Managing Your Program with Lithic Dashboard
Managing API Keys
In Lithic Dashboard, you can add, disable, and delete your production and sandbox API keys. Please note that only Program Admins and Organization Admins have access to and control of API keys.
In the event that you need to cycle an API key that is currently in use:
- Create a new production API key and enable it
- Replace your existing key with the newly created key in your service
- When ready, delete your old key
Verifying Webhooks with Multiple API Keys
Please note that customers receiving webhooks via Privacy will not receive the signature required to verify multiple API keys.
Lithic webhooks will contain an x-lithic-signature
header with a list of space delimited signatures and their corresponding version identifiers. For example:
v1,Y3bj/aHS1kUtyCXKYs94OiHdV4c2l8LtMKqyW/nU7P4= v1,8eG1l/ruP5jORHq3P9fCdwoLKsJXRpZq+SG7GhVKScs=
Make sure to remove the version prefix and delimiter (e.g. v1,) before verifying the signature. For code examples for multi-API key webhook verification, see Transaction Webhook Verification.
Managing Lithic Organizations and Programs
Managing Organizations
At Lithic, each customer has a single organization. Each organization can have one or more programs. Your organization can be configured in your Organization's settings page in the following ways:
- Set up and update your Control Person
- Designate Support contacts for Lithic to reach out to for technical, risk/fraud, and compliance matters.
- Manage Organization-wide members. See Inviting Team Members below for more.
Managing Individual Programs
Each program has its own set of API keys and can be configured individually in the Program Settings page.
Note that the above link will take you to your most recent program's settings - if you have multiple programs, ensure you are on the correct program or switch to it via the dropdown in the top left
On this page, you'll be able to:
- Edit the name of the Program
- Manage production and sandbox API keys
- View ASA HMAC secrets
- View card program details
- View digital card art details
- View your program's limits
- Manage Team-specific members. See Inviting Team Members below for more.
Inviting Team Members
You can invite team members at either the organization level or the program level.
Organization-wide team members have their respective permissions for every program within the organization - as opposed to program-level roles, which only have permissions for a specific program.
You can invite members via the "Invite Organization/Program Members" button in the Members section of either page.
You can invite team members by email by clicking on the Invite Organization Members button. Please note that each email/user can only be a part of one Lithic Organization at a time., though they can have different permissions at the organization level and at each program level. When you send an invite, there are a few different scenarios that can happen depending on the state of the invitee:
- If the invitee has not used their email to sign up for Lithic before, they will receive an email to sign up to join your team with the specified permissions.
- If the invitee already has a Lithic account, they will receive a similar email but be asked to leave their organization to join your organization.
- If the invitee is already part of your organization (whether they have an organization-level role or a team-level role), they will be given the additional permissions without any action on their part. They will receive an email notifying them of their new permissions. Example:
- Your organization has Program A and Program B.
[email protected]
has an organization-wide Read-Only role.- You "invite"
[email protected]
to be a Card Admin for Program A. This person will receive an email informing them of their new permissions, but they do not need to click a link or accept anything. [email protected]
now has Read-Only permissions for Program B, and Card Admin permissions for Program A.
When a team member has multiple roles across programs and the organization, the permissions they have for any specific program will be the union of their permissions for the specific program and their organization-level permissions.
Roles and Permissions
Below is the full list of permissions for each Lithic role:
Permission | Organization Admin | Program Admin | Card Admin | Dispute Admin | Support | Read-Only |
---|---|---|---|---|---|---|
Complete Onboarding | ✅ | |||||
Update Control Person | ✅ | |||||
Create/Edit programs | ✅ | |||||
Update Support Contacts | ✅ | |||||
View Card Programs | ✅ | ✅ | ||||
View Digital Card Art | ✅ | ✅ | ||||
Manage ASA Enrollment | ✅ | ✅ | ||||
View API Keys | ✅ | ✅ | ||||
Remove Users/Transfer Ownership | ✅ | ✅ | ||||
Edit Funding Source for Org/Team | ✅ | ✅ | ||||
View Funding Source | ✅ | ✅ | ||||
View Onboard Status | ✅ | ✅ | ||||
View org docs | ✅ | ✅ | ||||
View org owners | ✅ | ✅ | ||||
Invite New Users* | ✅ | ✅ | ✅ | |||
Create/Edit/Close Cards | ✅ | ✅ | ✅ | |||
View PAN/CVV (only if PCI compliant) | ✅ | ✅ | ✅ | |||
View Exp Date | ✅ | ✅ | ✅ | ✅ | ||
Pause Card | ✅ | ✅ | ✅ | ✅ | ||
Submit/Edit/Withdraw Dispute | ✅ | ✅ | ✅ | |||
View Disputes/Dispute Evidence | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Change Own Email/Password | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
View Transactions | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
View Card PAN Last 4 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
View Card Token | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
View Card Nickname | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
* Program Admins can invite team members to be any role except Organization Admin, but only for that Program. Card Admins can only invite team members to be Support or Read Only. Organization Admins can invite any role for any program.
Managing Multiple Lithic Programs
For customers with more than one Lithic program, you can switch between your programs in Lithic Dashboard.
To navigate between your programs, use the dropdown at the top of the sidebar. This dropdown will only appear on pages that are specific to a program (Cards/Transactions/Program Settings/etc).
Adding a New Lithic Program
To add a new Lithic program, click on the New Program
button in the aforementioned dropdown. You'll be prompted to name your new program to proceed. Once you've created your new program, speak to your Customer Success or Implementation manager to configure it.
Updated about 2 months ago