Integration Patterns

Shared SDK Client

Bootstrap one Gwop client and keep identity request options separate
View as Markdown

Start with one shared Gwop client for your backend. Do not create ad hoc SDK instances inside routes or services.

Why this pattern

  • merchant API key, webhook secret, and timeout are app-level configuration
  • invoices and webhook verification use the same client instance
  • auth intents, sessions, and JWKS still need identity-specific request options

That split is the important nuance: one SDK client, plus explicit request options for the identity surface.

1import { Gwop } from "@gwop/sdk";
2
3export function createGwopClient(config: AppConfig): Gwop {
4  return new Gwop({
5    merchantApiKey: config.gwop.merchantApiKey,
6    webhookSecret: config.gwop.webhookSecret,
7    timeoutMs: config.gwop.timeoutMs,
8  });
9}
10
11export function createGwopIdentityRequestOptions(config: AppConfig) {
12  return {
13    serverURL: config.gwop.identity.baseUrl,
14    timeoutMs: config.gwop.timeoutMs,
15  } as const;
16}

What to carry into your own app

  • create the SDK once at startup
  • inject it into your adapters or services
  • keep identity request options as a small explicit helper
  • avoid hardcoding the identity hostname deep inside auth code
Quickstart

Start from the end-to-end flow before splitting the code into adapters

Wallet Auth

See how auth calls use the shared client plus identity request options