For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Apply for AccessDashboard
Guides
Guides
  • Get Started
    • Introduction
    • Quickstart
  • Agent Identity
    • Overview
    • Create Auth Intent
    • Exchange for JWT
    • Sessions
    • JWKS
  • Agent Checkout
    • Overview
    • Create an Invoice
    • List Invoices
    • Get Invoice
    • Cancel Invoice
  • Integration Patterns
    • Overview
    • Shared SDK Client
    • Wallet Auth
    • JWT Verification
    • Subscription Checkout
    • Webhook Verification
  • Concepts
    • Two Invoice IDs
    • Wallet Identity
    • Session vs Token
    • Webhook-Driven State
  • Webhooks
    • Overview
    • Verify Signatures
  • Reliability
    • Errors
    • SDK Reference
Apply for AccessDashboard
On this page
  • Architecture
  • Design rules
  • Next pages
Integration Patterns

Integration Patterns

Recommended backend patterns for @gwop/sdk

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Cancel Invoice

Next

Shared SDK Client

Built with

These patterns show the smallest production-minded backend shape for a Gwop integration:

  • one shared SDK client
  • thin app-owned adapters around Gwop
  • local JWT verification with cached JWKS
  • webhook-driven state transitions
  • app-owned routes, persistence, and entitlements

Architecture

Agent -> app routes -> app services -> thin Gwop adapters -> @gwop/sdk -> Gwop

Your backend owns the API surface and business rules. Gwop owns identity, invoices, sessions, JWKS, and webhook signatures.

Design rules

  1. Bootstrap the SDK once and share it.
  2. Keep auth, invoice, and webhook code in app-owned adapters so upstream details stay isolated.
  3. Verify JWTs locally, then use sid for a live session check when revocation matters.
  4. Store both merchant and public invoice IDs.
  5. Trust webhook state transitions only after verifying the raw request body.

These patterns are demonstrated end-to-end in the Agentrouter sample app, a headless LLM store built on @gwop/sdk.

Next pages

Shared SDK Client

Bootstrap one client and keep identity request options explicit

Wallet Auth

Create challenges, exchange them for JWTs, and manage sessions

JWT Verification

Verify access tokens locally and refresh JWKS on key rotation

Subscription Checkout

Create invoices and carry both IDs through your app model

Webhook Verification

Validate signed deliveries before mutating local state