Skip to main content

Payment SDK

The Payment SDK provides methods to generate secure, embeddable payment URLs for in-app purchases on the GetJar platform.

Initialization

import { Configuration, Payment } from '@eightpointio/getjar-iap-sdk';

const config = new Configuration({
  basePath: 'https://sdk-new.getjar.com',
  baseOptions: {
    headers: {
      'x-api-key': 'your-api-key-here'
    }
  }
});

const paymentClient = new Payment(config);

Methods

generateEmbedUrl

Generates a secure, time-limited URL for embedding payment flows in your application. This URL allows users to complete purchases through an iframe or webview.

Parameters:

  • appId (string): Application ID
  • payload (GenerateEmbedUrlRequest): Payment request configuration
    • userId (string): User ID making the purchase
    • productId (string): Product ID to purchase
    • currency (string, optional): Currency code (e.g., 'USD', 'EUR')
    • embedBaseUrl (string, optional): Custom base URL for the embedded payment page

Returns: Promise<EmbedUrlResponse>

const embedData = await paymentClient.generateEmbedUrl('app-456', {
  userId: 'user-123',
  productId: 'product-789',
  currency: 'USD'
});

console.log(embedData.embedUrl);
console.log(embedData.token);
console.log(embedData.expiresAt);
console.log(embedData.product);

Usage Example

const embedData = await paymentClient.generateEmbedUrl('app-456', {
  userId: 'user-123',
  productId: 'premium-pack-001',
  currency: 'USD',
  embedBaseUrl: 'https://payments.myapp.com'
});

const iframe = document.createElement('iframe');
iframe.src = embedData.embedUrl;
iframe.width = '100%';
iframe.height = '600px';
document.body.appendChild(iframe);

console.log(`Payment expires at: ${embedData.expiresAt}`);
console.log(`Product: ${embedData.product.name} - $${embedData.product.amount}`);

Types

GenerateEmbedUrlRequest

interface GenerateEmbedUrlRequest {
  userId: string;
  productId: string;
  currency?: string;
  embedBaseUrl?: string;
}

EmbedUrlResponse

interface EmbedUrlResponse {
  embedUrl: string;
  token: string;
  expiresAt: string;
  product: {
    productId: string;
    name: string;
    amount: number;
    currency: string;
  };
}

Security

  • The generated embed URL is time-limited and expires at the timestamp provided in expiresAt
  • Each URL includes a unique token that cannot be reused
  • URLs are scoped to specific user, product, and app combinations
  • Embed URLs should be generated server-side to protect your API key

Best Practices

  1. Generate URLs on demand - Create the embed URL immediately before displaying the payment flow to minimize exposure time
  2. Handle expiration - Check the expiresAt timestamp and regenerate URLs if needed
  3. Secure your API key - Never expose your API key in client-side code
  4. Use HTTPS - Always serve payment pages over HTTPS
  5. Validate callbacks - Verify payment completion through your backend before granting purchased items