Developer & API terms

These terms govern access to our APIs, SDKs, webhooks, sandbox environments, and developer dashboard. They apply alongside your NextPayment business agreement. By generating or using an API key you agree to these terms.

API keys are secrets. Do not embed them in client-side code or public repositories. You are responsible for all activity performed using keys issued to your account and should rotate keys if you suspect they have been exposed.

We apply rate limits to protect platform stability. Limits are published in our developer documentation and may be increased on request for legitimate workloads. We may throttle or block requests that appear abusive.

When you retrieve customer data through the API you must process it in line with our Privacy Notice, your Data Processing Agreement, and applicable law. You must not use data accessed via the API to build competing services or to profile users for purposes unrelated to your product.

Endpoints are versioned. We publish a deprecation notice at least 12 months before retiring a stable version, and we work with you to plan migrations. Breaking changes to stable endpoints follow the same notice period.

We may suspend or revoke API access if we detect abuse, security threats, breach of these terms, or if required by law. We will restore access as soon as the issue is resolved.