SDKs

CDN bundle

The CDN bundle is the zero-framework integration path. Add a single <script> tag to your storefront page; the loader fetches the merchant SDK, mounts the Pay-with-Agent button, and posts the verified charge to your server endpoint.

Install

<script
  src="https://cdn.oid4pay.com/oid4ac-merchant/v1/loader.js"
  data-merchant-origin="https://shop.example.com"
  data-stripe-connect-acct="acct_..."
  data-charge-endpoint="/api/oid4ac/charge"
  defer
></script>

Element contract

Render a target element where the agent's mandate UI should mount:

<div
  data-oid4pay
  data-sku="test-pinata"
  data-amount-minor="1299"
  data-currency="EUR"
></div>

The bundle scans for [data-oid4pay] elements on DOMContentLoaded and again on oid4pay:rescan custom events. Each element renders an inline Pay-with-Agent button.

Configuration

data-* attribute	Purpose
`data-merchant-origin`	Your storefront origin. MUST match the JWKS at `/.well-known/jwks.json`.
`data-charge-endpoint`	Server route on your origin that calls `verifyMandate` + `charge` via the Node / Python / Go SDK.
`data-stripe-connect-acct`	Stripe Connect account id; surfaces in the mandate consent screen.
`data-env`	Optional. Set to `sandbox` to point at `sandbox.oid4pay.com`.
`data-locale`	Optional. `en` default; `nl`, `de`, `fr` ship in v1.

Events

The bundle emits browser events on every state transition:

Event	Detail payload
`oid4pay:mandate-ready`	`{ mandateId, spendCapMinor, currency }`
`oid4pay:charge-started`	`{ sku, amountMinor }`
`oid4pay:charge-succeeded`	`{ chargeId, stripePaymentIntentId }`
`oid4pay:charge-failed`	`{ code, message }`

Browser support

Chromium 120+, Firefox 122+, Safari 17.2+, Edge 120+. The bundle uses Web Crypto Ed25519 directly; legacy browsers fall back to the WASM tweetnacl bundle (loaded on demand only on those targets).

Content Security Policy

Content-Security-Policy:
  default-src 'self';
  script-src 'self' https://cdn.oid4pay.com;
  connect-src 'self' https://as.oid4pay.com https://cdn.oid4pay.com;
  frame-src https://wallet.oid4pay.com;

Subresource Integrity

Every published loader carries an SRI hash at the release manifest at /.well-known/oid4pay-version.json. For supply-chain-sensitive deployments, pin the SRI value:

<script
  src="https://cdn.oid4pay.com/oid4ac-merchant/v1/loader.js"
  integrity="sha384-..."
  crossorigin="anonymous"
></script>

Algorithm whitelist

The CDN bundle accepts ed25519 and ecdsa-p256-sha256 for signed offers; refuses HMAC, alg=none, and every other algorithm. JWT-AT verification accepts EdDSA only, per the algorithm whitelist.

Source

The bundle lives at sdks/cdn-oid4ac-merchant/ in the OID4Pay repo. Builds publish to cdn.oid4pay.com on every tagged release; the immutable URL at cdn.oid4pay.com/oid4ac-merchant/v1.0.0/loader.js is the long-tail-safe pin for production deployments.