> ## Documentation Index
> Fetch the complete documentation index at: https://ownpay.org/docs/llms.txt
> Use this file to discover all available pages before exploring further.

> ## Agent Instructions
> OwnPay is licensed under AGPL-3.0 and is completely free - no licensing fees.
> Production docs URL: https://ownpay.org/docs - append .md to any page URL for clean markdown.
> OwnPay requires PHP 8.3+, MySQL/MariaDB, and Redis.
> MCP server available at https://ownpay.org/docs/mcp for programmatic documentation queries.
> Use root-relative links (e.g. /quickstart) for internal navigation - do NOT include /docs prefix.
> Plugin development: consult /developer/plugin-types/ pages for correct interfaces and manifests.

# Glossary - Payment Terms and OwnPay Terminology Reference

> Definitions of terms, acronyms, and product concepts used throughout the OwnPay ecosystem including brand, gateway, ledger, IPN, and merchant.

This glossary defines terms, concepts, and acronyms used throughout the OwnPay ecosystem, codebases, and documentation.

### A

**Addon**
A type of plugin that extends the core functionality of OwnPay. Addons can add new admin dashboard screens, register API endpoints, execute scheduled background jobs, create database tables, or add UI components.

**API Key**
A secret token used by external applications to authenticate with the OwnPay REST API. API keys use a Bearer authentication scheme, are prefixed with `op.`, and are restricted by scopes (`read`, `write`, `admin`). Plain key secrets are hashed at rest and are only visible once upon generation.

### B

**bcmath**
A PHP extension used for arbitrary-precision mathematics. OwnPay uses `bcmath` string operations for all ledger calculations and transaction amount calculations to avoid floating-point precision loss.

**Brand**
An isolated business entity or store configured within a single OwnPay installation. Each brand has its own isolated database scope (via `merchant_id`), domains, payment gateways, customers, invoices, and ledger accounts.

### C

**Checkout Token**
A short-lived, secure token (prefixed with `tok_`) generated when initiating a payment intent. It identifies the checkout session and is used to render the checkout page without exposing the permanent payment intent UUID.

**Companion App**
The mobile application used by administrators to pair physical devices with the OwnPay server. It allows synchronization of incoming push notifications and SMS messages to automatically match payments on manual mobile financial services.

### D

**DCO (Developer Certificate of Origin)**
A licensing mechanism used by open-source projects to certify that a contributor wrote the code themselves or has the right to submit it. Verified via a `Signed-off-by: Name <email>` trailer in the Git commit message.

**Double-Entry Ledger**
The financial accounting engine running inside OwnPay. Every movement of money is recorded as a balanced pair of debits and credits across ledger accounts, ensuring mathematical soundness.

### G

**Gateway Adapter**
A sandboxed PHP class implementing `OwnPay\Gateway\GatewayAdapterInterface` that bridges OwnPay's core payment flow with a specific external payment processor or gateway API.

### H

**Hook**
A point in the execution flow where plugins can register callbacks to alter behavior or perform actions. Follows the WordPress-style event pattern using **actions** (`doAction`) and **filters** (`applyFilter`).

### M

**Merchant API**
The REST API layer (`/api/v1/*`) used by merchant applications to interact with their configured brand gateway. Authenticated via merchant-specific API keys.

**Mobile Financial Services (MFS)**
Payment providers operating on mobile networks, popular in South Asia and other emerging markets (e.g., bKash, Nagad, Rocket).

### P

**Paired Device**
A physical mobile device linked to an OwnPay brand via a JWT token. Paired devices report heartbeats and transmit incoming SMS transaction notifications.

**Payment Intent**
A database object tracking the lifecycle of a payment session. It represents a user's intent to pay, stores state, and transitions to a transaction once payment is verified.

**Plugin Sandbox**
A security layer that performs static analysis on uploaded plugin source code. It scans for and blocks dangerous PHP function calls to ensure plugin security.

### S

**Scope**
A permission boundary assigned to an API key. Supported scopes are `read`, `write`, and `admin`.

**Super-Administrator**
The root platform administrator who owns and manages the OwnPay installation. Super-administrators can configure system-level variables, manage all brands, install plugins, and trigger updates.

### T

**Tenant Scope**
A query-level scope enforced within the database repositories that transparently filters database operations by `merchant_id`. Enforces strict brand isolation at the database layer.

**Theme**
A package residing under `modules/themes/` consisting of Twig templates, CSS, and JS assets used to customize the design and layout of the public customer checkout screen.

### W

**Webhook**
An asynchronous HTTP POST callback sent by OwnPay to a merchant's server to notify them of transaction state transitions. Webhooks are signed with an `X-OwnPay-Signature` header.

**White-Label Custom Domain**
A feature allowing each brand to use its own custom domain for public checkout flows. DNS queries are resolved by `DomainMiddleware` to swap brand parameters transparently.


## Related topics

- [OwnPay API Overview - REST API for Multi-Brand Payments](/docs/api/overview.md)
- [Developer Quickstart - Build Your First Payment Integration](/docs/developer/quickstart.md)
- [Retrieve Payment Details](/docs/api-reference/retrieve-payment-details.md)
- [Node.js SDK - TypeScript-First Payment Integration](/docs/developer/integration/nodejs.md)
- [Retrieve Transaction](/docs/api-reference/retrieve-transaction.md)
