Merchant Integration Guide

Complete onboarding, get an API Key, and redeem Stablebean codes with real-time USDT settlement.

Apply now View API examples

Integration flow

From application to launch, every step is clear and traceable.

Submit application

Provide merchant details and business profile, then submit the application.

Platform review

Manual review plus blacklist screening to protect funds and business security.

Get credentials

After approval, obtain your API Key for redemption calls.

Go live

Call the redemption API from your server to complete Stablebean redemption.

Redeem API (server-side signed call)

Use API Key + signature to redeem, server-side only.

POST /api/redeem 
// Run signing and API calls on the server
const amount = 10; // TODO: use your order amount
const timestamp = Math.floor(Date.now() / 1000);
const signature = hmacSha256(apiSecret, `${apiKey}.${code}.${amount}.${timestamp}`);

fetch("/api/redeem", {
  method: "POST",
  headers: {"Content-Type": "application/json"},
  body: JSON.stringify({
    api_key: apiKey,
    code,
    amount,
    timestamp,
    signature
  })
})
  .then(r => r.json())
  .then(console.log);

Request parameters

api_key Merchant API Key
code Stablebean code
amount Denomination (U)
timestamp Current timestamp (seconds)
signature HMAC_SHA256

Response fields

card_code Code
amount Amount (U)
status Code status
redeem_time Redeem time

Full frontend and backend examples

Send from frontend to your server, then sign and call the redemption API on the server.

Frontend example
<div style="width:400px;">
  <label for="redeemCode" style="display:block;margin-bottom:6px;font-weight:600;">Stablebean code</label>
  <input id="redeemCode" placeholder="e.g, AA0123456789" style="width:100%;padding:10px 12px;border:1px solid #d0d5dd;border-radius:8px;margin-bottom:12px;"/>
  <div style="display:flex;gap:10px;margin-bottom:10px;">
    <button id="redeemBtn" style="flex:1;padding:10px 12px;background:#335eea;color:#fff;border:none;border-radius:8px;cursor:pointer;">Redeem Stablebean code</button>
    <a href="" target="_blank" style="flex:1;text-align:center;padding:10px 12px;background:#e2e8f0;color:#0f172a;border-radius:8px;text-decoration:none;display:inline-block;">Buy</a>
  </div>
  <div id="redeemResult" style="font-size:12px;color:#64748b;"></div>
</div>
<script>
  const redeemBtn = document.getElementById("redeemBtn");
  const redeemResult = document.getElementById("redeemResult");
  redeemBtn.addEventListener("click", async () => {
    const code = document.getElementById("redeemCode").value.trim();
    if (!code) {
      redeemResult.textContent = "Please enter the code";
      return;
    }
    redeemResult.textContent = "Submit the code to your server redemption API.";
  });
</script>
Backend examples
import express from "express";
import crypto from "crypto";

const app = express();
app.use(express.json());

const API_KEY = process.env.STABLEBEAN_API_KEY;
const API_SECRET = process.env.STABLEBEAN_API_SECRET;
const API_ENDPOINT = "https://stablebean.example.com/api/redeem";

function sign(apiKey, code, amount, timestamp) {
  return crypto
    .createHmac("sha256", API_SECRET)
    .update(`${apiKey}.${code}.${amount}.${timestamp}`)
    .digest("hex");
}

async function getAmountByCode(order_id) {
  // TODO: get amount from your order system
  return null;
}

app.post("/merchant/redeem", async (req, res) => {
  const { code, order_id } = req.body;
  if (!code) {
    return res.status(400).json({ error: 1, message: "Missing code." });
  }
  // TODO: get the amount for this code from your order system
  const amount = await getAmountByCode(order_id);
  if (amount === null || amount === undefined) {
    return res.status(400).json({ error: 1, message: "Amount not found." });
  }
  const timestamp = Math.floor(Date.now() / 1000);
  const signature = sign(API_KEY, code, amount, timestamp);
  const resp = await fetch(API_ENDPOINT, {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
      api_key: API_KEY,
      code,
      amount,
      timestamp,
      signature,
    }),
  });
  const data = await resp.json();
  if (data.error !== 0) {
    return res.status(400).json(data);
  }
  // TODO: trigger merchant business logic like membership activation
  return res.json(data);
});

app.listen(3000, () => console.log("merchant server on 3000"));
import hashlib
import hmac
import os
import time

import requests
from flask import Flask, jsonify, request

app = Flask(__name__)

API_KEY = os.getenv("STABLEBEAN_API_KEY")
API_SECRET = os.getenv("STABLEBEAN_API_SECRET")
API_ENDPOINT = "https://stablebean.example.com/api/redeem"


def sign(api_key: str, code: str, amount: float, timestamp: int) -> str:
    amount_text = f"{float(amount):g}"
    message = f"{api_key}.{code}.{amount_text}.{timestamp}".encode("utf-8")
    return hmac.new(API_SECRET.encode("utf-8"), message, hashlib.sha256).hexdigest()


@app.post("/merchant/redeem")
def redeem():
    payload = request.json or {}
    code = (payload.get("code") or "").strip()
    if not code:
        return jsonify(error=1, message="Missing code."), 400
    # TODO: get amount from your order system
    order_id = (payload.get("order_id") or "").strip()
    amount = None
    if amount is None:
        return jsonify(error=1, message="Amount not found."), 400
    timestamp = int(time.time())
    signature = sign(API_KEY, code, amount, timestamp)
    resp = requests.post(
        API_ENDPOINT,
        json={
            "api_key": API_KEY,
            "code": code,
            "amount": amount,
            "timestamp": timestamp,
            "signature": signature,
        },
        timeout=10,
    )
    data = resp.json()
    if data.get("error") != 0:
        return jsonify(data), 400
    # TODO: trigger merchant business logic after redemption
    return jsonify(data)


if __name__ == "__main__":
    app.run(port=3000)
<?php
$apiKey = getenv("STABLEBEAN_API_KEY");
$apiSecret = getenv("STABLEBEAN_API_SECRET");
$endpoint = "https://stablebean.example.com/api/redeem";
$timestamp = time();

$code = $_POST["code"] ?? "";
if (!$code) {
    http_response_code(400);
    echo json_encode(["error" => 1, "message" => "Missing code."]);
    exit;
}

// TODO: get amount from your order system
$order_id = $_POST["order_id"] ?? "";
$amount = null;
if ($amount === null) {
    http_response_code(400);
    echo json_encode(["error" => 1, "message" => "Amount not found."]);
    exit;
}

$amountText = rtrim(rtrim(sprintf('%.8F', (float)$amount), '0'), '.');
$message = $apiKey . "." . $code . "." . $amountText . "." . $timestamp;
$signature = hash_hmac("sha256", $message, $apiSecret);

$payload = json_encode([
    "api_key" => $apiKey,
    "code" => $code,
    "amount" => $amount,
    "timestamp" => $timestamp,
    "signature" => $signature,
]);

$ch = curl_init($endpoint);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ["Content-Type: application/json"]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$result = curl_exec($ch);
if ($result === false) {
    http_response_code(500);
    echo json_encode(["error" => 1, "message" => "Request failed."]);
    exit;
}

echo $result;

Ready to integrate Stablebean?

After you apply, we will review and enable access as soon as possible.

Apply for access