rexedge/paystack-subscriptions
skills/paystack-subscriptions/SKILL.md
Paystack Subscriptions API — create, list, fetch, enable, disable subscriptions and manage card update links. Use this skill whenever implementing recurring billing, subscribing customers to plans, enabling or disabling auto-renewal, generating card update links for expiring cards, or handling subscription lifecycle events. Also use when you see references to subscription_code, SUB_ prefixed codes, email_token, or the /subscription endpoint.
$ install --global
skillsauthnpx skillsauth add rexedge/paystack paystack-subscriptionsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 12, 2026, 2:11 AM16.7s1 file scanned
SKILL.md
- name:
- paystack-subscriptions
- description:
- >-
Paystack Subscriptions
The Subscriptions API lets you create and manage recurring payments. A subscription links a customer to a plan and charges them automatically at the plan's interval.
Depends on: paystack-setup for the
paystackRequesthelper.
Related: paystack-plans for creating plans, paystack-customers for customer management.
Endpoints
| Method | Endpoint | Description |
| --- | --- | --- |
| POST | /subscription | Create a subscription |
| GET | /subscription | List subscriptions |
| GET | /subscription/:id_or_code | Fetch a subscription |
| POST | /subscription/enable | Enable a subscription |
| POST | /subscription/disable | Disable a subscription |
| GET | /subscription/:code/manage/link | Generate card update link |
| POST | /subscription/:code/manage/email | Email card update link |
Create Subscription
POST /subscription
| Param | Type | Required | Description |
| --- | --- | --- | --- |
| customer | string | Yes | Customer email or customer code |
| plan | string | Yes | Plan code (e.g. PLN_gx2wn530m0i3w3m) |
| authorization | string | No | Specific authorization code (uses most recent if omitted) |
| start_date | string | No | First debit date in ISO 8601 (e.g. 2024-05-16T00:30:13+01:00) |
const subscription = await paystackRequest<{
subscription_code: string;
email_token: string;
status: string;
amount: number;
}>("/subscription", {
method: "POST",
body: JSON.stringify({
customer: "CUS_xnxdt6s1zg1f4nx",
plan: "PLN_gx2wn530m0i3w3m",
start_date: "2024-06-01T00:00:00+01:00", // Optional: delay first charge
}),
});
// subscription.data.subscription_code → "SUB_vsyqdmlzble3uii"
// subscription.data.email_token → "d7gofp6yppn3qz7" (needed for enable/disable)
List Subscriptions
GET /subscription
| Param | Type | Required | Description |
| --- | --- | --- | --- |
| perPage | integer | No | Records per page (default: 50) |
| page | integer | No | Page number (default: 1) |
| customer | integer | No | Filter by Customer ID |
| plan | integer | No | Filter by Plan ID |
const subscriptions = await paystackRequest("/subscription?perPage=20&page=1");
Fetch Subscription
GET /subscription/:id_or_code
Returns full subscription details including invoices, customer, plan, and authorization objects.
const sub = await paystackRequest(
`/subscription/${encodeURIComponent("SUB_vsyqdmlzble3uii")}`
);
Enable Subscription
POST /subscription/enable
Re-enable a previously disabled subscription.
| Param | Type | Required | Description |
| --- | --- | --- | --- |
| code | string | Yes | Subscription code |
| token | string | Yes | Email token (from create response or fetch) |
await paystackRequest("/subscription/enable", {
method: "POST",
body: JSON.stringify({
code: "SUB_vsyqdmlzble3uii",
token: "d7gofp6yppn3qz7",
}),
});
Disable Subscription
POST /subscription/disable
Disable auto-renewal for a subscription. Same params as enable.
await paystackRequest("/subscription/disable", {
method: "POST",
body: JSON.stringify({
code: "SUB_vsyqdmlzble3uii",
token: "d7gofp6yppn3qz7",
}),
});
Generate Update Subscription Link
GET /subscription/:code/manage/link
Generate a link for the customer to update their card on a subscription. Useful when cards are about to expire — listen for subscription.expiring_cards webhook.
const result = await paystackRequest(
`/subscription/${encodeURIComponent("SUB_vsyqdmlzble3uii")}/manage/link`
);
// result.data.link → "https://paystack.com/manage/subscriptions/..."
Send Update Subscription Link via Email
POST /subscription/:code/manage/email
Automatically emails the customer a link to update their card.
await paystackRequest(
`/subscription/${encodeURIComponent("SUB_vsyqdmlzble3uii")}/manage/email`,
{ method: "POST" }
);
Full Subscription Flow
// 1. Customer pays (creates authorization via checkout/charge)
// 2. Create subscription using customer's authorization
const sub = await paystackRequest("/subscription", {
method: "POST",
body: JSON.stringify({
customer: "[email protected]",
plan: "PLN_gx2wn530m0i3w3m",
}),
});
// 3. Store email_token for later management
const { subscription_code, email_token } = sub.data;
// 4. Handle webhook events for subscription lifecycle
// - invoice.create: 3 days before charge
// - invoice.update: after successful charge
// - invoice.payment_failed: charge failed
// - subscription.disable: subscription disabled
// - subscription.not_renew: set to non-renewing
// - subscription.expiring_cards: monthly card expiry notice
// 5. Customer wants to cancel
await paystackRequest("/subscription/disable", {
method: "POST",
body: JSON.stringify({ code: subscription_code, token: email_token }),
});
// 6. Customer wants to resume
await paystackRequest("/subscription/enable", {
method: "POST",
body: JSON.stringify({ code: subscription_code, token: email_token }),
});
Important Notes
- A customer must have at least one valid authorization (from a previous charge) before subscribing
- The
email_tokenis essential for enable/disable operations — store it when creating subscriptions - Use
start_dateto delay the first charge (e.g. for free trial periods) - Plan updates with
update_existing_subscriptions: truepropagate to active subscriptions - Listen for
subscription.expiring_cardswebhook to proactively send card update links
Related Skills
rexedge/paystack-webhooks
development
VerifiedTrustedCommunity
Paystack webhook integration — signature validation with HMAC SHA512, event parsing, IP whitelisting, retry policy, and all supported event types. Use this skill whenever setting up a webhook endpoint for Paystack, validating x-paystack-signature headers, handling charge.success or transfer.success events, debugging webhook delivery failures, implementing idempotent event processing, or building any server-side Paystack event listener. Also use when encountering webhook timeout issues or needing the list of Paystack webhook IP addresses.
1SKILL.mdUpdated Apr 12, 2026
rexedge/paystack-verification
tools
VerifiedTrustedCommunity
Paystack Verification API — KYC verification tools for resolving bank accounts, validating account ownership, and looking up card BIN information. Use this skill whenever verifying bank account details before transfers, confirming account holder names, validating customer identity for compliance, looking up card brand/type/bank from BIN, or implementing KYC flows. Also use when you see references to /bank/resolve, /bank/validate, /decision/bin endpoints, or need to match account numbers to names.
1SKILL.mdUpdated Apr 12, 2026
rexedge/paystack-transfers
development
VerifiedTrustedCommunity
Paystack Transfers API — send money to bank accounts and mobile wallets. Initiate single and bulk transfers, finalize OTP-verified transfers, list, fetch, and verify transfer status. Use this skill whenever implementing payouts, disbursements, vendor payments, withdrawal flows, or any feature that sends money from your Paystack balance to recipients. Also use when you see references to transfer_code, TRF_ prefixed codes, the /transfer endpoint, or need to handle transfer OTP verification.
1SKILL.mdUpdated Apr 12, 2026
rexedge/paystack-transfer-recipients
development
VerifiedTrustedCommunity
Paystack Transfer Recipients API — create, list, fetch, update, and delete transfer recipients (beneficiaries) for payouts. Supports NUBAN (Nigeria), GHIPSS (Ghana), Mobile Money, BASA (South Africa), and authorization-based recipients. Use this skill whenever adding bank accounts or mobile wallets as payout destinations, creating transfer recipients before initiating transfers, managing beneficiary lists, or doing bulk recipient creation. Also use when you see references to recipient_code, RCP_ prefixed codes, or the /transferrecipient endpoint.
1SKILL.mdUpdated Apr 12, 2026