Paddle Billing
Open Paddle Checkout from iOS apps. Learn moreOpen checkout from iOS. Learn more
Search
Home
Concepts
Build
Errors
Webhooks
API Reference
Paddle.js
Changelog
SDKs and Tools
Migrate
Home
Concepts
Build
Errors
Webhooks
API Reference
Paddle.js
Changelog
SDKs and Tools
Migrate
API Reference

Client-side tokens

Client-side tokens hold the details to authenticate Paddle.js in your frontend code.

Client-side tokens are needed to authenticate with Paddle.js.

You provide a token when initializing Paddle.js. Once initialized, you can take actions like previewing prices, opening checkouts, and running Retain workflows.

Looking to integrate Paddle in your backend? Use API keys instead. API keys must be provisioned through the dashboard.

You can create as many client-side tokens as you like — useful for when you have multiple Paddle.js integrations and need to differentiate between them.

Client-side token entities hold information like:

  • The name and description of the token to identify where and how it's used.
  • The token to authenticate with.

Revoking client-side tokens

You can revoke a client-side token by updating the token with a status of revoked. This prevents the token from being used to authenticate Paddle.js. Before you revoke the token, confirm it's no longer being used in production to prevent disruption.

Manage client-side tokens
Read more
Include and initialize Paddle.js
Read more
Paddle.Initialize() method guide
Read more

Attributes

idstring

Unique Paddle ID for this client-side token entity, prefixed with ctkn_. Not used for Paddle.js authentication; use token for authentication.

tokenstring

A client-side token, prefixed with test or live depending on the environment of your account. Pass as the token parameter when initializing Paddle.js to authenticate.

namestring

Short name of this client-side token. Typically unique and human-identifiable.

descriptionstring or null

Short description of this client-side token. Typically gives details about what the token is used for and where it's used.

statusstring

Status of this client-side token.

revoked_atstring<date-time> or null

RFC 3339 datetime string of when this client-side token was revoked. null if not revoked.

created_atstring<date-time>

RFC 3339 datetime string of when this entity was created. Set automatically by Paddle.

updated_atstring<date-time>

RFC 3339 datetime string of when this entity was updated. Set automatically by Paddle.

List client-side tokens
gethttps://api.paddle.com/client-tokens
Create a client-side token
posthttps://api.paddle.com/client-tokens
Get a client-side token
gethttps://api.paddle.com/client-tokens/{client_token_id}
Update a client-side token
patchhttps://api.paddle.com/client-tokens/{client_token_id}