Payments has two access models today: UI access is team-wide, while API key access is environment-scoped.

Payments UI permissions follow the user's team permission.

 view wallets, balances, payments, and related resources across Payments environments.

 create/manage wallets, create API keys, and send/receive payments across all Payments environments in the team.

 manage billing-related settings and information.

 UI Write cannot be limited to only staging or only production within one team today. Environment-scoped Payments UI/JWT user access is tracked internally as 

Payments API keys are scoped to one environment and sent with the 

 create/manage wallets, create payments, and manage other writable resources in that environment.

 access billing or line-of-credit API operations where supported.

Create separate keys for staging and production.

 During development, you can optionally give developers team Write so they can create API keys, create/manage wallets, and monitor balances in the UI. Before production go-live, revoke developer team Write and issue production API keys with the exact environment-scoped permissions each service needs.

If developers need ongoing UI Write in staging after production is live, use a separate team boundary for staging vs production until environment-scoped UI permissions are available.

Use descriptive names that include the environment and purpose.

Restrict production keys by IP when possible.

Store keys in a secrets manager or environment variables.

Rotate keys when team membership or service ownership changes.

Restrict API key usage to specific IP addresses or ranges where possible. Leave the IP allowlist blank only when the key must be usable from any IP address.

Webhook shared secrets are separate from API keys. Store them securely and validate webhook signatures before processing events.

Node Security

Payments Access

Macaroons

Voltage Payments Documentation

Voltage Docs

How It Works

Credit-backed Setup