search

Parent Platforms

hashtag
Setting up a Parent Platform

For businesses that facilitate other businesses in accepting bitcoin.

To integrate your business as a Parent Platform:

hashtag
Adding payments

post

Adds a new payment to Branta. Expires after ttl seconds.

HMAC Authentication: When the API key has a parent platform, HMAC validation is required. The HMAC signature is computed as follows:

  1. Create a message string: {METHOD}|{URL}|{BODY}|{TIMESTAMP}

  2. Generate HMAC-SHA256 signature using the parent platform's API secret

  3. Include the signature in the X-HMAC-Signature header

  4. Include the timestamp in the X-HMAC-Timestamp header

The timestamp must be within 30 minutes of the current time to prevent replay attacks.

Header parameters
AuthorizationstringRequired

Authorization header with Bearer token is required to authorize the request. Format: Bearer {your_api_key}. This API key is unique to each client and must be included in the header of every request. Failure to provide a valid API key will result in an unauthorized error.

Keep your API key confidential.

X-HMAC-Timestampstring · int64Required

Unix timestamp in seconds. Must be within 30 minutes of the current time to prevent replay attacks.

X-HMAC-SignaturestringRequired

HMAC-SHA256 signature of the request. The signature is computed using the parent platform's API secret and includes the HTTP method, URL, request body, and timestamp.

Body
Responses
chevron-right
201

Payment created successfully

No content
post
/payments
No content

hashtag
Scoping an API Key to a Parent Platform

If you're a business running bitcoin through on of Branta's Platform partners, you can select that Partner when creating your API key.

PreviousKey RotationNextSDK

Last updated