1.2. Card Not Present API (Mobile Device)¶
1.2.1. General information¶
Participants¶
Quick integration guide¶
- Optional consumer authentication is used to create {accessToken}, which is required in integration of any transaction type.
- Transaction types supported in DAPI at the moment: Card verification, Sale, Money transfer.
- Signature computation contains information and debugging tool for request-response signatures in DAPI.
- Merchant Callbacks implementation is the most appropriate way to get transaction’s status for Merchant’s server.
- Depending on the integration, Alternative cardholder authentication (non3D) can be used for cards without support of 3-D Secure technology. For details, please contact your Support manager.
- Example code and SDK contains integration solutions for Merchant’s server, Android and iOS platforms.
Optional consumer authentication¶
Alternative cardholder authentication (non3D)¶
1.2.2. Card verification¶
DAPI allows Consumer to make transfer and sale transactions easier with a single verification process. During the process, the card is being validated by Apropay, authenticated with 3DS/non-3DS by EFT and then mapped to reference on Merchant’s server. It allows Consumer to avoid entering card data for each transfer or sale transaction. Integration is based on HTTP POST requests/responses with JSON data. You may see the general flow process below:
Initiate verification¶
To initiate card verification, Merchant’s app sends {accessToken} with other device parameters to Merchant’s server. These parameters are used to start a session with unique random {nonce} and encrypted {signature}. In response Merchant’s server also provides information about {invoiceId} in merchant’s system and {endpointId} in Apropay.
Initiate verification request is sent by Merchant’s app through HTTPS POST to URL in the following format (provided by merchant)
https://proxy.merchantserver.com/verification/initiate-verification
Request body
In the request body, supply data with the following structure:
{
"consumer": {
"device": {
"imei": "string",
"serialNumber": "string"
},
"ipAddresses": ["string"]
},
"location": {
"lat": "double",
"lng": "double"
},
"session": {
"accessToken": "string"
},
"transaction": {
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
transaction | object | |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
Optional properties | ||
consumer.device.imei | string(14-16) | Consumer’s device international mobile equipment identity |
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
consumer.ipAddresses | list | Consumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Consumer’s IP address |
Initiate verification response
If successful, this method should return the following response body:
{
"endpointId": "string",
"invoiceId": "string",
"session": {
"nonce": "string",
"signature": "string"
}
}
Property name | Value | Description |
---|---|---|
endpointId | string | Entry point identifier for verification transaction |
invoiceId | string | Verification transaction identifier |
session | object | |
session.nonce | string | Unique random string generated by Merchant’s server |
session.signature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of accessToken, consumer.device.serialNumber, endpointId, session.nonce, invoiceId and transaction.currency |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
}
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
Perform validation¶
Perform validation request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/verification/{endpointId}/{invoiceId}
Request body
In the request body, supply data with the following structure:
{
"billing": {
"address": {
"city": "string",
"country": "string",
"postcodeZip": "string",
"state": "string",
"street": "string",
"street2": "string"
},
"phone": "string"
},
"consumer": {
"birthDay": "string",
"device": {
"imei": "string",
"serialNumber": "string"
},
"email": "string",
"ipAddresses": ["string"]
},
"location": {
"lat": "double",
"lng": "double"
},
"order": {
"description": "string",
"siteUrl": "string",
"purpose": "string"
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string"
},
"sourceCard": {
"expiry": {
"month": "integer",
"year": "integer"
},
"holder":{
"firstName": "string",
"lastName": "string"
},
"number": "string",
"securityCode": "string"
},
"transaction": {
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
consumer.email | string(3-128) | Сonsumer’s email address |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
session.nonce | string(32-128) | Value received in Initial verification response |
session.signature | string(32-128) | Value received in Initial verification response |
sourceCard | object | |
sourceCard.expiry | object | |
sourceCard.expiry.month | integer(2) | Source Card expiration month |
sourceCard.expiry.year | integer(4) | Source Card expiration year |
sourceCard.holder | object | |
sourceCard.holder.firstName | string(1-50) | Cardholder’s first name |
sourceCard.holder.lastName | string(1-50) | Cardholder’s last name |
sourceCard.holder.printedName | string(1-50) | Cardholder’s printed name (first and last name together). May be used instead of firstName + lastName |
sourceCard.number | string(9-19) | Source card number (PAN) |
sourceCard.securityCode | string(3-4) | Source card security code (CVV) |
transaction | object | |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
Optional properties | ||
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
billing | object | |
billing.address | object | |
billing.address.city | string(1-100) | City name |
billing.address.country | string(3) | ISO alpha3 country code |
billing.address.postcodeZip | string(1-10) | ZIP post code |
billing.address.state | string(2-3) | State is used if present. For example, Los Angeles is in CA state |
billing.address.street | string(1-50) | Street is used for district names and street names |
billing.address.street2 | string(1-50) | Street 2 is used for long addresses. Usually it contains apartment and building № |
billing.phone | string(1-20) | Customer’s contact phone number |
consumer.birthDay | string(8) | Сonsumer’s birth day in “ddMMyyyy” format |
consumer.device.imei | string(14-16) | Сonsumer’s device international mobile equipment identity |
consumer.ipAddresses | list | Сonsumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Сonsumer’s IP address |
order | object | |
order.description | string(128) | Brief transaction description. May be mandatory for certain Acquirer Banks |
order.siteUrl | string(128) | URL of website associated with the transaction |
order.purpose | string(128) | May be used for better transaction control or additional checks |
Perform validation response
If successful, this method returns the following response body:
{
"invoiceId": "string",
"session": {
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Verification transaction identifier |
session | object | |
session.token | string | The session token of verification transaction |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: INVALID_REQUEST ,
INVALID_CONFIGURATION , INTERNAL_ERROR , PROCESSING_FAILED |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Verification transaction identifier |
Perform validation debug¶
For integration purposes you may use E-Commerce test cards to generate random card numbers. Parameters with light red background are mandatory.
Check verification¶
Check verification request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/verification/{invoiceId}/check
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key sent by Merchant’s app |
session.nonce | string(32-128) | Value sent by Merchant’s app |
session.signature | string(32-128) | Value sent by Merchant’s app |
session.token | string(16-36) | The session token of verification transaction |
Check verification response
If successful, this method should return the following response body:
{
"billing": {
"address": {
"city": "string",
"country": "string",
"postcodeZip": "string",
"state": "string",
"street": "string",
"street2": "string"
},
"phone": "string"
},
"consumer": {
"birthDay": "string",
"email": "string",
"ipAddresses": ["string"]
},
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
},
"transaction": {
"currency": "string",
"randomSumCentis": "integer"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
invoiceId | string | Verification transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of consumer.device.serialNumber, session.nonce, endpointId and invoiceId |
session.nonce | string | Unique random string generated by Merchant’s server in Initiate verification response |
session.token | string | The session token of verification transaction |
Optional properties | ||
billing | object | |
billing.address | object | |
billing.address.city | string | City name |
billing.address.country | string | ISO alpha3 country code |
billing.address.postcodeZip | string | ZIP post code |
billing.address.state | string | State is used if present. For example, Los Angeles is in CA state |
billing.address.street | string | Street is used for district names and street names |
billing.address.street2 | string | Street 2 is used for long addresses. Usually it contains apartment and building № |
billing.phone | string | Customer’s contact phone number |
consumer.birthDay | string | Consumer’s birth day in “ddMMyyyy” format |
consumer.email | string | Consumer’s email address |
consumer.ipAddresses | list | Consumer’s IP addresses |
consumer.ipAddresses[] | string | Consumer’s IP address |
transaction.currency | string | Upper case letters (ISO 4217 alpha code) |
transaction.randomSumCentis | integer | Random sum amount (for random sum check), 1.00 EUR = 100 centis |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Verification transaction identifier |
Verification status¶
Verification status request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/verification/{endpointId}/{invoiceId}/status
Request body
In the request body, supply data with the following structure:
{
"session": {
"accessToken": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
session | object | |
session.accessToken | string(32-128) | The access token key received in Optional consumer authentication |
session.token | string(16-36) | The session token of verification transaction |
Verification status response
If successful, this method returns the following response body:
{
"bankOrderId": "string",
"invoiceId": "string",
"redirectUrl": "string",
"session": {
"token": "string"
},
"state": "enum"
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Verification transaction identifier |
session | object | |
session.token | string | The session token of verification transaction |
state | enum | Possible values: PROCESSING , REDIRECT_REQUEST , APPROVED , DECLINED |
Conditional properties | ||
bankOrderId | string(128) | Required if state is APPROVED or DECLINED |
redirectUrl | string(128) | Required if state is REDIRECT_REQUEST |
Optional properties | ||
errorCode | integer | Decline reason code, may present if state is DECLINED |
errorMessage | string(128) | Decline reason message, may present if state is DECLINED |
secure3DAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED , UNSUPPORTED
UNSUPPORTED means that card does not support 3-D Secure or 3DS authentication
process finished with an unknown status |
randomSumAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
INTERNAL_ERROR , PROCESSING_FAILED , ORDER_NOT_FOUND |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Verification transaction identifier |
Verification card mapping notification¶
Verification card mapping notification request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/verification/notification
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"reference": {
"serverCardId": "string",
"uniqueReferenceCardId": "integer"
},
"sourceCard": {
"bin": "integer"
},
"session": {
"accessToken": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
reference | object | |
reference.serverCardId | string(1-64) | The card reference identifier (on server side) |
reference.uniqueReferenceCardId | integer | The card identifier (on server side) |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key |
session.token | string(16-36) | The session token of verification transaction |
sourceCard | object | |
sourceCard.bin | integer | The Source card BIN |
Card mapping notification response
If successful, this method should return the following response body:
{
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Verification transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the session.nonce, the endpointId and the invoiceId |
session.nonce | string | Unique random string generated by Merchant’s server |
session.token | string | The session token of verification transaction |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Verification transaction identifier |
1.2.3. Sale¶
Initiate sale¶
Initiate sale request is sent by Merchant’s app through HTTPS POST to URL in the following format (provided by merchant)
https://proxy.merchantserver.com/transfer/initiate-sale
Request body
In the request body, supply data with the following structure:
{
"consumer": {
"device": {
"imei": "string",
"serialNumber": "string"
},
"ipAddresses": ["string"]
},
"location": {
"lat": "double",
"lng": "double"
},
"session": {
"accessToken": "string"
},
"transaction": {
"amountCentis": "integer",
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
transaction | object | |
transaction.amountCentis | integer | Transaction amount, 1.00 EUR = 100 centis |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
Optional properties | ||
consumer.device.imei | string(14-16) | Consumer’s device international mobile equipment identity |
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
consumer.ipAddresses | list | Consumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Consumer’s IP address |
Initiate sale response
If successful, this method should return the following response body:
{
"endpointId": "string",
"invoiceId": "string",
"session": {
"nonce": "string",
"signature": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
endpointId | string | Entry point identifier for sale transaction |
invoiceId | string | Transfer transaction identifier |
session | object | |
session.nonce | string | Unique random string generated by Merchant’s server |
session.signature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the accessToken, consumer.device.serialNumber, endpointId, session.nonce, invoiceId, transaction.amountCentis and the transaction.currency |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
}
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
Perform sale¶
Perform sale request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/sale/{endpointId}/{invoiceId}
Request body
In the request body, supply data with the following structure:
{
"billing": {
"address": {
"city": "string",
"country": "string",
"postcodeZip": "string",
"state": "string",
"street": "string",
"street2": "string"
},
"phone": "string"
},
"consumer": {
"birthDay": "string",
"device": {
"imei": "string",
"serialNumber": "string"
},
"email": "string",
"ipAddresses": ["string"]
},
"location": {
"lat": "double",
"lng": "double"
},
"order": {
"description": "string",
"siteUrl": "string",
"purpose": "string"
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string"
},
"sourceOfFunds": {
"card": {
"expiry": {
"month": "integer",
"year": "integer"
},
"holder":{
"firstName": "string",
"lastName": "string"
},
"number": "string",
"securityCode": "string"
},
"reference": {
"clientCardId": "string",
"securityCode": "string"
}
},
"transaction": {
"amountCentis": "integer",
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
consumer.email | string(3-128) | Сonsumer’s email address, if sent in original card mapping transaction and card reference is being used instead of cardholder data |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
session.nonce | string(32-128) | Value received in initiate sale response |
session.signature | string(32-128) | Value received in initiate sale response |
sourceOfFunds | object | |
sourceOfFunds.card | object | Only one of these subtypes (card, reference) should be used |
sourceOfFunds.card.expiry | object | |
sourceOfFunds.card.expiry.month | integer(2) | Source Card expiration month |
sourceOfFunds.card.expiry.year | integer(4) | Source Card expiration year |
sourceOfFunds.card.holder | object | |
sourceOfFunds.card.holder.firstName | string(1-50) | Cardholder’s first name |
sourceOfFunds.card.holder.lastName | string(1-50) | Cardholder’s last name |
sourceOfFunds.card.holder.printedName | string(1-50) | Cardholder’s printed name (first and last name together). May be used instead of firstName + lastName |
sourceOfFunds.card.number | string(9-19) | Source card number (PAN) |
sourceOfFunds.card.securityCode | string(3-4) | Source card security code (CVV) |
sourceOfFunds.reference | object | only one of these subtypes (card, reference) should be used |
sourceOfFunds.reference.clientCardId | string(1-128) | Source card reference identifier (on client side) |
sourceOfFunds.reference.securityCode | string(3-4) | Source card security code (CVV) |
transaction | object | |
transaction.amountCentis | integer | Transaction amount, 1.00 EUR = 100 centis |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
Optional properties | ||
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
billing | object | |
billing.address | object | |
billing.address.city | string(1-100) | City name |
billing.address.country | string(3) | ISO alpha3 country code |
billing.address.postcodeZip | string(1-10) | ZIP post code |
billing.address.state | string(2-3) | State is used if present. For example, Los Angeles is in CA state |
billing.address.street | string(1-50) | Street is used for district names and street names |
billing.address.street2 | string(1-50) | Street 2 is used for long addresses. Usually it contains apartment and building № |
billing.phone | string(1-20) | Сonsumer’s contact phone number |
consumer.birthDay | string(8) | Сonsumer’s birth day in “ddMMyyyy” format |
consumer.device.imei | string(14-16) | Сonsumer’s device international mobile equipment identity |
consumer.ipAddresses | list | Сonsumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Сonsumer’s IP address |
order | object | |
order.description | string(128) | Brief transaction description. May be mandatory for certain Acquirer Banks |
order.siteUrl | string(128) | URL of website associated with the transaction |
order.purpose | string(128) | May be used for better transaction control or additional checks |
Perform sale response
If successful, this method returns the following response body:
{
"invoiceId": "string",
"session": {
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Sale transaction identifier |
session | object | |
session.token | string | The session token of sale transaction |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: INVALID_REQUEST ,
INVALID_CONFIGURATION , INTERNAL_ERROR , PROCESSING_FAILED |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Sale transaction identifier |
Perform sale debug¶
For integration purposes you may use E-Commerce test cards to generate random card numbers.
Check sale¶
Check sale request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/sale/{invoiceId}/check
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string",
"token": "string"
},
"sourceOfFunds": {
"reference": {
"clientCardId": "string"
}
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key sent by Merchant’s app |
session.nonce | string(32-128) | Value sent by Merchant’s app |
session.signature | string(32-128) | Value sent by Merchant’s app |
session.token | string(16-36) | The session token of sale transaction |
Optional properties | ||
sourceOfFunds | object | |
sourceOfFunds.reference | object | |
sourceOfFunds.reference.clientCardId | string(1-128) | The source card reference identifier (on client side) if sent in Perform sale request |
Check sale response
If successful, this method should return the following response body:
{
"consumer": {
"email": "string"
},
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
},
"sourceOfFunds": {
"card": {
"expiry": {
"month": "integer",
"year": "integer"
},
"holder":{
"firstName": "string",
"lastName": "string"
},
"number": "string"
},
"reference": {
"serverCardId": "string",
}
},
"transaction": {
"currency": "string",
"randomSumCentis": "integer"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
invoiceId | string | Sale transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the consumer.device.serialNumber, session.nonce, endpointId, invoiceId, sourceOfFunds.reference.serverCardId (if present) |
session.nonce | string | Unique random string generated by Merchant’s server in Initiate sale response |
session.token | string | The session token of sale transaction |
Optional properties | ||
consumer.email | string | Сonsumer’s email address, if sent in original card mapping transaction |
sourceOfFunds | object | |
sourceOfFunds.reference | object | |
sourceOfFunds.reference.serverCardId | string | The source card reference identifier (on server side) |
transaction.currency | string | Upper case letters (ISO 4217 alpha code) |
transaction.randomSumCentis | integer | Random sum amount (for random sum check), 1.00 EUR = 100 centis |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Sale transaction identifier |
Sale status¶
Sale status request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/sale/{endpointId}/{invoiceId}/status
Request body
In the request body, supply data with the following structure:
{
"session": {
"accessToken": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
session | object | |
session.accessToken | string(32-128) | The access token key received in Optional consumer authentication |
session.token | string(16-36) | The session token of sale transaction |
Sale status response
If successful, this method returns the following response body:
{
"bankOrderId": "string",
"invoiceId": "string",
"redirectUrl": "string",
"session": {
"token": "string"
},
"state": "enum"
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Sale transaction identifier |
session | object | |
session.token | string | The session token of sale transaction |
state | enum | Possible values: PROCESSING , REDIRECT_REQUEST , APPROVED , DECLINED |
Conditional properties | ||
bankOrderId | string(128) | Required if state is APPROVED or DECLINED |
redirectUrl | string(128) | Required if state is REDIRECT_REQUEST |
orderId | string | Order identifier in payment processing system |
transaction | object | |
transaction.amountCentis | integer | Amount of money transfered in centis, 1.00 EUR = 100 centis |
transaction.commissionCentis | integer | Amount of commission held in centis (depends on the integration) |
transaction.orderCreatedDate | string | Order creation date in payment processing system |
transaction.transactionCreatedDate | string | Transaction creation date in payment processing system |
Optional properties | ||
errorCode | integer | Decline reason code, may present if state is``DECLINED`` |
errorMessage | string(128) | Decline reason message, may present if state is DECLINED |
secure3DAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED , UNSUPPORTED
UNSUPPORTED means that card does not support 3-D Secure or 3DS authentication
process finished with an unknown status |
randomSumAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
INTERNAL_ERROR , PROCESSING_FAILED , ORDER_NOT_FOUND |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Sale transaction identifier |
Sale card mapping notification¶
Sale card mapping notification request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/sale/notification
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"session": {
"accessToken": "string",
"token":"string"
},
"sourceCard": {
"bin": "integer",
"reference": {
"serverCardId": "string",
"uniqueReferenceCardId": "integer"
}
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key |
session.token | string(16-36) | The session token of sale transaction |
Optional properties | ||
sourceCard | object | |
sourceCard.bin | integer | The Source card BIN |
sourceCard.reference | object | |
sourceCard.reference.serverCardId | string(1-64) | The Source card reference identifier (on server side) |
sourceCard.reference.uniqueReferenceCardId | integer | The Source card unique identifier (on server side) |
Sale card mapping notification response
If successful, this method should return the following response body:
{
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Sale transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of session.nonce, endpointId and invoiceId |
session.nonce | string | Unique random string generated by Merchant’s server |
session.token | string | The session token of sale transaction |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Сause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Sale transaction identifier |
Repeat sale¶
- {sourceOfFunds.reference.clientCardId}
- {sourceOfFunds.reference.securityCode}
- {sourceOfFunds.card.expiry.month}
- {sourceOfFunds.card.expiry.year}
- {sourceOfFunds.card.holder}
- {sourceOfFunds.card.holder.firstName}
- {sourceOfFunds.card.holder.lastName}
- {sourceOfFunds.card.number}
- {sourceOfFunds.card.securityCode}
1.2.4. Money transfer¶
Initiate transfer¶
Initiate transfer request is sent by Merchant’s app through HTTPS POST to URL in the following format (provided by merchant)
https://proxy.merchantserver.com/transfer/initiate-transfer
Request body
In the request body, supply data with the following structure:
{
"consumer": {
"device": {
"imei": "string",
"serialNumber": "string"
},
"ipAddresses": ["string"]
},
"location": {
"lat": "double",
"lng": "double"
},
"session": {
"accessToken": "string"
},
"transaction": {
"amountCentis": "integer",
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
transaction | object | |
transaction.amountCentis | integer | Transaction amount, 1.00 EUR = 100 centis |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
Optional properties | ||
consumer.device.imei | string(14-16) | Consumer’s device international mobile equipment identity |
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
consumer.ipAddresses | list | Consumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Consumer’s IP address |
fromBin | string(6) | Source of funds card BIN (first 6 digits of card number) may be used to display pre-calculated commission |
toBin | string(6) | Destination of funds card BIN (first 6 digits of card number) may be used to display pre-calculated commission |
Initiate transfer response
If successful, this method should return the following response body:
{
"endpointId": "string",
"invoiceId": "string",
"rates": {
"min": "string",
"max": "string"
},
"session": {
"nonce": "string",
"signature": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
endpointId | string | Entry point identifier for transfer transaction |
invoiceId | string | Transfer transaction identifier |
session | object | |
session.nonce | string | Unique random string generated by Merchant’s server |
session.signature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the accessToken, consumer.device.serialNumber, endpointId, session.nonce, invoiceId, transaction.amountCentis and the transaction.currency |
Optional properties | ||
rates | object | |
rates.min | string | Possible minimum commission amount |
rates.max | string | Possible maximum commission amount |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
}
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
Perform transfer¶
Perform transfer request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/transfer/{endpointId}/{invoiceId}
Request body
In the request body, supply data with the following structure:
{
"billing": {
"address": {
"city": "string",
"country": "string",
"postcodeZip": "string",
"state": "string",
"street": "string",
"street2": "string"
},
"phone": "string"
},
"consumer": {
"birthDay": "string",
"device": {
"imei": "string",
"serialNumber": "string"
},
"email": "string",
"ipAddresses": ["string"]
},
"destinationOfFunds": {
"card": {
"number": "string",
},
"reference": {
"clientCardId": "string"
}
},
"location": {
"lat": "double",
"lng": "double"
},
"order": {
"description": "string",
"siteUrl": "string",
"purpose": "string"
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string"
},
"sourceOfFunds": {
"card": {
"expiry": {
"month": "integer",
"year": "integer"
},
"holder":{
"firstName": "string",
"lastName": "string"
},
"number": "string",
"securityCode": "string"
},
"reference": {
"clientCardId": "string",
"securityCode": "string"
}
},
"transaction": {
"amountCentis": "integer",
"currency": "string"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
consumer.email | string(3-128) | Сonsumer’s email address, if sent in original card mapping transaction and card reference is being used instead of cardholder data |
destinationOfFunds | object | |
destinationOfFunds.card | object | Only one of these subtypes (card, reference) should be used |
destinationOfFunds.card.number | string(9-19) | Destination card number (PAN) |
destinationOfFunds.reference | object | Only one of these subtypes (card, reference) should be used |
destinationOfFunds.reference.clientCardId | string(1-128) | Destination card reference identifier (on client side) |
session | object | |
session.accessToken | string(32-128) | Access token key received in Optional consumer authentication |
session.nonce | string(32-128) | Value received in Initiate transfer response |
session.signature | string(32-128) | Value received in Initiate transfer response |
sourceOfFunds | object | |
sourceOfFunds.card | object | Only one of these subtypes (card, reference) should be used |
sourceOfFunds.card.expiry | object | |
sourceOfFunds.card.expiry.month | integer(2) | Source Card expiration month |
sourceOfFunds.card.expiry.year | integer(4) | Source Card expiration year |
sourceOfFunds.card.holder | object | |
sourceOfFunds.card.holder.firstName | string(1-50) | Cardholder’s first name |
sourceOfFunds.card.holder.lastName | string(1-50) | Cardholder’s last name |
sourceOfFunds.card.holder.printedName | string(1-50) | Cardholder’s printed name (first and last name together). May be used instead of firstName + lastName |
sourceOfFunds.card.number | string(9-19) | Source card number (PAN) |
sourceOfFunds.card.securityCode | string(3-4) | Source card security code (CVV) |
sourceOfFunds.reference | object | only one of these subtypes (card, reference) should be used |
sourceOfFunds.reference.clientCardId | string(1-128) | Source card reference identifier (on client side) |
sourceOfFunds.reference.securityCode | string(3-4) | Source card security code (CVV) |
transaction | object | |
transaction.amountCentis | integer | Transaction amount, 1.00 EUR = 100 centis |
transaction.currency | string(3) | Upper case letters (ISO 4217 alpha code) |
Optional properties | ||
location | object | |
location.lat | double | The latitude specified in the range of -90.0 through +90.0, both inclusive |
location.lng | double | The longitude specified in the range -180.0 through +180.0, both inclusive |
billing | object | |
billing.address | object | |
billing.address.city | string(1-100) | City name |
billing.address.country | string(3) | ISO alpha3 country code |
billing.address.postcodeZip | string(1-10) | ZIP post code |
billing.address.state | string(2-3) | State is used if present. For example, Los Angeles is in CA state |
billing.address.street | string(1-50) | Street is used for district names and street names |
billing.address.street2 | string(1-50) | Street 2 is used for long addresses. Usually it contains apartment and building № |
billing.phone | string(1-20) | Сonsumer’s contact phone number |
consumer.birthDay | string(8) | Сonsumer’s birth day in “ddMMyyyy” format |
consumer.device.imei | string(14-16) | Сonsumer’s device international mobile equipment identity |
consumer.ipAddresses | list | Сonsumer’s IP addresses |
consumer.ipAddresses[] | string(7-15) | Сonsumer’s IP address |
order | object | |
order.description | string(128) | Brief transaction description. May be mandatory for certain Acquirer Banks |
order.siteUrl | string(128) | URL of website associated with the transaction |
order.purpose | string(128) | May be used for better transaction control or additional checks |
Perform transfer response
If successful, this method returns the following response body:
{
"invoiceId": "string",
"session": {
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Transfer transaction identifier |
session | object | |
session.token | string | The session token of transfer transaction |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: INVALID_REQUEST ,
INVALID_CONFIGURATION , INTERNAL_ERROR , PROCESSING_FAILED |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Transfer transaction identifier |
Perform transfer debug¶
For integration purposes you may use E-Commerce test cards to generate random card numbers.
Check transfer¶
Check transfer request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/transfer/{invoiceId}/check
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"destinationOfFunds": {
"reference": {
"clientCardId": "string"
}
},
"session": {
"accessToken": "string",
"nonce": "string",
"signature": "string",
"token": "string"
},
"sourceOfFunds": {
"reference": {
"clientCardId": "string"
}
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key sent by Merchant’s app |
session.nonce | string(32-128) | Value sent by Merchant’s app |
session.signature | string(32-128) | Value sent by Merchant’s app |
session.token | string(16-36) | The session token of transfer transaction |
Optional properties | ||
sourceOfFunds | object | |
sourceOfFunds.reference | object | |
sourceOfFunds.reference.clientCardId | string(1-128) | The source card reference identifier (on client side) if sent in Perform Transfer request |
destinationOfFunds | object | |
destinationOfFunds.reference | object | |
destinationOfFunds.reference.clientCardId | string(1-128) | The destination card reference identifier (on client side) if sent in Perform Transfer request |
Check transfer response
If successful, this method should return the following response body:
{
"consumer": {
"email": "string"
},
"destinationOfFunds": {
"card": {
"number": "string"
},
"reference": {
"serverCardId": "string"
}
},
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
},
"sourceOfFunds": {
"card": {
"expiry": {
"month": "integer",
"year": "integer"
},
"holder":{
"firstName": "string",
"lastName": "string"
},
"number": "string"
},
"reference": {
"serverCardId": "string",
}
},
"transaction": {
"currency": "string",
"randomSumCentis": "integer"
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
invoiceId | string | Transfer transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the consumer.device.serialNumber, session.nonce, destinationOfFunds.reference.serverCardId (if present), endpointId, invoiceId, sourceOfFunds.reference.serverCardId (if present) |
session.nonce | string | Unique random string generated by Merchant’s server in Initiate transfer response |
session.token | string | The session token of transfer transaction |
Optional properties | ||
consumer.email | string | Consumer’s email address |
destinationOfFunds | object | |
destinationOfFunds.reference | object | |
destinationOfFunds.reference.serverCardId | string | The destination card reference identifier (on server side) |
sourceOfFunds | object | |
sourceOfFunds.reference | object | |
sourceOfFunds.reference.serverCardId | string | The source card reference identifier (on server side) |
transaction.currency | string | Upper case letters (ISO 4217 alpha code) |
transaction.randomSumCentis | integer | Random sum amount (for random sum check), 1.00 EUR = 100 centis |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Transfer transaction identifier |
Transfer status¶
Transfer status request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/transfer/{endpointId}/{invoiceId}/status
Request body
In the request body, supply data with the following structure:
{
"session": {
"accessToken": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
session | object | |
session.accessToken | string(32-128) | The access token key received in Optional consumer authentication |
session.token | string(16-36) | The session token of transfer transaction |
Transfer status response
If successful, this method returns the following response body:
{
"bankOrderId": "string",
"invoiceId": "string",
"redirectUrl": "string",
"session": {
"token": "string"
},
"state": "enum"
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Transfer transaction identifier |
session | object | |
session.token | string | The session token of transfer transaction |
state | enum | Possible values: PROCESSING , REDIRECT_REQUEST , APPROVED , DECLINED |
Conditional properties | ||
bankOrderId | string(128) | Required if state is APPROVED or DECLINED |
redirectUrl | string(128) | Required if state is REDIRECT_REQUEST |
orderId | string | Order identifier in payment processing system |
transaction | object | |
transaction.amountCentis | integer | Amount of money transfered in centis, 1.00 EUR = 100 centis |
transaction.commissionCentis | integer | Amount of commission held in centis |
transaction.orderCreatedDate | string | Order creation date in payment processing system |
transaction.transactionCreatedDate | string | Transaction creation date in payment processing system |
Optional properties | ||
errorCode | integer | Decline reason code, may present if state is``DECLINED`` |
errorMessage | string(128) | Decline reason message, may present if state is DECLINED |
secure3DAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED , UNSUPPORTED
UNSUPPORTED means that card does not support 3-D Secure or 3DS authentication
process finished with an unknown status |
randomSumAuthStatus | enum | Possible values: AUTHENTICATED , NOT_AUTHENTICATED |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: FILTERED , INVALID_REQUEST ,
INTERNAL_ERROR , PROCESSING_FAILED , ORDER_NOT_FOUND |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Transfer transaction identifier |
Transfer card mapping notification¶
Transfer card mapping notification request is sent by Apropay through HTTPS POST to URL (provided by merchant)
https://proxy.merchantserver.com/transfer/notification
Request body
In the request body, data is supplied with the following structure:
{
"consumer": {
"device": {
"serialNumber": "string"
}
},
"destinationCard": {
"bin": "integer",
"reference": {
"serverCardId": "string",
"uniqueReferenceCardId": "integer"
}
},
"session": {
"accessToken": "string",
"token":"string"
},
"sourceCard": {
"bin": "integer",
"reference": {
"serverCardId": "string",
"uniqueReferenceCardId": "integer"
}
}
}
Property name | Value | Description |
---|---|---|
Required properties | ||
consumer | object | |
consumer.device | object | |
consumer.device.serialNumber | string(1-50) | Consumer’s device serial number |
session | object | |
session.accessToken | string(32-128) | Consumer’s access token key |
session.token | string(16-36) | The session token of transfer transaction |
Optional properties | ||
destinationCard | object | |
destinationCard.bin | integer | The Destination card BIN |
destinationCard.reference | object | |
destinationCard.reference.serverCardId | string(1-64) | The Destination card reference identifier (on server side) |
destinationCard.reference.uniqueReferenceCardId | integer | The Destination card unique identifier (on server side) |
sourceCard | object | |
sourceCard.bin | integer | The Source card BIN |
sourceCard.reference | object | |
sourceCard.reference.serverCardId | string(1-64) | The Source card reference identifier (on server side) |
sourceCard.reference.uniqueReferenceCardId | integer | The Source card unique identifier (on server side) |
Transfer card mapping notification response
If successful, this method should return the following response body:
{
"invoiceId": "string",
"session": {
"checkSignature": "string",
"nonce": "string",
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Transfer transaction identifier |
session | object | |
session.checkSignature | string | Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of session.nonce, endpointId and invoiceId |
session.nonce | string | Unique random string generated by Merchant’s server |
session.token | string | The session token of transfer transaction |
If failed, this method should return the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Сause of the error. Possible values: FILTERED , INVALID_REQUEST ,
SERVER_FAILED , SERVER_UNAVAILABLE |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Transfer transaction identifier |
Repeat transfer¶
- {sourceOfFunds.reference.clientCardId}
- {sourceOfFunds.reference.securityCode}
- {sourceOfFunds.card.expiry.month}
- {sourceOfFunds.card.expiry.year}
- {sourceOfFunds.card.holder}
- {sourceOfFunds.card.holder.firstName}
- {sourceOfFunds.card.holder.lastName}
- {sourceOfFunds.card.number}
- {sourceOfFunds.card.securityCode}
Consumer defined transfer rates¶
- If Check transfer has been successful, Apropay pauses the processing, includes the list of possible commissions to next Transfer status response and awaits for confirmation from the Consumer.
- Consumer selects the most suitable commission from the list in the Merchant’s app.
- Merchant’s app sends the selected gate in Complete transfer request to Apropay.
- Apropay continues to process the transaction on the selected gate.
This flow is also represented on the scheme below:
The following structure extends the default Transfer status response body (e.g. 2 processing gates):
{
"state": "TRANSFER_FEE_REQUEST",
"transferFeeList": [
{
"assignedId": "string",
"commissionCentis": "integer",
"currency": "string"
},
{
"assignedId": "string",
"commissionCentis": "integer",
"currency": "string"
}
]
}
Property name | Value | Description |
---|---|---|
transferFeeList | object | |
transferFeeList.assignedId | string | Aliased payment gateway name |
transferFeeList.commissionCentis | integer | Amount of commission to be held in centis, 1.00 EUR = 100 centis |
transferFeeList.currency | string | Upper case letters (ISO 4217 alpha code) |
state | string | In addition to the values from Transfer status,
TRANSFER_FEE_REQUEST value only exists in this flow |
Complete transfer request is sent by Merchant’s app through HTTPS POST to URL
https://gate.apropay.com/paynet/dapi/v1/transfer/{endpointId}/{invoiceId}/{assignedId}
In the request body, supply data with the following structure:
{
"session": {
"accessToken": "string",
"token": "string"
}
}
Complete transfer response
If successful, this method returns the following response body:
{
"invoiceId": "string",
"session": {
"token": "string"
}
}
Property name | Value | Description |
---|---|---|
invoiceId | string | Transfer transaction identifier |
session | object | |
session.token | string | The session token of transfer transaction |
If failed, this method returns the following response body:
{
"error": {
"cause": "enum",
"code": "string",
"message": "string"
},
"invoiceId": "string"
}
Property name | Value | Description |
---|---|---|
error | object | |
error.cause | enum | Cause of the error. Possible values: INVALID_REQUEST ,
INVALID_CONFIGURATION , INTERNAL_ERROR , PROCESSING_FAILED |
error.code | string | The unique error code |
error.message | string | Description of the error |
invoiceId | string | Transfer transaction identifier |
1.2.5. Development tools¶
Signature computation¶
- Take merchantControlKey
- Remove dashes from it
- Unhex the result to binary
You can get the correct signature values for all types of transactions supported by DAPI in the debugging tool below:
String to sign |
---|
Signature |
---|