Skip to main content
Not sure this is the right path? See Choosing Your Integration.

What is the Prava SDK?

The Prava SDK (@prava-sdk/core) is a lightweight browser library for securely collecting a card in your web app. It mounts a PCI-compliant iframe, handles the card entry and authentication inside it, and hands you back a safe result — the raw card number never touches your page, your JavaScript, or your servers.
The SDK is the client-side piece of a session-based integration. Your backend creates the session (see the API Reference); the SDK renders the secure card form for that session. If instead you want an AI agent to pay from the command line, use Prava Pay.
The SDK powers the embedded integration mode — Prava’s card UI inside your own page. Don’t want to embed? Use hosted mode (a redirect, no SDK). See Integration Modes to choose.

What it does (and doesn’t)

The SDK’s job is deliberately small — one secure operation, done well: Everything money-related — mandates, one-time payment credentials, spending limits — is enforced by Prava and the card network, not by code running in your page. See Payments and Guardrails for how that works.

Install

Quick start

1

Initialize with your publishable key

The publishable key is safe to ship to the browser. Your secret key stays on your server and is never used here.
2

Create a session on your backend

Your server creates a session with your secret key and returns the session_token and iframe_url to your frontend:
Full request/response details: Create Session.
3

Collect the card in the browser

See Collect Card Details for every option and callback.
4

Read the result on your backend

After the card is collected and the transaction runs, your backend reads the outcome and reports the final status. See Get Payment Result and Report Status.

API surface

The SDK exposes exactly two methods:

Authentication

Never put your secret key in client-side code or version control.

Result & error types

Error codes, every collectPAN option, and validation states are documented on Collect Card Details — the canonical collectPAN reference.

Requirements

  • Browsers: Chrome 80+, Firefox 80+, Safari 14+, Edge 80+.
  • Backend: Your server implements the session API (POST /v1/sessions) with your secret key.
  • Keys: Obtain publishableKey and secretKey from the Prava Dashboard.

Next steps

Collect Card Details

Every collectPAN option, callback, and validation state.

API Reference

Create sessions, read payment results, and report status server-side.

How Prava Works

The lifecycle behind a Prava payment.

Prava Pay (CLI)

Let an AI agent pay from the command line.