Lithic
Overview
Lithic provides virtual card infrastructure that integrates seamlessly with the Mercoa Virtual Card Agent. The integration uses Lithic’s embedded card iframe technology to securely display and interact with virtual cards.
Integration Setup
Enable Lithic in Your Account
To start using Lithic with the Virtual Card Agent:
- Create an account at lithic.com
- Complete the application process and KYB verification
- Set up your card program in the Lithic dashboard
- Obtain your API keys
- Generate embed requests and HMAC signatures for card display
Create Virtual Card
Create virtual cards for specific invoices:
This is just an example, please refer to the Lithic documentation for more information.
API Integration
The Lithic integration with the Virtual Card Agent provides a secure, automated workflow for processing virtual card payments using Lithic’s embedded card iframe technology.
How It Works
The integration follows a secure workflow where your Lithic virtual card is embedded and used to process payments through the Virtual Card Agent:
Process Flow:
- Create a Lithic virtual card with spending controls matching the invoice amount
- Generate an embed request with card token and styling configuration
- Create an HMAC signature for the embed request using your Lithic API key
- Call the Mercoa API with the embed request and HMAC signature
- The agent displays the card securely through Lithic’s iframe technology
- Card details are extracted and used to complete payment through the vendor’s payment gateway
- Receipt and confirmation details are captured for reconciliation
API Request Structure
When using Lithic with the Virtual Card Agent, your API request should include:
Field Descriptions
Card Details Object
Embed Request and HMAC Signature Generation
The embedRequest
should be a base64-encoded JSON object containing:
Generate the HMAC signature using your Lithic API key:
This is just an example, please refer to the Lithic documentation for more information.
Security Considerations
- Set card expiration to limit the time window for card usage
- Monitor card usage through Lithic’s dashboard and webhook events
- Enable logging for all virtual card operations to maintain an audit trail
Best Practices
🔐 Security
- Use one-time virtual cards with exact amounts
- Set strict spending limits per card
- Always use HMAC signatures for embed requests
- Monitor card usage in the Lithic Dashboard
📊 Reconciliation
- Store Lithic card tokens with invoice metadata
- Use metadata to associate cards with invoices
- Set up webhooks to track card lifecycle and usage
- Implement proper transaction matching for accounting
💰 Cost Optimization
- Monitor Lithic fees and pricing
- Optimize card creation timing
- Consider bulk operations for high-volume scenarios
- Set appropriate card expiration times