Getting Started

Step 2: Backend Integration

Mercoa has a fully documented Rest API that can be used in any language. We also have Node, Python, and Java SDKs.

Everything you can do in the dashboard can be done through the API. This includes creating and updating entities, creating and updating payment methods, and creating and updating invoices.

For this guide, we will be creating a simple endpoint that will generate a Mercoa token for the entity we created in the pervious step. This token can be safely passed to the client and used in your frontend application.

Creating a Token

Mercoa uses JSON Web Tokens to authenticate users. These tokens are generated using your API key and the entity's ID. The token can then be passed to the client and used to authenticate the user.

Let us create an endpoint that authenticates the user, generates a JWT with the user's entityId, and return the generated token.

In the example below, we are using Mercoa's foreignId support to find the entity linked to your customer. This means you do not need to store the entityId in your database.

from django.http import HttpResponse
from mercoa.client import Mercoa
mercoa_client = Mercoa(token="YOUR_API_KEY")
def generate_mercoa_token(request):
user = ... # This is the user returned from your database
entities = mercoa_client.entity.find( # Find the Mercoa Entity for the user
token = mercoa_client.entity.getToken(
entity_id=entities[0].id, # Generate a token for the user
"pages": {"paymentMethods": True} # Optional iFrame Options # See:
return HttpResponse(token)

Using the Token

Now that we have a token, we can use it to authenticate the user in our frontend application. Tokens have a default expiration of 24 hours, but you can change this by passing in the expiresIn option when generating the token.