Integrations Overview
Waffo Pancake provides a powerful API and developer tools to integrate payments directly into your applications.API Architecture
Waffo Pancake uses a hybrid API:- REST (POST) for all write operations via
/v1/actions/{domain}/{action} - GraphQL for all read operations via
/v1/graphql
Base URL
API Keys
API Keys authenticate server-to-server requests. Authentication is handled automatically by the SDK.Test Keys
Created for
test environment. No real charges.Live Keys
Created for
prod environment. Process real payments.Creating API Keys
API Key Endpoints
| Endpoint | Description |
|---|---|
POST /v1/actions/api-key/create-key | Create a new API key |
POST /v1/actions/api-key/delete-key | Delete an existing API key |
Webhooks
Webhooks notify your server when events occur in real-time.Setting Up
Enter Webhook URLs
Configure separate webhook URLs for each environment:
- Test webhook URL — receives events from test mode
- Live webhook URL — receives events from production mode
There is no event filtering — your webhook endpoint receives all events. Filter by event type in your server-side handler.
Verifying Webhook Signatures
A webhook public key is displayed on the Webhooks settings page. Use this key to verify that incoming webhook payloads were sent by Waffo Pancake and have not been tampered with.Common Endpoints
Stores
| Endpoint | Description |
|---|---|
POST /v1/actions/store/create-store | Create a store |
POST /v1/actions/store/update-store | Update store details |
POST /v1/actions/store/delete-store | Soft-delete a store |
Products
| Endpoint | Description |
|---|---|
POST /v1/actions/onetime-product/create-product | Create a one-time product |
POST /v1/actions/onetime-product/update-product | Update a one-time product (creates new version) |
POST /v1/actions/onetime-product/update-status | Activate or deactivate a one-time product |
POST /v1/actions/onetime-product/publish-product | Publish a one-time product across environments |
POST /v1/actions/subscription-product/create-product | Create a subscription product |
POST /v1/actions/subscription-product/update-product | Update a subscription product |
POST /v1/actions/subscription-product/update-status | Activate or deactivate a subscription product |
POST /v1/actions/subscription-product/publish-product | Publish a subscription product across environments |
Orders
| Endpoint | Description |
|---|---|
POST /v1/actions/onetime-order/create-order | Create a one-time checkout session |
POST /v1/actions/onetime-order/cancel-order | Cancel a pending one-time order |
POST /v1/actions/subscription-order/create-order | Create a subscription checkout session |
POST /v1/actions/subscription-order/cancel-order | Cancel a subscription |
POST /v1/actions/subscription-order/change-product | Upgrade or downgrade a subscription product |
Refunds
| Endpoint | Description |
|---|---|
POST /v1/actions/refund-ticket/create-ticket | Request a refund |
Data Queries
| Endpoint | Description |
|---|---|
POST /v1/graphql | Query any data (stores, products, orders, payments, etc.) |
Security Best Practices
Environment Variables
Store private keys in environment variables, never in code.
Key Rotation
Regularly rotate keys, especially after team changes.
Separate Keys
Use different API keys for test and production environments.
Secure Storage
Store private keys using your platform’s secret management.
Next Steps
Integrate Overview
Step-by-step integration guide.
API Reference
Complete endpoint documentation.