Guides

Onboarding

Get your BEEM tenant provisioned and the first user signed in.


BEEM provisions a tenant for each merchant after the Master Service Agreement is signed. This page covers the technical onboarding: what BEEM needs from you to set up the account, and what the first user does after the welcome email arrives.

📘

Compliance is separate

The KYC / KYB review and commercial agreement run in parallel with — and before — the steps below. Your account manager will confirm when technical onboarding can begin.

Environments

BEEM runs two fully isolated environments. Sandbox is recommended before production so integrations can be validated end-to-end against the real API surface. Please contact technical support to obtain production and sandbox related URL's.

🚧

Sandbox and production are independent

Credentials, wallets, contacts and webhook endpoints do not carry across environments. Anything created in sandbox must be re-created in production.

Step 1 — Information BEEM needs

Provide the following to your account manager so the tenant can be provisioned:

  1. Environments required — sandbox, production, or both. Production is always provisioned. Sandbox is optional but recommended for any new integration.
  2. Account name — the legal entity that signed the Master Service Agreement. This name appears on the tenant and cannot be changed later without a support ticket.
  3. Initial user (Owner) — the first administrator on the account:
    • First name
    • Last name
    • Email address

The Owner can invite additional users from the Portal once their own login is set up.

Step 2 — First-time login

Once BEEM provisions the account, the Owner receives a welcome email with a link to set their password and enroll a second factor.

Sender addresses:

⚠️

The activation link is single-use and expires in 72 hours

Opening the link starts the activation flow — it cannot be opened, paused, and resumed later from the same email. If the link expires or is opened by mistake, contact your account manager to have a new one issued.

The activation flow asks for two things:

  1. A password — meeting the Portal's strength requirements.
  2. A second factor — either a passkey or a one-time password (OTP) authenticator app.
📘

Choosing a second factor

If the user is not already comfortable with passkeys, use the OTP method (e.g. Google Authenticator, 1Password, Authy). It is the most reliable across devices.

If the welcome email is not in the primary inbox, check the spam or junk folder before requesting a re-send.

After the password and second factor are set, the Owner can sign in to the Portal at the URL for the relevant environment.

What's next

Authentication

Generate API keys, scope them, and make your first authenticated request.