Library

Transaction enrichment library for React

Use TxnKit as a transaction enrichment API from React. This page shows the safe request shape, a short code snippet, and the boundary for keeping sensitive data out of the integration.

Target intent

React applications that need transaction enrichment through a backend proxy.

TxnKit should not be called directly from untrusted React browser code with a secret API key.

Raw descriptor

SQ *JOES COFFEE 0421 TORONTO

Short React API snippet

const response = await fetch("/api/enrich-transaction", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ raw_description: "SQ *JOES COFFEE 0421 TORONTO" })
});

const enrichment = await response.json();

Keep API keys out of browser bundles. For frontend stacks, call a backend route or serverless function that owns the TxnKit request.

API-shaped output

{
  "input": {
    "descriptor": "SQ *JOES COFFEE 0421 TORONTO",
    "country": "CA"
  },
  "output": {
    "merchant_name": "Joes Coffee",
    "category": "Coffee shop",
    "confidence": "medium",
    "signals": [
      "processor_pattern",
      "merchant_alias",
      "category_hint"
    ],
    "warnings": [
      "review_low_confidence_matches_before_showing_logo"
    ],
    "logos": []
  }
}

Low-confidence results should keep fallback labels and warnings visible instead of forcing a guessed logo or website.

When to use

  • You are building in React and need one-descriptor merchant cleanup through an HTTP API.
  • Your app can keep the TxnKit API key on the server side or inside a trusted serverless function.
  • You need merchant display names, categories, confidence, signals, warnings, and logo-ready metadata.

When not to use

  • TxnKit should not be called directly from untrusted React browser code with a secret API key.
  • Do not use TxnKit to process card numbers, account numbers, full statements, bank credentials, emails, phone numbers, addresses, customer names, or customer PII.
  • Do not use TxnKit when the product requirement is guaranteed merchant identity, every-merchant resolution, or contracted uptime terms.

Proof surfaces

The public contract is POST /v1/enrich, backed by the OpenAPI file, benchmark examples, privacy rules, and deterministic request-path tests.

OpenAPI · Benchmark · Security · Pricing

Related pages