Overview
The Interledger Merchant API is the control plane for the Interledger POS + Cards ecosystem. It manages merchant identity, configuration, location structure, POS terminal lifecycle and terminal onboarding metadata in a way that is secure, auditable and scalable.
The Merchant API answers operational questions like:
- Who is allowed to accept payments?
- At which locations?
- On which terminals?
- With which cryptographic identity and configuration?
This system is designed to be a source of truth for merchant and terminal configuration without becoming part of the payment transaction “data plane”.
What this project is not?
Section titled “What this project is not?”This project is not
- Payment processor
- Card authorization engine
- Transaction siwtch and/or router
- Clearing and settlement system
- System that stores, processes or transmits cardholder data
Keeping the distinction strict is how we protect PCI scope, reduce risk and keep architecture maintainable.
Design principles
Section titled “Design principles”- Control plane and never a data plane: configuration and lifecycle only.
- Explicit boundaries: what’s in scope and out of scope is documented and enforced.
- Domain-first: business rules live in the domain layer not in handlers or SQL.
- HSM as authority: cryptographic operations are delegated, not reimplemented.
- Auditability by default: we prefer designs that are explainable, inspectable and provable.