Appearance
Quick Start β
1. Base URL & Auth β
Send HTTPS requests to the sandbox or production base URL with an Authorization header using an API key (api_***), and Content-Type: application/json.
TIP
Public keys (pub_***) are client-side only.
http
Authorization: api_xxx...
Content-Type: application/jsonπ‘ Every response includes
x-correlation-idfor tracing/debugging.
2. Your First Charge (Sale) β
Endpoint: POST /api/transaction
Minimum useful fields: type, amount (in cents), and one payment_method (e.g., card). Amounts like $12.99 must be sent as 1299.
bash
curl -X POST "<BASE_URL>/api/transaction" -H "Authorization: api_<YOUR_PRIVATE_KEY>" -H "Content-Type: application/json" -d '{
"type": "sale",
"amount": 1299,
"payment_method": {
"card": {
"number": "4111111111111111",
"expiration_date": "12/30",
"cvc": "123"
}
},
"description": "Test charge $12.99"
}'js
await fetch(`${BASE_URL}/api/transaction`, {
method: "POST",
headers: {
Authorization: "api_<YOUR_PRIVATE_KEY>",
"Content-Type": "application/json"
},
body: JSON.stringify({
type: "sale",
amount: 1299,
payment_method: { card: { number: "4111111111111111", expiration_date: "12/30", cvc: "123" } },
description: "Test charge $12.99"
})
});python
import requests
resp = requests.post(
f"{BASE_URL}/api/transaction",
headers={"Authorization": "api_<YOUR_PRIVATE_KEY>", "Content-Type": "application/json"},
json={
"type": "sale",
"amount": 1299,
"payment_method": {"card": {"number": "4111111111111111", "expiration_date": "12/30", "cvc": "123"}},
"description": "Test charge $12.99",
},
)
print(resp.json())go
body := `{
"type":"sale",
"amount":1299,
"payment_method":{"card":{"number":"4111111111111111","expiration_date":"12/30","cvc":"123"}},
"description":"Test charge $12.99"
}`
req, _ := http.NewRequest("POST", BASE_URL+"/api/transaction", strings.NewReader(body))
req.Header.Set("Authorization", "api_<YOUR_PRIVATE_KEY>")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
defer resp.Body.Close()3. Idempotency (Duplicate Protection) β
Add idempotency_key (UUID) to safely retry a request; TTL defaults to 5 minutes unless you pass idempotency_time (seconds) or have a merchant default.
json
{
"type": "sale",
"amount": 17500,
"idempotency_key": "7df4d862-1a3d-44c4-b3df-536aadf307b0",
"payment_method": {
"card": { "number": "4111111111111111", "expiration_date": "12/30", "cvc": "123" }
}
}4. Common Flows β
Sale β
Authorize and Capture in single call:
json
POST /api/transaction
{
"type": "sale",
"amount": 5000,
"payment_method": { "card": { ... } }
}Auth β Capture β
Authorize now, capture later:
json
POST /api/transaction
{
"type": "authorize",
"amount": 5000,
"payment_method": { "card": { ... } }
}Capture when youβre ready:
http
POST /api/transaction/{transactionId}/captureYou can optionally pass amount, tax_amount, etc. in the body.
Void / Auth Reversal β
Void a transaction thatβs pending settlement:
http
POST /api/transaction/{transactionId}/voidRefund β
Refund a settled transaction (supports multiple partial refunds up to the settled total):
http
POST /api/transaction/{transactionId}/refundBody supports amount and optional surcharge.
5. Reading & Searching β
- Get by ID:
http
GET /api/transaction/{transactionId}Returns full transaction details including response codes, AVS/CVV, and addresses.
- Search:
http
POST /api/transaction/searchUse filters such as date ranges, amount, processor. If no created_at range is provided, the default is the prior four months.
6. Handling Responses & Errors β
- Errors
json
{ "status": "failed", "msg": "bad request error: invalid Postal Code" }Common βUnauthorizedβ causes:
- Missing/incorrect
Authorizationheader - Wrong key type (public vs private)
- Key restrictions
- Wrong environment
Every response includes x-correlation-id for support.
- Gateway/Processor Codes
100β199: Approved / Partial Approval200β299: Issuer Decline300β399: Gateway Decline400β499: Processor Error