Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.ababilpay.xyz/llms.txt

Use this file to discover all available pages before exploring further.

This guide shows the minimum integration path for a merchant or developer: create a payment intent, send the customer to a payment link, and receive a signed webhook when payment completes.
The production implementation is expected to use API keys, HMAC-signed webhooks, Circle testnet or mainnet configuration, and Supabase-backed merchant records.

Integration flow

1

Create a merchant account

Sign in with Google OAuth. AbabilPay creates the Supabase user record, provisions a Circle developer-controlled wallet, and stores the merchant profile.
2

Create a payment intent

Call POST /v1/payments/intent with the USDC amount, customer reference, and optional metadata.
curl -X POST https://api.ababilpay.io/v1/payments/intent \
  -H "Authorization: Bearer $ABABILPAY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount_usdc": 250,
    "customer_email": "buyer@example.com",
    "description": "Order #10042",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel"
  }'
3

Redirect the customer

Send the customer to the returned payment_url. The customer can pay with supported tokens, while AbabilPay handles auto-conversion to USDC.
4

Listen for the webhook

Register a webhook endpoint with POST /v1/webhooks and subscribe to events such as payment.completed, payment.failed, and refund.issued.

Example payment intent response

{
  "id": "pay_01HX7M2S9R5",
  "status": "requires_payment",
  "amount_usdc": 250,
  "payment_url": "https://pay.ababilpay.io/pay/pay_01HX7M2S9R5",
  "expires_at": "2026-05-10T15:02:00Z"
}

Webhook payload

{
  "event": "payment.completed",
  "id": "evt_01HX9K8VQ2",
  "created_at": "2026-05-10T14:32:00Z",
  "data": {
    "payment_id": "pay_01HX7M2S9R5",
    "amount_usdc": 250,
    "chain": "polygon",
    "merchant_id": "mer_01HX7J9Y",
    "token_in": "MATIC",
    "tx_hash": "0xabc..."
  }
}

Webhook verification

Each webhook request should include a timestamp and HMAC signature header. Recompute the signature over the raw body and reject requests with invalid signatures or stale timestamps. 
import crypto from "node:crypto";

export function verifyWebhook(rawBody: string, signature: string, secret: string) {
  const expected = crypto
    .createHmac("sha256", secret)
    .update(rawBody)
    .digest("hex");

  return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
}

Common next steps

Invoices

Create invoices, send branded payment links, and track payment state.

Shopify and WooCommerce

Use hosted commerce plugins instead of a direct API integration.

Transfers

Send USDC to a wallet address or email recipient.

Webhooks

Register an endpoint for payment and operational events.