Frequently Asked Questions

Do I need to change the URL when I change from my Sandbox account to Production?

No. The URL will always be whether in Testing or Production.

What is the difference between the webpayments token and api keys?

In Fattmerchant.js, the webpayments token is a public key that is used to enable your account to accept payments only. The api key is a secret key that allows you to hit all API routes (ex. charges, refunds, voids)

Since the webpayments token is public, does that pose any security risk to me?

No. Using your web payments token enables your account to accept payments, but never transactions issued on your behalf that would result in funds coming out of your account. All secure information goes through Fattmerchant.js so that no sensitive information is ever stored or exposed, keeping you PCI compliant.

Does Fattmerchant.js support using multiple credit cards for a split transaction?

Yes, but each credit card will have to be tokenized one at a time. You can then set up partial payments using those tokenized payment methods.

Can I save any information from the form that is generated with an instance of FattJs?

No. In order to stay PCI compliant, FattJs utilizes an iFrame which will not allow you to pull out any of the values that are entered in the form.

Can a tokenized payment method be used in more than one merchant account?

No. At this time, Stax offers a way to create payment tokens which can be used in a single merchant account only.

Can I set up webhooks to listen for events that happen in Stax?

Yes, Stax offers webhook capabilities for most events that occur in Stax API and Stax Pay. Please see the webhooks documentation for more information.

Which browsers does Fattmerchant.js support?

Fattmerchant.js supports all current major versions of Firefox, Safari, Chrome, and Edge. While Fattmerchant.js might run without major issues in other browsers, we do not actively test Fattmerchant.js in them and generally do not fix bugs that may appear in them.

Does Stax support Level 2 and Level 3 processing?

Yes, but availability varies per business, so in order to confirm if your account can be set up for Level 2 or Level 3 processing and to hear about your options, reach out to business support. If you are looking for the documentation relating to implementing Level 2 processing using Stax API, visit the docs here

I want to move my payment methods and customers to Stax from a previous payment processor, is this something Stax offers?

Every payment processor has their own rules when it comes to making payment method and customer tokens available to migrate to other payment processing vaults. As long as you can get the data from the previous processor, we can work with an encrypted file to securely transfer these tokens into Stax. Please speak with a payments representative for more details.


These are some common issues that you may run into while setting up an integration with Fattmerchant.js

Invalid Credentials / Token not provided Error Message

Confirm that your headers are set up correctly. Ensure there are no brackets or quotes around your api key. Authorization: Bearer insert_api_key_here Make sure that you are using the correct API Key (Sandbox vs Live Account)

Not seeing your Invoice or Customer?

Check to see that your token has the correct merchant associated. Visit and paste your token in the Debugger. You can view the merchant in the Decoded Payload section.

Error: You must be a system admin to perform this action

Some of the Stax API requires special access. Partners implementing Stax Enrollment API’s may see this error when the partner API key is not yet set up. If this happens, please speak with your partner support team.

Error: The selected payment_method_id is invalid

This invalid error message typically means the id that is being used is associated to a different merchant account. Please confirm the object that is being referenced is in the proper merchant account. You can check the payment method object for the merchant_id to ensure the api key that is being used matches to the same merchant.