@gr4vy/sdk

Gr4vy TypeScript SDK

Developer-friendly & type-safe TypeScript SDK specifically catered to leverage the Gr4vy API.

Summary

The official Gr4vy SDK for TypeScript provides a convenient way to interact with the Gr4vy API from your server-side application. This SDK allows you to seamlessly integrate Gr4vy's powerful payment orchestration capabilities, including:

• Creating Transactions: Initiate and process payments with various payment methods and services.
• Managing Buyers: Store and manage buyer information securely.
• Storing Payment Methods: Securely store and tokenize payment methods for future use.
• Handling Webhooks: Easily process and respond to webhook events from Gr4vy.
• And much more: Access the full suite of Gr4vy API payment features.

This SDK is designed to simplify development, reduce boilerplate code, and help you get up and running with Gr4vy quickly and efficiently. It handles authentication, request signing, and provides easy-to-use methods for most API endpoints.

Table of Contents

• Gr4vy TypeScript SDK
  • SDK Installation
  • Requirements
  • SDK Example Usage
  • Bearer token generation
  • Embed token generation
  • Merchant account ID selection
  • Webhooks verification
  • Available Resources and Operations
  • Error Handling
  • Server Selection
  • Custom HTTP Client
  • Authentication
  • SDK Installation
  • SDK Example Usage
  • Pagination
  • Retries
  • Standalone functions
  • Debugging
• Development
  • Testing
  • Contributions

SDK Installation

NPM

yarn add @gr4vy/sdk

Yarn

yarn add @gr4vy/sdk

Requirements

For supported JavaScript runtimes, please consult RUNTIMES.md.

SDK Example Usage

Example

import fs from "fs";
import { Gr4vy, withToken } from "@gr4vy/sdk";

async function run() {
    const gr4vy = new Gr4vy({
        server: "sandbox",
        id: "example",
        bearerAuth: withToken({
          privateKey: fs.readFileSync("private_key.pem", "utf8"),
        }),
    });

    const result = await gr4vy.transactions.list({});

    // Handle the result
    console.log(result);
}

run();

Bearer token generation

Alternatively, you can create a token for use with the SDK or with your own client library.

import { getToken } from "@gr4vy/sdk";

async function run() {
    const token = await getToken({
          privateKey: fs.readFileSync("private_key.pem", "utf8"),
    });
    console.log(token);
}

run();

Note: This will only create a token once. Use withToken to dynamically generate a token for every request.

Embed token generation

Alternatively, you can create a token for use with Embed as follows.

import { Gr4vy, getEmbedToken } from "@gr4vy/sdk";

async function run() {
    const privateKey = fs.readFileSync("private_key.pem", "utf8")

    const gr4vy = new Gr4vy({
        server: "sandbox",
        id: "example",
        bearerAuth: withToken({ privateKey }),
    });

    const checkoutSession = await gr4vy.checkoutSessions.create()

    const token = await getEmbedToken({ 
      privateKey,
      checkoutSessionId: checkoutSession.id,
      embedParams: {
        amount: 1299,
        currency: 'USD',
        buyerExternalIdentifier: 'user-1234',
      }
    });

    console.log(token);
}

run();

Note: This will only create a token once. Use withToken to dynamically generate a token for every request.

Merchant account ID selection

Depending on the key used, you might need to explicitly define a merchant account ID to use. In our API, this uses the X-GR4VY-MERCHANT-ACCOUNT-ID header. When using the SDK, you can set the merchantAccountId on every request.

const result = await gr4vy.transactions.list({
    merchantAccountId: 'merchant-12345'
})

Alternatively, the merchant account ID can also be set when initializing the SDK.

const gr4vy = new Gr4vy({
    server: "sandbox",
    id: "example",
    merchantAccountId: 'merchant-12345',
    bearerAuth: withToken({ privateKey }),
});

Webhooks verification

The SDK provides a verifyWebhook method to validate incoming webhook requests from Gr4vy. This ensures that the webhook payload is authentic and has not been tampered with.

import { verifyWebhook } from "@gr4vy/sdk";

const payload = 'your-webhook-payload'
const secret = 'your-webhook-secret'
const signatureHeader = 'signatures-from-header'
const timestampHeader = 'timestamp-from-header'
const timestampTolerance = 300 // optional, in seconds (default: 0)

try {
  verifyWebhook(
    payload,
    secret,
    signatureHeader,
    timestampHeader,
    timestampTolerance
  )
  console.log('Webhook verified successfully!')
} catch (error) {
  console.error('Webhook verification failed:', error.message)
}

Parameters

• payload: The raw payload string received in the webhook request.
• secret: The secret used to sign the webhook. This is provided in your Gr4vy dashboard.
• signatureHeader: The X-Gr4vy-Signature header from the webhook request.
• timestampHeader: The X-Gr4vy-Timestamp header from the webhook request.
• timestampTolerance: (Optional) The maximum allowed difference (in seconds) between the current time and the timestamp in the webhook. Defaults to 0 (no tolerance).

Available Resources and Operations

Available methods

accountUpdater

accountUpdater.jobs

• create - Create account updater job

auditLogs

• list - List audit log entries

buyers

• list - List all buyers
• create - Add a buyer
• get - Get a buyer
• update - Update a buyer
• delete - Delete a buyer

buyers.giftCards

• list - List gift cards for a buyer

buyers.paymentMethods

• list - List payment methods for a buyer

buyers.shippingDetails

• create - Add buyer shipping details
• list - List a buyer's shipping details
• get - Get buyer shipping details
• update - Update a buyer's shipping details
• delete - Delete a buyer's shipping details

cardSchemeDefinitions

• list - List card scheme definitions

checkoutSessions

• create - Create checkout session
• update - Update checkout session
• get - Get checkout session
• delete - Delete checkout session

digitalWallets

• create - Register digital wallet
• list - List digital wallets
• get - Get digital wallet
• delete - Delete digital wallet
• update - Update digital wallet

digitalWallets.domains

• create - Register a digital wallet domain
• delete - Remove a digital wallet domain

digitalWallets.sessions

• googlePay - Create a Google Pay session
• applePay - Create a Apple Pay session
• clickToPay - Create a Click to Pay session

giftCards

• get - Get gift card
• delete - Delete a gift card
• create - Create gift card
• list - List gift cards

giftCards.balances

• list - List gift card balances

merchantAccounts

• list - List all merchant accounts
• create - Create a merchant account
• get - Get a merchant account
• update - Update a merchant account

paymentLinks

• create - Add a payment link
• list - List all payment links
• expire - Expire a payment link
• get - Get payment link

paymentMethods

• list - List all payment methods
• create - Create payment method
• get - Get payment method
• delete - Delete payment method

paymentMethods.networkTokens

• list - List network tokens
• create - Provision network token
• suspend - Suspend network token
• resume - Resume network token
• delete - Delete network token

paymentMethods.networkTokens.cryptogram

• create - Provision network token cryptogram

paymentMethods.paymentServiceTokens

• list - List payment service tokens
• create - Create payment service token
• delete - Delete payment service token

paymentOptions

• list - List payment options

paymentServiceDefinitions

• list - List payment service definitions
• get - Get a payment service definition
• session - Create a session for apayment service definition

paymentServices

• list - List payment services
• create - Update a configured payment service
• get - Get payment service
• update - Configure a payment service
• delete - Delete a configured payment service
• verify - Verify payment service credentials
• session - Create a session for apayment service definition

payouts

• list - List payouts created.
• create - Create a payout.
• get - Get a payout.

refunds

• get - Get refund

reportExecutions

• list - List executed reports

reports

• list - List configured reports
• create - Add a report
• get - Get a report
• put - Update a report

reports.executions

• list - List executions for report
• url - Create URL for executed report
• get - Get executed report

transactions

• list - List transactions
• create - Create transaction
• get - Get transaction
• capture - Capture transaction
• void - Void transaction
• sync - Sync transaction

transactions.events

• list - List transaction events

transactions.refunds

• list - List transaction refunds
• create - Create transaction refund
• get - Get transaction refund

transactions.refunds.all

• create - Create batch transaction refund

transactions.settlements

• get - Get transaction settlement
• list - List transaction settlements

Error Handling

Gr4vyError is the base class for all HTTP error responses. It has the following properties:

Property	Type	Description
error.message	string	Error message
error.statusCode	number	HTTP response status code eg 404
error.headers	Headers	HTTP response headers
error.body	string	HTTP body. Can be empty string if no body is returned.
error.rawResponse	Response	Raw HTTP response
error.data$		Optional. Some errors may contain structured data. See Error Classes.

Example

import { Gr4vy } from "@gr4vy/sdk";
import * as errors from "@gr4vy/sdk/models/errors";

const gr4vy = new Gr4vy({
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  try {
    const result = await gr4vy.accountUpdater.jobs.create({
      paymentMethodIds: [
        "ef9496d8-53a5-4aad-8ca2-00eb68334389",
        "f29e886e-93cc-4714-b4a3-12b7a718e595",
      ],
    });

    console.log(result);
  } catch (error) {
    // The base class for HTTP error responses
    if (error instanceof errors.Gr4vyError) {
      console.log(error.message);
      console.log(error.statusCode);
      console.log(error.body);
      console.log(error.headers);

      // Depending on the method different errors may be thrown
      if (error instanceof errors.Error400) {
        console.log(error.data$.type); // string
        console.log(error.data$.code); // string
        console.log(error.data$.status); // number
        console.log(error.data$.message); // string
        console.log(error.data$.details); // ErrorDetail[]
      }
    }
  }
}

run();

Error Classes

Primary errors:

• Gr4vyError: The base class for HTTP error responses.
  • Error400: The request was invalid. Status code 400.
  • Error401: The request was unauthorized. Status code 401.
  • Error403: The credentials were invalid or the caller did not have permission to act on the resource. Status code 403.
  • Error404: The resource was not found. Status code 404.
  • Error405: The request method was not allowed. Status code 405.
  • Error409: A duplicate record was found. Status code 409.
  • Error425: The request was too early. Status code 425.
  • Error429: Too many requests were made. Status code 429.
  • Error500: The server encountered an error. Status code 500.
  • Error502: The server encountered an error. Status code 502.
  • Error504: The server encountered an error. Status code 504.
  • HTTPValidationError: Validation Error. Status code 422. *

Less common errors (6)

Network errors:

• ConnectionError: HTTP client was unable to make a request to a server.
• RequestTimeoutError: HTTP request timed out due to an AbortSignal signal.
• RequestAbortedError: HTTP request was aborted by the client.
• InvalidRequestError: Any input used to create a request is invalid.
• UnexpectedClientError: Unrecognised or unexpected error.

Inherit from Gr4vyError:

• ResponseValidationError: Type mismatch between the data returned from the server and the structure expected by the SDK. See error.rawValue for the raw value and error.pretty() for a nicely formatted multi-line string.

* Check the method documentation to see if the error is applicable.

Server Selection

Select Server by Name

You can override the default server globally by passing a server name to the server: keyof typeof ServerList optional parameter when initializing the SDK client instance. The selected server will then be used as the default on the operations that use it. This table lists the names associated with the available servers:

Name	Server	Variables	Description
sandbox	https://api.sandbox.{id}.gr4vy.app	id
production	https://api.{id}.gr4vy.app	id

If the selected server has variables, you may override its default values through the additional parameters made available in the SDK constructor:

Variable	Parameter	Default	Description
id	id: string	"example"	The subdomain for your Gr4vy instance.

Example

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  server: "production",
  id: "<id>",
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  });

  console.log(result);
}

run();

Override Server URL Per-Client

The default server can also be overridden globally by passing a URL to the serverURL: string optional parameter when initializing the SDK client instance. For example:

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  serverURL: "https://api.sandbox.example.gr4vy.app",
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  });

  console.log(result);
}

run();

Custom HTTP Client

The TypeScript SDK makes API calls using an HTTPClient that wraps the native Fetch API. This client is a thin wrapper around fetch and provides the ability to attach hooks around the request lifecycle that can be used to modify the request or handle errors and response.

The HTTPClient constructor takes an optional fetcher argument that can be used to integrate a third-party HTTP client or when writing tests to mock out the HTTP client and feed in fixtures.

The following example shows how to use the "beforeRequest" hook to to add a custom header and a timeout to requests and how to use the "requestError" hook to log errors:

import { Gr4vy } from "@gr4vy/sdk";
import { HTTPClient } from "@gr4vy/sdk/lib/http";

const httpClient = new HTTPClient({
  // fetcher takes a function that has the same signature as native `fetch`.
  fetcher: (request) => {
    return fetch(request);
  }
});

httpClient.addHook("beforeRequest", (request) => {
  const nextRequest = new Request(request, {
    signal: request.signal || AbortSignal.timeout(5000)
  });

  nextRequest.headers.set("x-custom-header", "custom value");

  return nextRequest;
});

httpClient.addHook("requestError", (error, request) => {
  console.group("Request Error");
  console.log("Reason:", `${error}`);
  console.log("Endpoint:", `${request.method} ${request.url}`);
  console.groupEnd();
});

const sdk = new Gr4vy({ httpClient });

Authentication

Per-Client Security Schemes

This SDK supports the following security scheme globally:

Name	Type	Scheme	Environment Variable
bearerAuth	http	HTTP Bearer	GR4VY_BEARER_AUTH

To authenticate with the API the bearerAuth parameter must be set when initializing the SDK client instance. For example:

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
  merchantAccountId: "<id>",
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  });

  console.log(result);
}

run();

SDK Installation

The SDK can be installed with either npm, pnpm, bun or yarn package managers.

NPM

npm add @gr4vy/sdk

PNPM

pnpm add @gr4vy/sdk

Bun

bun add @gr4vy/sdk

Yarn

yarn add @gr4vy/sdk zod

# Note that Yarn does not install peer dependencies automatically. You will need
# to install zod as shown above.

SDK Example Usage

Example

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  });

  console.log(result);
}

run();

Pagination

Some of the endpoints in this SDK support pagination. To use pagination, you make your SDK calls as usual, but the returned response object will also be an async iterable that can be consumed using the for await...of syntax.

Here's an example of one such pagination call:

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.buyers.list();

  for await (const page of result) {
    console.log(page);
  }
}

run();

Retries

Some of the endpoints in this SDK support retries. If you use the SDK without any configuration, it will fall back to the default retry strategy provided by the API. However, the default retry strategy can be overridden on a per-operation basis, or across the entire SDK.

To change the default retry strategy for a single API call, simply provide a retryConfig object to the call:

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  }, {
    retries: {
      strategy: "backoff",
      backoff: {
        initialInterval: 1,
        maxInterval: 50,
        exponent: 1.1,
        maxElapsedTime: 100,
      },
      retryConnectionErrors: false,
    },
  });

  console.log(result);
}

run();

If you'd like to override the default retry strategy for all operations that support retries, you can provide a retryConfig at SDK initialization:

import { Gr4vy } from "@gr4vy/sdk";

const gr4vy = new Gr4vy({
  retryConfig: {
    strategy: "backoff",
    backoff: {
      initialInterval: 1,
      maxInterval: 50,
      exponent: 1.1,
      maxElapsedTime: 100,
    },
    retryConnectionErrors: false,
  },
  merchantAccountId: "<id>",
  server: "sandbox",
  id: "example",
  bearerAuth: withToken({
    privateKey: fs.readFileSync("private_key.pem", "utf8"),
  }),
});

async function run() {
  const result = await gr4vy.accountUpdater.jobs.create({
    paymentMethodIds: [
      "ef9496d8-53a5-4aad-8ca2-00eb68334389",
      "f29e886e-93cc-4714-b4a3-12b7a718e595",
    ],
  });

  console.log(result);
}

run();

Summary

Gr4vy: The Gr4vy API.

Table of Contents

• Gr4vy TypeScript SDK
  • SDK Installation
  • Requirements
  • SDK Example Usage
  • Bearer token generation
  • Embed token generation
  • Merchant account ID selection
  • Webhooks verification
  • Available Resources and Operations
  • Error Handling
  • Server Selection
  • Custom HTTP Client
  • Authentication
  • SDK Installation
  • SDK Example Usage
  • Pagination
  • Retries
  • Standalone functions
  • Debugging
• Development
  • Testing
  • Contributions

Standalone functions

All the methods listed above are available as standalone functions. These functions are ideal for use in applications running in the browser, serverless runtimes or other environments where application bundle size is a primary concern. When using a bundler to build your application, all unused functionality will be either excluded from the final bundle or tree-shaken away.

To read more about standalone functions, check FUNCTIONS.md.

Available standalone functions

• accountUpdaterJobsCreate - Create account updater job
• auditLogsList - List audit log entries
• buyersCreate - Add a buyer
• buyersDelete - Delete a buyer
• buyersGet - Get a buyer
• buyersGiftCardsList - List gift cards for a buyer
• buyersList - List all buyers
• buyersPaymentMethodsList - List payment methods for a buyer
• buyersShippingDetailsCreate - Add buyer shipping details
• buyersShippingDetailsDelete - Delete a buyer's shipping details
• buyersShippingDetailsGet - Get buyer shipping details
• buyersShippingDetailsList - List a buyer's shipping details
• buyersShippingDetailsUpdate - Update a buyer's shipping details
• buyersUpdate - Update a buyer
• cardSchemeDefinitionsList - List card scheme definitions
• checkoutSessionsCreate - Create checkout session
• checkoutSessionsDelete - Delete checkout session
• checkoutSessionsGet - Get checkout session
• checkoutSessionsUpdate - Update checkout session
• digitalWalletsCreate - Register digital wallet
• digitalWalletsDelete - Delete digital wallet
• digitalWalletsDomainsCreate - Register a digital wallet domain
• digitalWalletsDomainsDelete - Remove a digital wallet domain
• digitalWalletsGet - Get digital wallet
• digitalWalletsList - List digital wallets
• digitalWalletsSessionsApplePay - Create a Apple Pay session
• digitalWalletsSessionsClickToPay - Create a Click to Pay session
• digitalWalletsSessionsGooglePay - Create a Google Pay session
• digitalWalletsUpdate - Update digital wallet
• giftCardsBalancesList - List gift card balances
• giftCardsCreate - Create gift card
• giftCardsDelete - Delete a gift card
• giftCardsGet - Get gift card
• giftCardsList - List gift cards
• merchantAccountsCreate - Create a merchant account
• merchantAccountsGet - Get a merchant account
• merchantAccountsList - List all merchant accounts
• merchantAccountsUpdate - Update a merchant account
• paymentLinksCreate - Add a payment link
• paymentLinksExpire - Expire a payment link
• paymentLinksGet - Get payment link
• paymentLinksList - List all payment links
• paymentMethodsCreate - Create payment method
• paymentMethodsDelete - Delete payment method
• paymentMethodsGet - Get payment method
• paymentMethodsList - List all payment methods
• paymentMethodsNetworkTokensCreate - Provision network token
• paymentMethodsNetworkTokensCryptogramCreate - Provision network token cryptogram
• paymentMethodsNetworkTokensDelete - Delete network token
• paymentMethodsNetworkTokensList - List network tokens
• paymentMethodsNetworkTokensResume - Resume network token
• paymentMethodsNetworkTokensSuspend - Suspend network token
• paymentMethodsPaymentServiceTokensCreate - Create payment service token
• paymentMethodsPaymentServiceTokensDelete - Delete payment service token
• paymentMethodsPaymentServiceTokensList - List payment service tokens
• paymentOptionsList - List payment options
• paymentServiceDefinitionsGet - Get a payment service definition
• paymentServiceDefinitionsList - List payment service definitions
• paymentServiceDefinitionsSession - Create a session for apayment service definition
• paymentServicesCreate - Update a configured payment service
• paymentServicesDelete - Delete a configured payment service
• paymentServicesGet - Get payment service
• paymentServicesList - List payment services
• paymentServicesSession - Create a session for apayment service definition
• paymentServicesUpdate - Configure a payment service
• paymentServicesVerify - Verify payment service credentials
• payoutsCreate - Create a payout.
• payoutsGet - Get a payout.
• payoutsList - List payouts created.
• refundsGet - Get refund
• reportExecutionsList - List executed reports
• reportsCreate - Add a report
• reportsExecutionsGet - Get executed report
• reportsExecutionsList - List executions for report
• reportsExecutionsUrl - Create URL for executed report
• reportsGet - Get a report
• reportsList - List configured reports
• reportsPut - Update a report
• transactionsCapture - Capture transaction
• transactionsCreate - Create transaction
• transactionsEventsList - List transaction events
• transactionsGet - Get transaction
• transactionsList - List transactions
• transactionsRefundsAllCreate - Create batch transaction refund
• transactionsRefundsCreate - Create transaction refund
• transactionsRefundsGet - Get transaction refund
• transactionsRefundsList - List transaction refunds
• transactionsSettlementsGet - Get transaction settlement
• transactionsSettlementsList - List transaction settlements
• transactionsSync - Sync transaction
• transactionsVoid - Void transaction

Debugging

You can setup your SDK to emit debug logs for SDK requests and responses.

You can pass a logger that matches console's interface as an SDK option.

[!WARNING] Beware that debug logging will reveal secrets, like API tokens in headers, in log messages printed to a console or files. It's recommended to use this feature only during local development and not in production.

import { Gr4vy } from "@gr4vy/sdk";

const sdk = new Gr4vy({ debugLogger: console });

You can also enable a default debug logger by setting an environment variable GR4VY_DEBUG to true.

Development

Testing

To run the tests, install NPM, ensure to download the private_key.pem for the test environment, and run the following.

npm install
npx vitest --testTimeout 8000

Contributions

While we value open-source contributions to this SDK, this library is generated programmatically. Feel free to open a PR or a Github issue as a proof of concept and we'll do our best to include it in a future release!

SDK Created by Speakeasy