Topolo Pay

Authority

Service IDs:

Repos:

Hosts:

Dependencies: topolo-auth, topolo-nexus, topolo-p2p, applications-packages

Depends on Topolo Auth: yes

Contract Source

Type: curated

Source: PlatformApplications/TopoloDocs/src/content/public/applications/pay.mdx

Source exists: no

Canonical public and internal docs cover the payment worker, local webhook boundary, Nexus-routed outbound payment operations, the authenticated `GET /api/widget` live-workspace endpoint for TopoloOne, code-exchange-only admin SSO with in-memory access-token handling, and the worker-owned `/login` redirect that must run before the SPA fallback. TopoloPay resolves its environment-specific Auth service id from the Auth-owned service slug `topolo-pay` at runtime and exposes that identity through `GET /api/service-identity`; concrete production or staging `srv_*` ids are not app source constants. TopoloPay is also the only Stripe-mutating service for TopoloP2P settlement batches; P2P submits typed settlement requests to Pay and receives Pay status callbacks. Staging deploys build the admin bundle with `npm run build:admin:staging` and require explicit `AUTH_API_URL`, `NEXUS_GATEWAY_URL`, and `PAY_APP_URL` bindings so the staging worker fails closed instead of falling back to production hosts.

API key scopes in Auth catalog: 20

Auth Requirements

No global OpenAPI security scheme is declared.

• analytics.read
• audit.read
• customers.read
• customers.write
• dashboard.read
• invoices.read
• invoices.write
• merchants.read
• merchants.write
• payments.create
• payments.read
• reports.read
• settings.read
• settings.write
• settlements.write
• transactions.read
• transactions.refund
• transactions.write
• venues.read
• venues.write

Runtime and Deployment

Wrangler surfaces: none detected

Environment variables: none derived

Routes: workers.dev or Pages-only delivery

Observability enabled: no explicit signal found