Skip to main content
How does OwnPay isolate multiple brands on a single server? How does a payment travel from your app to a gateway and back? This section explains OwnPay’s design so you can build effectively on top of it.
This section is for developers and technical evaluators who want to understand how OwnPay works internally. For task-oriented guides, see the User Guide.

Core concept guides

Browse these guides to understand how data is managed, how payments are routed, and how isolation is enforced.

Brands & Stores

How OwnPay isolates stores, credentials, ledgers, and custom domains using tenant scoping.

Payment Flow

The life cycle of a transaction, from creating payment intents via API to customer redirection, verification, and settlement.

Gateways & Routing

Understanding global gateway adapters, manual offline methods, fee rules, and currency conversion logic.

Webhooks & Events

How outbound event notifications are generated, signed (HMAC-SHA256), delivered, and retried.

User Roles & Permissions

System super-administrators vs. brand-scoped staff, and mapping RBAC permissions.

Architecture overview

At its core, OwnPay acts as an orchestrator sitting between your online application (merchant store) and payment networks (gateways).
Every database operation inside the core checks the active merchant_id to ensure strict tenant boundary safety.

See also

Last modified on July 15, 2026