Managing API Keys

In Lithic Dashboard, you can add, disable, and delete your production and sandbox API keys. Please note that only Team Admins have access to and control of API keys.

Verifying Webhooks with Multiple API Keys

📘
Please note that customers receiving webhooks via Privacy will not receive the signature required to verify multiple API keys.

Lithic webhooks will contain an x-lithic-signature header with a list of space delimited signatures and their corresponding version identifiers. For example:

v1,Y3bj/aHS1kUtyCXKYs94OiHdV4c2l8LtMKqyW/nU7P4= v1,8eG1l/ruP5jORHq3P9fCdwoLKsJXRpZq+SG7GhVKScs=

Make sure to remove the version prefix and delimiter (e.g. v1,) before verifying the signature. For code examples for multi-API key webhook verification, see Transaction Webhook Verification.

Inviting Team Members

In your Account Settings, you can invite team members to join your Lithic team and access Dashboard. Scroll down to Members, where you'll see an Invite Team Members button:

When you click the Invite Team Members button, you'll be able to send one or more email invites to team members:

Roles and Permissions

Below is the full list of permissions for each of these roles:

Permission	Team Admin	Card Admin	Dispute Admin	Support	Read-Only
View API Keys	Yes
Remove Users/Transfer Ownership	Yes
Edit Funding Source for Org/Team	Yes
View Team Members	Yes
View Funding Source	Yes
View Onboard Status	Yes
View org docs	Yes
View org owners	Yes
Invite New Users	Yes	Yes
Create/Edit/Close Cards	Yes	Yes
View PAN/CVV (only if PCI compliant)	Yes	Yes
View Exp Date	Yes	Yes		Yes
Pause Card	Yes	Yes		Yes
Submit/Edit/Withdraw Dispute	Yes		Yes
View Disputes/Dispute Evidence	Yes	Yes	Yes	Yes	Yes
Change Own Email/Password	Yes	Yes	Yes	Yes	Yes
View Transactions	Yes	Yes	Yes	Yes	Yes
View Card PAN Last 4	Yes	Yes	Yes	Yes	Yes
View Card Token	Yes	Yes	Yes	Yes	Yes
View Card Nickname	Yes	Yes	Yes	Yes	Yes