Get Started
Set up your kadosei merchant account and get your first API key
Before you begin
You'll need:
-
A kadosei merchant account (see below as accounts are created by invitation)
-
A server-side environment capable of making HTTPS requests
-
A publicly accessible HTTPS endpoint to receive webhooks (required before going live; not needed for initial setup)
Step 1: Accept your invitation
kadosei merchant accounts are created by invitation. When your account is provisioned, you'll receive an email containing a signup link. The link includes a one-time token and expires after 2 hours if it expires, contact your kadosei account manager to request a new one.
Click the link, or use it directly to complete signup via the API.
Step 2: Complete merchant signup
Submit your organisation details and admin user credentials to the signup endpoint. The invite token is passed as a query parameter.
POST /api/v1/merchants/signup?token={your_invite_token}
{
"organization": {
"legalBusinessName": "Acme Pty Ltd",
"companyRegistrationNumber": "ACN 123 456 789",
"registeredAddress": {
"line1": "123 Market St",
"city": "Sydney",
"state": "NSW",
"postalCode": "2000",
"country": "AU"
},
"companyWebsite": "https://www.acme.com",
"industry": "Retail",
"sector": "E-commerce",
"contactPersonFirstName": "Jane",
"contactPersonLastName": "Smith",
"contactPersonEmail": "jane.smith@acme.com"
},
"admin": {
"email": "jane.smith@acme.com",
"password": "your-secure-password",
"firstName": "Jane",
"lastName": "Smith"
}
}
Password requirements: 16–32 characters.
A successful response confirms your merchant account and admin user have been created. You can now log in.
Common Errors
| Status | Meaning |
|---|---|
| 400 | Token missing, invalid, or request body failed validation |
| 409 | Account could not be created with the provided details |
| 410 | Invite token has already been used or has expired |
Step 3: Log in and obtain a JWT
Your JWT authenticates management operations for creating applications, generating API keys, and configuring your account.
POST /api/v1/auth/login
{
"email": "jane.smith@acme.com",
"password": "your-secure-password"
}
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 3600
}
Store the accessToken and include it as a Bearer token in subsequent management API requests:
Authorization: Bearer {accessToken}
JWTs expire after 3600 seconds (1 hour). When your token expires, call
POST /api/v1/auth/login again to obtain a new one.
Next Steps
With your account created and a valid JWT, you're ready to set up your first application and generate an API key, which is what you'll use to authenticate payment calls from your server.