Two token paths, one API
Your own account
API credentials → Your tokenYou use API keys to mint a User Access Token for your account.A customer's account
OAuth grant → Their tokenCustomers authorize your app, and Fluz returns a token scoped to their account.From there,
createVirtualCard is createVirtualCard — no separate platform API to learn.Onboard and connect customers
Create your OAuth app
Configure your app, redirect URIs, and scopes in the dashboard. Create an OAuth app →
Register or connect the customer
New customers: register individuals or businesses with built-in KYC and KYB. Existing Fluz users: send them through the grant flow. User registration → · KYC verification →
Exchange the grant for a token
The customer authorizes your app; you exchange the code for a token scoped to their account. Grant flow → · Exchange the code →
Run the APIs you already know
Send the customer-scoped token instead of your own. Everything else is identical. Refresh tokens →