A single API key can manage a portfolio of end-users, each with its own funding sources, cards, and transactions. End-users are onboarded through the enrollment endpoint.
After the first end-user is enrolled in the production environment, all subsequent API calls must include a URI parameter
?account_token= indicating which end-user this API request is on behalf of.
The reason for this behavior change is because, upon initial provisioning, the API Key maps one-to-one to an account (specifically, your account). After calling
POST /enroll, the API key mapping becomes one-to-many, so the API requires an
account_token parameter to indicate which account, within the portfolio of accounts, to perform an action on behalf of.
If one or more end-users have been enrolled and no
account_token argument is supplied, an API error will be returned.
Updated 25 days ago