Skip to main content
Bridge lets your app issue debit cards that spend stablecoins directly from a non-custodial or custodial wallets. Card creation is handled through Stripe Issuing, while Bridge manages customer identity, KYC, and onchain fund-pulling. When a cardholder makes a purchase, Bridge pulls funds from the linked wallet via an onchain approval. Before starting, set up a Bridge account and create Bridge customers by following the Bridge onramp and offramp recipe. This recipe covers:
  1. Creating a card via Stripe Issuing
  2. Setting up a token approval
  3. Handling card transaction webhooks

Setting up a Bridge account with Privy

Set up Bridge onramp and offramp flows with Privy.

Bridge + Stripe Issuing documentation

Official Bridge documentation for Stripe Issuing card integration.

Supported chains

Bridge supports the following chains for non-custodial card funding:

Create a card via Stripe Issuing

Bridge uses Stripe Issuing for card creation. Your app creates a Bridge customer with a cards endorsement, then issues the card through Stripe’s API.
A wallet can only be tied to one card. Bridge does not support issuing multiple cards that spend from the same wallet.

Request cards endorsement

After creating a Bridge customer, request the cards endorsement. The customer must complete KYC within 24 hours or the endorsement is revoked.
curl -X POST https://api.bridge.xyz/v0/customers/{customerID}/endorsements \
  -H "Api-Key: <BRIDGE_API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "endorsement_type": "cards"
  }'
Once approved, Bridge automatically creates a Stripe Cardholder and returns the stripe_cardholder_id on the customer object.

Create the card

Use the stripe_cardholder_id to create a card via Stripe’s Issuing API. Set the crypto_wallet parameters to link the card to the non-custodial wallet.
For Solana, provide the owner address (not the associated token account). Bridge automatically derives the token account from the owner address and currency.
curl -X POST https://api.stripe.com/v1/issuing/cards \
  -H "Authorization: Bearer <STRIPE_SECRET_KEY>" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "cardholder=ich_1234" \
  -d "currency=usd" \
  -d "type=virtual" \
  -d "status=active" \
  -d "crypto_wallet[chain]=solana" \
  -d "crypto_wallet[currency]=usdc" \
  -d "crypto_wallet[type]=standard" \
  -d "crypto_wallet[address]=BDkZQv1DqS7RJG5MZjVEP8FbN9Xvpf5b67kpi3765rQb"
On Solana, Bridge submits an onchain transaction to register the program delegate address for the wallet after the card is created.
Create the card before setting up the token approval. This ensures Bridge ties the address to the customer before your app submits any approvals onchain.

Set up token approval

After creating the card, the wallet must approve Bridge’s smart contract to pull funds during card transactions. Bridge provides a consolidated version of the Solana delegate approval logic in a GitHub Gist.

Set up the connection and transaction

Initialize a connection and a new transaction to contain the approval instructions.
import {Connection, Transaction, PublicKey, clusterApiUrl} from '@solana/web3.js';
import {
  getAssociatedTokenAddressSync,
  getAccount,
  createAssociatedTokenAccountInstruction,
  createApproveInstruction,
  TOKEN_PROGRAM_ID
} from '@solana/spl-token';

const connection = new Connection(clusterApiUrl('mainnet-beta'), 'confirmed');
const transaction = new Transaction();

const walletAddress = new PublicKey('BDkZQv1DqS7RJG5MZjVEP8FbN9Xvpf5b67kpi3765rQb');

Set up the ATA

Check whether the associated token account (ATA) exists for the wallet. If it does not, add an instruction to the transaction to create it.
const MINT_PUBKEY = new PublicKey(
  'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v' // USDC on Solana
);

const userAta = getAssociatedTokenAddressSync(
  MINT_PUBKEY,
  walletAddress,
  false,
  TOKEN_PROGRAM_ID // use TOKEN_2022_PROGRAM_ID if the currency requires it
);

try {
  await getAccount(connection, userAta, undefined, TOKEN_PROGRAM_ID);
} catch {
  transaction.add(
    createAssociatedTokenAccountInstruction(
      walletAddress,
      userAta,
      walletAddress,
      MINT_PUBKEY,
      TOKEN_PROGRAM_ID
    )
  );
}

Set up the delegate approval

Add an instruction that approves Bridge’s card program to spend from the ATA. Bridge assigns the MERCHANT_ID to your developer account during onboarding.
const PROGRAM_ID = new PublicKey('cardWArqhdV5jeRXXjUti7cHAa4mj41Nj3Apc6RPZH2');
const MINT_DECIMALS = 6;
const APPROVAL_AMOUNT = BigInt(100 * 10 ** MINT_DECIMALS); // Approve $100

const bridgeSdk = new BridgeSDK(PROGRAM_ID);
const [delegatePda] = bridgeSdk.findUserDelegatePDA(MERCHANT_ID, MINT_PUBKEY, userAta);

transaction.add(
  createApproveInstruction(userAta, delegatePda, walletAddress, APPROVAL_AMOUNT, [], TOKEN_PROGRAM_ID)
);

Send the transaction

Submit the transaction using Privy. Pass sponsor: true to enable Solana gas sponsorship, which handles the fee payer and recent blockhash automatically.The result is a delegate approval resembling this transaction.

Handle card transaction webhooks

The card is now ready to use. When a cardholder makes a purchase, Bridge publishes webhook events for both the card network authorization and the onchain transaction.
Cards created via Stripe Issuing also emit Stripe webhook events (issuing_authorization.created, issuing_transaction.created). See the Stripe Issuing webhooks documentation for details on handling these events.
Bridge submits transactions onchain at the time of card authorization, but they complete asynchronously. This results in two Bridge webhook events:

card_transaction.created

Bridge publishes this event when the card authorization occurs. It contains the authorization details but not yet the onchain transaction:
{
  "event_type": "card_transaction.created",
  "event_object_status": "approved",
  "event_object": {
    "id": "86d30f38-5ea0-402d-ad48-48003d3b3f29",
    "amount": "-10.0",
    "status": "approved",
    "category": "purchase",
    "currency": "usd",
    "customer_id": "2c21ddbb-cf34-4170-b9b2-076a3ed55de9",
    "merchant_name": "BRIDGE CAFE, SAN FRANCISCO, CA",
    "card_account_id": "3d698985-fbd4-4889-999a-4fa7bd578452",
    "authorization_infos": [
      {
        "amount": "-10.0",
        "network": "visa",
        "approval_status": "approved"
      }
    ]
  }
}

card_transaction.updated

Bridge publishes this event seconds later when the onchain transaction confirms. It includes crypto_details with the chain, amount, and transaction hash:
{
  "event_type": "card_transaction.updated",
  "event_object": {
    "id": "86d30f38-5ea0-402d-ad48-48003d3b3f29",
    "amount": "-10.0",
    "status": "approved",
    "authorization_infos": [
      {
        "amount": "-10.0",
        "crypto_details": {
          "chain": "solana",
          "amount": "10.0",
          "tx_hash": "618p4RWZ4UPe6uCeFo0BaRb2H4gSQJjLayDihFD7fERAnfyoxyMJQZc4WmKkPkLu7QHnXgpWp6pPUMqc2HzGqH3",
          "currency": "usdc"
        },
        "approval_status": "approved"
      }
    ]
  }
}
Bridge rejects an authorization if the onchain approval is inactive, the approved amount is insufficient, or the wallet lacks funds. Incremental authorizations trigger additional onchain transactions to cover the extra charge.
For the full list of webhook scenarios, see the Bridge card transaction webhooks documentation.