Introduction

gstable-js is the official Node.js 18+ client for the GStable Payment API. It gives you:

Typed resources — GStableClient exposes namespaces that mirror API areas (products, payment links, checkout sessions, webhooks, accounts, public capabilities).
Zero runtime dependencies — uses the platform fetch; ships ESM and CJS with TypeScript declarations.
Envelope handling — parses the standard { code, message, data } response, returns data on success, and throws GStableError (or subclasses) on failure.
Two HTTP modes — authenticated calls to the private base URL, and public calls (no Authorization) for capability discovery.

Architecture (mental model)

GStableClient validates apiKey and constructs GStableHttp plus one *Resource instance per API domain (product, account, payment link, capability, checkout session, webhook).
Most resource methods call http.requestJson against the private base URL with a Bearer token.
client.capability.all() uses http.requestPublicJson against publicBaseUrl and does not send an Authorization header for that call.

Dashboard-only flows — Creating or editing merchant accounts is not available in the public API; client.account is read-only (list + detail).
Browser-first bundles — The package targets Node 18+. For browser apps, call your backend that uses the SDK, or proxy calls from a trusted server.
Webhook signature verification helpers — The SDK manages webhook endpoints via the management API (create, update, refreshKey, and so on). Verifying inbound HTTP callbacks from GStable is an application responsibility (use your stack’s crypto and the signing rules in the API docs).

Requirement	Detail
Node.js	≥ 18 (global `fetch`).
API key	Secret key from the dashboard; never commit to git.

Request/response field definitions — API documentation.
Method ↔ path mapping — Client overview and the resource pages under API reference.