Partner API

The partner API, at a glance

The /partner/v1 ring is the token-gated integration API — take applications, read decisions, provision payments and run identity checks. Auth is OAuth 2.0 client credentials; quotas scale with your partner tier.

2 min read

OAuth 2.0Client credentials
3 tiersbuild / launch / scale
SandboxIndependent bucket

What lives on partner/v1

The partner ring is where the real integration work happens: submitting an application (POST /applications), reading the decision (GET /decisions/{id}), provisioning a payment link over PISP (POST /payments/links) and running a KYC/AML identity check (POST /identity/checks). Each of these touches a customer, a decision or the rails, which is exactly why the ring is authenticated. Money-out remains Credicorp's single manual gate regardless of tier — the API can request a disbursement, but the release stays governed.

Authentication

Every partner call carries a bearer access token minted at POST /partner/v1/oauth/token with the OAuth 2.0 client-credentials grant. Tokens are short-lived JWTs you can verify against the JWKS, and the ring advertises its metadata at the standard discovery document. Scope your credential to only the capabilities you use.

Rate limits by tier

Partner traffic is metered with a token bucket scoped to your project, not to an individual key. Sandbox and live projects have independent buckets. The default ceilings on the live ring:

TierSustainedBurstConcurrent
build (sandbox)10 req/s5010
launch25 req/s10020
scale100 req/s40050

Some endpoints carry their own tighter sub-limit — see rate limiting explained.

Frequently asked questions

How do I get partner access?

Apply through the partner programme. You are issued a sandbox project first (build tier), and move to a live project once your integration is verified. Each project gets its own OAuth client and its own rate-limit bucket.

Are sandbox and live quotas shared?

No. Sandbox and live projects have independent token buckets, so load-testing against the sandbox never eats into your production allowance. Sandbox is fixed at the build tier regardless of your live tier.

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.