@intrpay/node
v0.1.4
Published
Node.js server SDK for the Intrpay API
Downloads
566
Maintainers
Readme
@intrpay/node
Node.js server SDK for the Intrpay API. Use it from your backend to call the API, mint scoped embed sessions, and verify incoming webhooks.
This is a server-side SDK. Your API key is a secret and must never be exposed to the browser.
Install
npm install @intrpay/nodeRequires Node.js 18+.
Usage
Create a client
import { createIntrpayClient } from '@intrpay/node';
const intrpay = createIntrpayClient({
apiKey: process.env.INTRPAY_API_KEY!, // from the Intrpay dashboard
});
// Target the test environment (api.intrpay.dev):
const intrpayTest = createIntrpayClient({
apiKey: process.env.INTRPAY_API_KEY!,
environment: 'test',
});Options:
| Option | Default | Description |
| ------------- | -------------- | ------------------------------------------------------------------------------- |
| apiKey | (required) | API key from the Intrpay dashboard. |
| environment | 'production' | API environment: 'production' (api.intrpay.us) or 'test' (api.intrpay.dev). |
| version | 2026-06 | Calver contract version sent as Intrpay-Version. |
Every request is sent with the x-api-key and Intrpay-Version headers.
Products
await intrpay.products.list();
await intrpay.products.get(productId);
await intrpay.products.create({ name: 'Pro plan', unitPrice: 4900 });
await intrpay.products.update(productId, { unitPrice: 5900 });
await intrpay.products.updateInventory(productId, 42);
await intrpay.products.delete(productId);Payment links
await intrpay.paymentLinks.list();
await intrpay.paymentLinks.get(id);
await intrpay.paymentLinks.create({ name: 'Donation', card: true });
await intrpay.paymentLinks.update(id, { title: 'Updated' });
await intrpay.paymentLinks.activate(id);
await intrpay.paymentLinks.deactivate(id);
await intrpay.paymentLinks.delete(id);Subscriptions
await intrpay.subscriptions.list();
await intrpay.subscriptions.list({ status: 'active' });Embed sessions
Mint a short-lived, scoped token for the browser embed (e.g. @intrpay/react):
const { token, expiresAt } = await intrpay.embed.sessions.create({
contactId,
scope: ['invoices:read:contact', 'payment_methods:write:contact'],
ttlSeconds: 900,
});contactId is required when any requested scope ends with :contact.
Webhooks
Intrpay signs every outbound webhook with HMAC-SHA256 over the raw request body
using the endpoint's signing secret, sent in the X-Webhook-Signature header.
import { constructEvent, verifyWebhook } from '@intrpay/node';
// Express example: use the raw body, not the parsed JSON.
app.post('/webhooks/intrpay', express.raw({ type: 'application/json' }), (req, res) => {
try {
const event = constructEvent({
body: req.body, // Buffer
signature: req.get('X-Webhook-Signature') ?? '',
secret: process.env.INTRPAY_WEBHOOK_SECRET!,
});
// event => { event, data, timestamp }
res.sendStatus(200);
} catch {
res.sendStatus(400);
}
});verifyWebhook(...) returns a boolean if you'd rather verify and parse
yourself.
Errors
Non-2xx responses throw an IntrpayError with status and body:
import { IntrpayError } from '@intrpay/node';
try {
await intrpay.products.get('missing');
} catch (err) {
if (err instanceof IntrpayError) {
console.error(err.status, err.body);
}
}