B2C Subaccount Onboarding API
This API is exclusively available for B2C clients
Partners whose end users are individuals or unregistered businesses (i.e., without a legal business entity). A Brick account can only be configured for either B2B or B2C mode, not both.
The B2C Subaccount Onboarding API enables Brick partners to programmatically create and manage sub-accounts for their end users. It's ideal for platforms serving creators, freelancers, or small business owners.
This API replaces manual onboarding flows and supports the full account provisioning lifecycle, including automated API key generation, secure credential management, and streamlined subaccount setup.
Key Features
- Create sub-accounts programmatically via API
- Automatically generate secure
client_key
andclient_secret
- Regenerate credentials if compromised or expired
- Upload a public key for verifying client-signed requests
- Bearer Token Authentication for all endpoints
- Standardized error responses
API Endpoints
Before diving into the endpoints, ensure you review and understand how to generate the X-Signature used in the request header. You can read the guide here.
-
Uploads a public key used to verify encrypted or signed communications from the client to Brick.Setup your Public Key
This step is required before creating subaccounts.
📘 The uploaded public key must be in PEM format and must match the private key held by your system for signing payloads. See API Reference: Setup Public Key API -
Creates a new sub-account with a custom name, sub-account code, and optional logo. See the details on [B2C Client] Create Subaccount API reference.Create Subaccount -
Use this endpoint to rotate API keys for a sub-account. See the details on [B2C Client] Regenerate API Key API reference.Regenerate API Keys
⚠️ Error Handling
The API returns standardized error messages for easier troubleshooting:
Error Response
The API returns standardized error messages for easier troubleshooting
HTTP Code | Message | Description |
---|---|---|
400 | Invalid Request | Missing required fields, malformed input |
400 | Image Too Large | Uploaded image exceeds the allowed size limit |
401 | Unauthorized | Invalid token or missing Bearer token |
404 | Subaccount Not Found | The requested subaccount does not exist. |
403 | Forbidden | Action not allowed for current account type or status |
403 | Public Key Not Found | Public Key has not been uploaded by the client |
409 | Conflict | Duplicate subaccount code |
429 | Rate Limit Exceeded | Too many requests |
500 | Internal Server Error | System failure—retry later |
Updated 1 day ago