ShiftxPay
Connectors

Peach

Per-merchant Peach accounts.

The Peach connector runs on a per-merchant model: each shop connects its own Peach account. There is no shared platform account — every merchant brings their own credentials and their own webhook signing key.

The per-merchant model

  • Own credentials. Each merchant enters their Peach OAuth credentials (entity id, access token, and webhook key) in the admin console. They are encrypted at rest and decrypted per call; ShiftxPay holds no per-merchant connector state in the driver itself.
  • Own webhook + signing key. Each merchant has a dedicated webhook URL signed with their own key (see below).
  • Card stays browser → PSP. The card is collected inside the Peach embedded widget. ShiftxPay holds only the checkout reference and brand/last4 — never a PAN.

Surface

The Peach connector supports a single surface:

  • peach-embedded — the Peach embedded widget. The SDK loads the merchant's Peach checkout script and mounts the widget, which renders the configured payment methods. The widget owns its own pay button and reports completion back to the SDK, which then finalizes the payment server-side.

Redirect-based methods (instant EFT, some wallets) are handled inside the widget — there is no separate redirect surface for Peach. A merchant can restrict and order the methods the widget shows via their connector's payment- method options (include / exclude / ordering).

Webhooks

Each merchant connector has its own inbound webhook URL, keyed by the merchant connector's public id (mco_...):

POST /v1/webhooks/peach/{mco_id}

The {mco_id} in the path tells the gateway which merchant connector — and therefore which signing key — the notification belongs to, so each merchant's events are verified with that merchant's own key before any state change.

What you need to know as an integrator

  • Each merchant must connect their own Peach account (OAuth credentials) and configure their own webhook in the Peach dashboard pointing at their /v1/webhooks/peach/{mco_id} URL.
  • Per-merchant connectors require the platform credential-encryption key to be configured; without it, Peach connectors are disabled.
  • Treat your outbound webhook as the source of truth for the final payment state.

Connectors

How ShiftxPay speaks to PSPs.

Webhooks

Receive and verify signed payment events on your server.

On this page

The per-merchant modelSurfaceWebhooksWhat you need to know as an integrator