Access Control

Using Paid for Access Control


Paid helps companies get paid, but it also helps them manage their customers. You can use Paid to determine who has access to your product and who doesn't.


Before You Start

To successfully complete the tutorial, you need to do the following:

  • Sign up for a Paid account and your Test Key will be loaded into the samples below. When you're ready to invoice and receive real money, remember to switch to your Live API key.
  • Edit your account to enable different payment methods. Fill out the appropriate fields to allow ACH, Wire, Credit Card and Check payments.
  • Complete our Getting Started Guide. It will help you through issuing your first invoice.

Select your preferred language for the tutorial:

Preface: The Simplest Case

While Paid provides a lot of information on which to base access to your product, we will demonstrate the simplest case: someone has overdue payments. Let's take, for example, a platform to request design work. You are charged based on the number of hours required for your project, and you are given 30 days to pay from the time the project is completed.

Step 1: Setting it Up

You can use the Getting Started Guide to set up a customer and understand how to create transactions throughout the project. When the project is completed, you will generate and issue the invoice.

Step 2: Restrict Access

Again, in this example, we only care if a customer is overdue on a payment. This means, they have waiting 31 or more days to pay their invoice. We don't want them to be able to post any more work until they have caught up on their billing.

The first thing we need to do is query for the customer and check that their overdue_amount attribute isn't over 0. A couple things to note:

  • Paid always returns an integer >= 0 for overdue_amount.
  • Because Paid supports multiple currencies, the overdue_amount may not be a single currency. It is effectively the sum of each overdue payment in "cents" (or the base unit of each currency). This makes it possible to check for overdue_amount > 0.
  • We will use the external_id for our customer as demonstrated in the Getting Started Guide

The cURL version of the code simply retrieves the customer, while the other versions are more telling and provide more logic. We encourage you to view this page in a language other than cURL.

Check if Overdue

curl https://api.paidlabs.com/v0/customers/cus_DLjf9aDKE9ueDncz \
  -u  {YOUR API KEY}:

Check if Overdue Response

{
  "id": "cus_DLjf9aDKE8ekdncz",
  "object": "customer",
  "name": "Awesome Customer",
  "email": "hello@paidlabs.com",
  "external_id": "652",
  "address_line1": "2261 Market Street",
  "address_line2": "#567",
  "address_city": "San Francisco",
  "address_state": "CA",
  "address_zip": "94114",
  "phone": "4155069330",
  "allow_ach": true,
  "allow_check": true,
  "allow_credit_card": true,
  "allow_wire": true,
  "terms": 30,
  "billing_type": "invoice",
  "billing_cycle": "monthly",
  "stripe_customer_id": null,
  "overdue_amount": 1264700
  ...
}

Step 3: Toggle Access

Assuming you looked at an example other than cURL, you now have a variable access_control which allows you to restrict access based on whether the customer is overdue.

You can use this new variable in any way (disallow login, redirect to payment page, trigger an email, etc.).

Bonus: Redirect to Invoice

Should a customer be overdue, you can easily retrieve their overdue invoice and redirect them to it using the url parameter of the invoice response object. This is a great way to display payment notifications within your own UI.


You can now lock delinquent customers out of your product. Check out the full API Reference to see what more you can do with Paid.