Payments / Onramp·Solana · EVM · Multi-chain
Coinflow
Stablecoin checkout and payouts for fintech and Web3: card / ACH / Apple Pay pay-ins that settle to USDC on Solana, Base, Polygon, or Ethereum, plus instant payouts to bank accounts and crypto wallets.
- 01card-to-stablecoin checkout
- 02USDC settlement on Solana / Base
- 03instant fiat payouts from a crypto balance
- 04subscription billing in stablecoins
- 05low-friction first-time crypto purchase
- pnpm add @coinflowlabs/react
- pnpm add @coinflowlabs/node
| Variable | Scope | Description |
|---|---|---|
| NEXT_PUBLIC_COINFLOW_MERCHANT_ID | Client | Public Coinflow merchant id used by the React `<CoinflowPurchase>` and `<CoinflowWithdraw>` components. |
| COINFLOW_API_KEY | Server | Server-side Coinflow API key used to mint signed JWTs for checkout sessions and to call payout endpoints. |
| COINFLOW_WEBHOOK_SECRET | Server | Shared secret used to verify the HMAC signature on Coinflow checkout / subscription webhooks. |
Use Coinflow for fiat-to-stablecoin checkout. Server-side, mint a session JWT with `COINFLOW_API_KEY` describing `subtotal`, `merchantId`, `wallet`, and the destination `blockchain` (`solana`, `base`, `polygon`, `eth`); pass the JWT to the client and mount `<CoinflowPurchase env="prod" merchantId={...} blockchain="solana" wallet={wallet} subtotal={{ cents: 1999 }} onSuccess={...} />` from `@coinflowlabs/react`. For payouts, render `<CoinflowWithdraw>` (KYC-gated cash-out to bank/card) or call the REST API at `https://api.coinflow.cash/api/checkout/...`. Listen to checkout webhooks (`payment.intent.succeeded`, `subscription.renewed`) and verify the `coinflow-signature` header with `COINFLOW_WEBHOOK_SECRET` before fulfilling.
- ⚑Crypto pay-ins are only supported through the Coinflow SDKs or hosted Checkout link — there is no pure REST flow that accepts on-chain crypto, so you cannot fully white-label the crypto-pay path.
- ⚑Card pay-ins clear instantly on-chain (settlement is T+0 in USDC) but the merchant payout to fiat is T+1–T+2 — communicate the right ETA per leg.
- ⚑Subscriptions require the wallet to pre-approve a spending allowance on-chain; on Solana this is a delegated authority on the token account, on EVM it is an `approve()` to a Coinflow router. Revoking the allowance silently breaks renewals.
- ⚑Sandbox uses `env="sandbox"` plus a separate sandbox merchant id; the live merchant id will render but never settle. Match env across both client component and server JWT.
- ⚑Geographic restrictions apply (US-heavy support, limited EU rails) and KYC for the cash-out side is gated by Coinflow's onboarding — your end users may be blocked even if your merchant account is approved.
- ⚑Network strings are case-sensitive (`solana`, `eth`, `base`, `polygon`) and the `wallet` address must be valid for the chosen chain — mismatches fail validation client-side rather than auto-routing.