Public API guides for the Credicorp platform

Build on the Credicorp public API

Everything you need to work with the /public/v1 ring: the unauthenticated, rate-limited endpoints for enquiries, product data, loyalty tiers, the MCP server and the embeddable support widget. Written for engineers integrating a UK business-lending platform.

Public API guides

Concept and endpoint guides for the unauthenticated /public/v1 ring.

The Credicorp public API, end to endPublic API

The Credicorp public API, end to end

The /public/v1 ring is Credicorp's unauthenticated, read-mostly surface — product figures, quotes, the loyalty ladder,…

Read →
Public API vs partner API: which one do you need?Public API

Public API vs partner API: which one do you need?

Pick the public ring when you only need published figures — products, quotes, loyalty tiers. Pick the partner ring when…

Read →
The partner API, at a glancePartner API

The partner API, at a glance

The /partner/v1 ring is the token-gated integration API — take applications, read decisions, provision payments and run…

Read →
OAuth 2.0 client credentials for partner/v1OAuth 2.0

OAuth 2.0 client credentials for partner/v1

Partner API calls authenticate with the OAuth 2.0 client-credentials grant. You exchange a client ID and secret for a…

Read →
Scopes and least privilege on partner/v1OAuth 2.0

Scopes and least privilege on partner/v1

Request only the scopes your integration actually uses. A credential scoped to applications:write cannot read decisions…

Read →
The access-token lifecycleOAuth 2.0

The access-token lifecycle

A partner access token is minted, cached, reused until just before expiry, then re-minted. There is no refresh token in…

Read →
Rate limiting across both ringsReliability

Rate limiting across both rings

The public ring is metered at 60 requests per 60 seconds per IP. The partner ring uses a token bucket scoped to your…

Read →
Errors, status codes and safe retriesReliability

Errors, status codes and safe retries

Errors come back as JSON with a stable machine code and a human message. 4xx means fix the request; 429/5xx are…

Read →
Idempotency and safe retriesReliability

Idempotency and safe retries

Send an Idempotency-Key on every mutating partner call. The server records the first result against the key and replays…

Read →

See all 41 public api guides →

API reference

One page per public endpoint: method, path, parameters, responses and errors.

See all 144 api reference →

Integration recipes

Task-oriented how-tos for common public-API integrations.

See all 210 integration recipes →

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.