100pay.js
@100pay-hq/100pay.js is the official TypeScript SDK for server-side 100Pay integrations. Use it to verify payments, manage subaccounts, transfer assets, convert currencies, execute bank transfers, and implement OAuth — with full type safety.
This SDK is for server-side use only. It requires your Secret API Key, which must never be exposed in a browser or client-side code.
Installation
npm
npm install @100pay-hq/100pay.jsInitialization
import { Pay100 } from "@100pay-hq/100pay.js";
const client = new Pay100({
publicKey: "your_public_key",
secretKey: "your_secret_key", // Required for server-side operations
});Configuration
| Field | Type | Required | Description |
|---|---|---|---|
publicKey | string | — | Your 100Pay Public API Key |
secretKey | string | — | Your 100Pay Secret API Key — required for signing requests |
baseUrl | string | — | Override API base URL. Defaults to https://api.100pay.co |
Available Namespaces
| Namespace | Description | Guide |
|---|---|---|
client.verify() | Verify a payment transaction | Verify Payments |
client.subaccounts.create() | Create crypto wallets for customers | Subaccounts |
client.conversion.preview() | Preview currency conversion rates & fees | Currency Conversion |
client.transfer.executeTransfer() | Transfer assets (internal or onchain) | Asset Transfers |
client.transfer.getHistory() | Paginated transfer history | Asset Transfers |
client.transfer.calculateFee() | Calculate transfer fees | Asset Transfers |
client.wallet.getSupportedWallets() | List all supported wallet configurations | Wallets |
client.wallet.getBalance() | Get balance per symbol or all currencies, with optional conversion | Wallets |
client.bankTransfer.getBankList() | Retrieve supported banks | Bank Transfers |
client.bankTransfer.verifyBank() | Verify a bank account | Verify Account |
client.bankTransfer.transfer() | Execute a bank transfer | Execute Transfer |
client.oauth.registerApp() | Register an OAuth app | OAuth 2.0 |
client.oauth.getAuthorizationUrl() | Get OAuth authorization URL | OAuth 2.0 |
client.oauth.exchangeCodeForToken() | Exchange code for access token | OAuth 2.0 |
client.oauth.getUserInfo() | Get user info via OAuth token | OAuth 2.0 |
client.oauth.getAppInfo() | Get app info via OAuth token | OAuth 2.0 |
client.oauth.revokeToken() | Revoke an OAuth token | OAuth 2.0 |
client.request<T>() | Generic authenticated API call | — |
Request Signing
All server-side requests are automatically signed with HMAC SHA-256:
- A
timestampis generated per request - The signature is computed from
timestamp + JSON.stringify(payload)using your secret key x-timestampandx-signatureheaders are added automatically, preventing replay attacks
Error Handling
import { Pay100, PaymentVerificationError } from "@100pay-hq/100pay.js";
try {
const result = await client.verify("tx_123");
} catch (error) {
if (error instanceof PaymentVerificationError) {
console.error("Verification failed:", error.message);
} else if (error instanceof Error) {
console.error("API error:", error.message);
}
}TypeScript Exports
All types are exported from the package:
import {
Pay100,
PaymentVerificationError,
IVerifyResponse,
ITransactionData,
CreateSubAccountData,
CreateSubAccountResponse,
Account,
AccountDetails,
CurrencyConversionPayload,
CurrencyConversionResult,
EnhancedConversionResponse,
ITransferAssetData,
ITransferAssetResponse,
ITransferHistoryParams,
ITransferHistoryResponse,
ITransferHistoryItem,
ITransferFeeParams,
ITransferFeeResponse,
ISupportedWalletResponse,
IBankListResponse,
IBankTransferData,
IBankTransferResponse,
IVerifyBankData,
IVerifyBankResponse,
IOAuthApp,
ITokenData,
IUserInfo,
IAppInfo,
} from "@100pay-hq/100pay.js";Generic Requests
For endpoints not covered by a named namespace, use client.request<T>() directly:
const data = await client.request<{ balance: number }>(
"GET",
"/api/v1/user-apps/:appId/wallet-balance/USDT",
{},
{ Authorization: `Bearer ${accessToken}` }
);| Param | Type | Description |
|---|---|---|
method | "GET" | "POST" | "PUT" | "DELETE" | HTTP method |
endpoint | string | API path appended to base URL |
data | object | Body for POST/PUT, query params for GET |
customHeaders | object | Extra headers (e.g. Authorization) |
Last updated on