Developers Β· Restricted
Partner dashboard
Approved partners integrate server-side with issued API keys. End-user flows (Passport, Cielo, Verify) never expose or request partner keys.
Admin access required
Partner API keys are issued at /admin/partners and used from your backend only β never in the browser for guest flows.
Verification requests (Step 4)
Create consent URLs server-side with POST /api/v1/verification-requests. Holders approve at the returned consent_url β session-authenticated, no API key in the browser.
First-party browser flows
Cielo verified-rate and Passport use signed browser sessions. The server evaluates cielo-verified-guest-v1 internally β guests are never asked for an API key.