Skip to content
hygge

Connect Whop

Generate your company-scoped Whop API key and let Hygge route payments straight to your account.

Last updated 2018-10-20

Hygge is a connector. Payments don't pass through us — they go directly into your Whop account, where you remain the merchant of record. To make that work, we need a Whop API key with company-level access.

Why we need this key#

Whop's API lets us:

  1. Create a one-shot payment plan when a buyer hits checkout
  2. Verify the payment on their webhook
  3. Look up your company info during onboarding (just to confirm the key is valid and grab your company_id)

We never charge anything outside the buyer's explicit checkout action. We don't have access to your bank info, payouts, or the underlying card data.

Get your API key#

  1. Open the Whop Developer dashboard

    Go to whop.com/dashboard/developer and find the Company API Keys section.

  2. Create a key

    Click Create. Name it Hygge Integration so you'll recognize it later if you ever audit your keys.

    Set the role to Admin. This grants the read/create permissions on products, plans, payments, and members that Hygge needs to operate.

  3. Copy and paste

    Whop shows the key once. Copy it immediately and paste it into the Hygge onboarding form. We validate it against Whop's API before saving — if there's a typo, you'll know on the spot.

What about the webhook signing secret?#

Hygge needs a Whop webhook to confirm payments. The signing secret for that webhook is collected later — after onboarding, from Dashboard → Integrations → Whop. Setup adds a webhook to your Whop developer dashboard pointing at our endpoint, and you paste the secret it generates back into Hygge.

We kept this out of onboarding to keep the wizard one input wide. Refund and retry sync can be wired up after your first sale.

Security#

Your API key and webhook secret are stored encrypted at rest. They're only ever read server-side, never exposed to the client. If you suspect a key is compromised, rotate it from the Whop dashboard and paste the new value into Hygge — the old one is overwritten.

What if the key is rejected?#

The most common error is using a user key instead of a company key. Whop generates two types; only the company-scoped one has the permissions Hygge needs. Look for apik_… in the developer dashboard's Company API Keys section — not user keys.

If you see "This key didn't validate" after pasting, double-check:

  • You're under Company API Keys, not personal keys
  • The role is Admin (or has explicit read+create permissions on products/plans/payments)
  • You copied the entire string with no leading/trailing whitespace

Still rejected? Email hello@payhygge.com and we'll help you sort it out.

Spotted a typo or wrong fact? hello@payhygge.com — we ship doc fixes the same day.