Get started with Hubpay Connect
Use Hubpay Connect to add payments, account onboarding, balances and money movement to your product. Start in sandbox, make one authenticated request, then follow the guide for what you are building.
What are you building?
| Goal | Start here |
|---|---|
| Accept card, bank transfer or supported crypto payments | Accept payments |
| Onboard business accounts and respond to compliance requests | Accounts & onboarding |
| Read balances and transactions or initiate payments | Banking & money movement |
| Let Hubpay customers approve access for your software | Connected apps |
1. Use the sandbox
| Environment | Base URL |
|---|---|
| Sandbox | https://sandbox-api.hubpay.io |
| Production | https://api.hubpay.io |
Sandbox and production use separate credentials, account identifiers and data. Do not reuse an access token between environments.
2. Obtain credentials
Hubpay provides a clientId, clientSecret and account context during integration onboarding. Store the secret in a server-side secret manager; never put it in browser, mobile or distributed package code.
If API access is enabled for your account, an authorised administrator can create and manage API credentials in Hubpay.
3. Authenticate your backend
Exchange the client credentials for a short-lived bearer token. The authentication guide includes a working request and explains how to use the token with Send API request in the interactive API reference.
API authentication is separate from customer login or account linking. A connected app adds customer-approved access after your own backend is authenticated.
4. Make your first request
This sandbox request lists wallets and balances for an account:
curl 'https://sandbox-api.hubpay.io/v1/wallets' \
-H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
-H 'AccountId: YOUR_ACCOUNT_ID'
Some endpoints operate on the authenticated partner and do not use AccountId. The API reference states which headers each endpoint requires.
5. Test the complete journey
- Import the generated Postman collection or the public OpenAPI specification
- Use the live payment examples to compare checkout modes
- Register signed webhooks and test the events your integration relies on
- Use the sandbox simulation guides inside Accept payments and Accounts & onboarding
Before production
- Provide Hubpay with the fixed outbound IP addresses used by your production backend so they can be allowlisted before go-live
- Keep sandbox and production credentials, data and webhook endpoints separate
- Use the documented
externalIdor idempotency field to prevent duplicate operations - Handle
429 Too Many Requestsresponses with backoff - Follow pagination fields such as
page,size,totalPagesandlast - Verify every webhook signature and make event processing idempotent
Continue with the product area in the first table, or go directly to the API reference when you know the endpoint you need.