETE) require an idempotency-key header to prevent duplicate operations: 
idempotency-key: 550e8400-e29b-41d4-a716-446655440000
If you retry a request with the same idempotency key and body, the API returns a 400 error indicating the key was already used. Keys expire after 5 minutes.

Response Format

All responses follow the same shape:
Success
{
  "status": "success",
  "message": "Operation completed",
  "data": { }
}
Error
{
  "status": "error",
  "message": "ERROR_CODE",
  "data": {
    "error": "Human-readable error description"
  }
}

Integration Flow

1

Get your API key

Obtain your API key (prefixed sk_staging_ or sk_live_) from your partner dashboard.
2

Configure webhooks

Set your webhook URL via Set Webhook to receive event notifications.
3

Create users

Create users via the Create User endpoint. Users go through Persona KYC verification.
4

Issue cards

Once a user is KYC-approved, create a card for them.
5

Fund and manage

Fund cards, withdraw, freeze/unfreeze, and track transactions.