Setup

Get started with BT AI by creating your account, setting up your project, and configuring your API keys for secure JWT-based authentication.

Account Setup and Provisioning

1. Contact Support for Account Setup

To get started with BasisTheory AI, contact our support team who will provision your account with:

  • Project ID - Unique identifier for your integration
  • RSA Key Pair - Private key for JWT signing and public key for verification
  • Environment Access - Sandbox and/or production environment permissions
  • Documentation Access - Complete integration guides and API reference

Contact: support@basistheory.com

What to Include in Your Request:

  • Business name and contact information
  • Intended use case (payment processing, verification, etc.)
  • Required environments (sandbox for testing, production for live use)
  • Expected integration timeline

2. Receive Your Credentials

Our support team will provide you with:

  • Project ID: Used as the iss claim in your JWTs
  • Key ID: Used in JWT headers for key identification
  • RSA Private Key: For signing JWTs (PEM format)
  • RSA Public Key: For verification reference (stored on our servers)

Example credentials format:

{
  "projectId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "keyId": "550e8400-e29b-41d4-a716-446655440000", 
  "algorithm": "RS256",
  "publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhki...",
  "privateKey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBg..."
}

Private Key Storage and Security

Secure Storage Recommendations

DO:

  • Store private keys in secure environment variables
  • Use cloud key management services (AWS KMS, Azure Key Vault, Google Secret Manager)
  • Implement proper access controls and audit logging

DON’T:

  • Store private keys in source code repositories
  • Include keys in client-side code or configuration files
  • Share private keys via email, chat, or other unsecured channels
  • Use the same key across multiple environments

Key Management and Security

Key Rotation

For key rotation or security concerns:

  1. Contact Support - Request new RSA key pairs through support@basistheory.com
  2. Planned Rotation - Support can schedule key rotation with advance notice
  3. Emergency Rotation - 24/7 support available for security incidents
  4. Overlap Period - Support ensures smooth transition with no service disruption

Security Incident Response

If you suspect a key compromise:

  1. Immediately contact support at support@basistheory.com
  2. Disable old keys - Support can immediately deactivate compromised keys
  3. Issue new keys - New RSA key pairs generated and deployed
  4. Update applications - Deploy new keys to your backend systems

Next Steps

Congratulations! You’ve successfully completed the initial setup for BT AI. With your account configured and API keys ready, you’re now prepared to implement payment collection and processing.

Immediate Next Steps

  1. Collect Payment Methods - Your next step is to learn how to create JWTs and initialize the React SDK for secure payment data collection. This guide will walk you through:
    • Installing the correct React SDK package (@basis-theory-ai/react@beta)
    • Creating JWTs with the proper payload structure
    • Initializing the SDK with your JWT
    • Setting up the BasisTheory provider and hooks
    • Handling payment method creation and validation

After Payment Collection

  1. Browser Checkout - Once you can collect payment methods, implement checkout flows that use existing payment methods for a seamless user experience.

  2. API Checkout - For advanced use cases, learn to generate virtual cards and handle purchase intent verification for server-side payment processing.