3rd Party Integrations

Third-party integrations are built on the Spiffy Developer Platform — a dedicated environment designed for developers building products, tools, or services that other Spiffy merchants will use.

If you're building a plugin, an app, an agency tool, or any integration that will be installed or used by more than your own Spiffy account, this is your path.

Who this is for

• Developers building apps or plugins for the Spiffy ecosystem

• Agencies building tools they deploy across multiple client accounts

• SaaS products that integrate with Spiffy on behalf of their users

• Anyone building a publicly available or commercially distributed integration

If you're building something just for your own account — an internal script, a personal automation — see Private Integrations instead. The Developer Platform is not available for internal-only use.

How it works

Third-party integrations connect to Spiffy through OAuth 2.0. Rather than using a static API key, your application requests scoped access to a merchant's account, and the merchant explicitly grants that access through a standard authorization flow. This keeps merchant credentials secure and gives merchants visibility and control over what your integration can access.

For full details on implementing the OAuth flow, see Authentication.

Getting started: request developer access

Developer Platform access is not self-serve. To get started, reach out to the Spiffy team to request access.

Apply for developer access →

When you're approved, you'll receive:

• A sandbox account — a fully functional Spiffy environment for development and testing, isolated from any live merchant data

• Access to the Developer Platform dashboard — where you configure your OAuth client, manage credentials, and monitor your integration

• Enhanced logging — detailed request and event logs to help you debug and validate your integration

• Increased usage limits — traffic through your OAuth integration does not count against any individual merchant's plan limits

Setting up your OAuth client

Once you have Developer Platform access, configure your OAuth client in the Developer Platform dashboard:

1. Create a new application with a name and description

2. Register your redirect URI — the URL Spiffy will send merchants back to after authorization

3. Select the scopes your integration needs — request only what you need

4. Save your Client ID and Client Secret

From there, head to Authentication to implement the authorization flow in your application.

Usage limits

Traffic through the Developer Platform is tracked against your developer application's own allocations — separate from any individual merchant's plan limits. Your integration's API calls do not draw from any merchant's account quota. Specific rate limits and quotas are provided when your developer access is approved.

Limitations

• Not for internal use. The Developer Platform is for integrations that serve other Spiffy merchants. If you're building solely for your own account, use a Private Integration instead.

• Approval required. Developer Platform access is granted on request and subject to review.

• OAuth only. API keys are not supported for third-party integrations.

Ready to get started?

1. Request developer access

2. Configure your OAuth client in the Developer Platform dashboard

3. Implement the authorization flow — see Authentication

4. Test against your sandbox account

5. Reference the API Reference for full endpoint documentation