Initiate Checkout

Request to initiate a Hosted Checkout interaction, i.e. a Hosted Payment Page or Embedded Page interaction that allows the payer to select their payment details and make the payment. See Implementing a Hosted Checkout Integration for details.

The gateway returns a session identifier (session.id) that you must include in the Checkout.configure() function.
The gateway automatically expires the session.

POST https://anzegate.gateway.mastercard.com/api/rest/version/64 / merchant / {merchantId} / session

Authentication

This operation requires authentication via one of the following methods:


  • Certificate authentication.
  • Basic HTTP authentication as described at w3.org. Provide 'merchant.<your gateway merchant ID>' in the userid portion and your API password in the password portion.

Request

URL Parameters

{merchantId} Alphanumeric + additional characters REQUIRED

The unique identifier issued to you by your payment provider.


This identifier can be up to 12 characters in length.


Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40

Fields

agreement OPTIONAL

A series of related orders that execute one commercial agreement.

For example, linking the orders for a series of recurring payments (a mobile phone subscription), split tenders (one payment using two cards), or when the merchant offers to take payments by a series of installments (hire purchase).

You must provide this data for some types of payments (such as recurring), but you can provide it for any cases where you want to link orders together.

agreement.amountVariability Enumeration OPTIONAL

Indicates if all the payments within the agreement use the same amount or if the amount differs between the payments.

Value must be a member of the following list. The values are case sensitive.

FIXED

All payments in the recurring payment agreement have the same amount. Examples include magazine subscriptions or gym memberships.

VARIABLE

The amount for the payments within the recurring payment agreement differs between payments. Examples include usage-based charges like utility or phone bills.

agreement.expiryDate Date OPTIONAL

Date at which your agreement with the payer to process payments expires.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

agreement.id String OPTIONAL

Your identifier for the agreement you have with the payer to process payments.

When you collect cards from your payers and store them for later use, you must provide an agreement ID when you use the stored values for:

  • Recurring payments: you have an agreement with the payer that authorizes you to automatically debit their account at agreed intervals for fixed or variable amounts. For example, gym membership, phone bills, or magazine subscriptions.
  • Installment payments: you have an agreement with the payer that authorizes you to process multiple payments over an agreed period of time for a single purchase. For example, the payer purchases an item for $1000 and pays for it in four monthly installments.
  • Unscheduled: you have an agreement with the payer that authorizes you to process future payments when required. For example, the payer authorizes you to process an account top-up transaction for a transit card when the account balance drops below a certain threshold.
When you first establish an agreement with the payer you should also specify the type of agreement in agreement.type.

Data can consist of any characters

Min length: 1 Max length: 100
agreement.maximumAmountPerPayment Decimal OPTIONAL

The maximum amount for a single payment in the series as agreed with the payer under your agreement with them.

The amount must be provided in the currency of the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
agreement.minimumDaysBetweenPayments Integer OPTIONAL

The minimum number of days between payments agreed with the payer under your agreement with them.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 9999
agreement.numberOfPayments Integer OPTIONAL

The number of merchant-initiated payments within the recurring payment agreement.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 999
agreement.paymentFrequency Enumeration OPTIONAL

The frequency of the payments within the series as agreed with the payer under your agreement with them.

Value must be a member of the following list. The values are case sensitive.

AD_HOC

The agreement if for payments on an ah-hoc basis.

DAILY

The agreement if for a daily payment.

FORTNIGHTLY

The agreement if for a fortnightly payment.

MONTHLY

The agreement if for a monthly payment.

OTHER

The agreement is for payments according to a schedule other than the ones listed in the other enumeration values for this field.

QUARTERLY

The agreement if for a quarterly payment.

TWICE_YEARLY

The agreement if for a payment twice a year.

WEEKLY

The agreement if for a weekly payment.

YEARLY

The agreement if for a yearly payment.

apiOperation String = INITIATE_CHECKOUT FIXED

Any sequence of zero or more unicode characters.

authentication OPTIONAL

Information about how the payer's identity is verified.

For example, using 3-D Secure authentication.

This parameter group include payer authentication options available to you, parameters you need to perform payer authentication for an available method, and the results of payer authentication.

authentication.3ds OPTIONAL

Information about payer authentication using 3-D Secure authentication.

Only provide these fields if you authenticated the payer using a different 3-D Secure service provider. If you authenticated the payer using the gateway, then provide authentication.transactionId instead.

Parameters in this group apply to both 3-D Secure authentication version 1 and 3-D Secure Authentication version 2.

Depending on the 3-D Secure authentication version applicable you will also need additional parameters:

- 3-D Secure authentication version 1: see the authentication.3ds1 parameter group.
- 3-D Secure authentication version 2: see the authentication.3ds2 parameter group.

authentication.3ds.acsEci Alphanumeric OPTIONAL

Indicates the security level of the transaction.

This is the Electronic Commerce Indicator (ECI) value provided by the issuer's Access Control Server (ACS) to indicate the results of the attempt to authenticate the payer.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 2
authentication.3ds.authenticationToken Base64 OPTIONAL

The base64 encoded value generated by the issuer.

The authentication token Included in subsequent transaction request messages and used by the card scheme to verify that the authentication occurred and the values provided are valid. The token should be used unaltered. For 3DS version 1, this field corresponds to the Cardholder Authentication Verification Value (CAVV) for Visa, the Accountholder Authentication Value (AAV) for MasterCard and JCB, or the American Express Verification Value (AEVV) for American Express.

For 3DS version 2, this field corresponds to the Authentication Value.

Data is Base64 encoded

allowable lengths 28 or 32
authentication.3ds.transactionId String OPTIONAL

A unique identifier for the 3-D Secure authentication transaction.

For 3DS version 1, this field corresponds to the XID. The XID is an identifier generated by the gateway on behalf of the merchant.

For 3DS version 2, this field corresponds to the identifier assigned by the scheme directory server.

This identifier should be used in subsequent operation requests unaltered.

An XID submitted in this field must be in base64 format.

Data can consist of any characters

Min length: 1 Max length: 50
authentication.3ds1 OPTIONAL

Information about payer authentication using 3-D Secure authentication version 1.

Only provide these fields if you authenticated the payer using a different 3-D Secure service provider. If you authenticated the payer using the gateway, then provide authentication.transactionId instead.

authentication.3ds1.paResStatus Alpha OPTIONAL

Indicates the result of payer authentication with the issuer.

This is the value returned in the transaction status field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, Y, N, A, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.3ds1.veResEnrolled Alpha OPTIONAL

Indicates whether or not payer authentication is available for the card number you provided.

This is for experts only - most users should use the response.gatewayRecommendation field.

This is the value returned in the 'enrolled' field of the Verify Enrollment Response (VERes) message from the card scheme's Directory Server. For example, Y, N, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.3ds2 OPTIONAL

Information about payer authentication using 3-D Secure authentication version 2.

Only provide these fields if you authenticated the payer using a different 3-D Secure service provider. If you authenticated the payer using the gateway, then provide authentication.transactionId instead.

authentication.3ds2.custom JSON Text OPTIONAL

Additional information returned by the scheme or issuer in the authentication response that must be included (together with the standard authentication details) when submitting the transaction for processing by the acquirer.

Data is valid Json Format

Min length: 1 Max length: 4000
authentication.3ds2.protocolVersion Alphanumeric + additional characters OPTIONAL

The version of the EMV 3-D Secure protocol used to perform 3-D Secure authentication, in the format specified by EMVCo.

For example, 2.1.0

Data may consist of the characters 0-9, a-z, A-Z, '.'

Min length: 1 Max length: 20
authentication.3ds2.statusReasonCode String OPTIONAL

A code indicating the reason for the transaction status returned in authentication.3ds2.transactionStatus.

Refer to the EMVCo specification for 3-D Secure.

Data can consist of any characters

Min length: 2 Max length: 2
authentication.3ds2.transactionStatus Alpha OPTIONAL

Indicates the result of payer authentication with the issuer.

This is the value returned in the transaction status field from the issuer's Access Control Server (ACS). For example, Y, N, U, A, R

Refer to the EMVCo specification for 3-D Secure.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.challengePreference Enumeration OPTIONAL

Indicates if you want the payer to be presented with an authentication challenge for this transaction.

You can use this to support local mandates or your risk tolerance. For example, you may prefer that a challenge is always performed when you store card details on file.

If you do not provide a value, the gateway will use NO_PREFERENCE. If there is no payer present (for example, recurring payments), then the gateway will ignore this field and use NO_CHALLENGE.

Note: 'challenge' means requiring the payer to take action to identify themselves, for example, entering a password.

Value must be a member of the following list. The values are case sensitive.

CHALLENGE_MANDATED

The merchant requires that the payer is presented with an authentication challenge.

CHALLENGE_PREFERRED

The merchant prefers that the payer is presented with an authentication challenge.

authentication.transactionId String OPTIONAL

The transactionId you used for the Initiate Authentication operation.

Data can consist of any characters

Min length: 1 Max length: 40
billing OPTIONAL

Details of the payer's billing address.

billing.address OPTIONAL

The payer's billing address.

This data may be used to qualify for better interchange rates on corporate purchase card transactions.

billing.address.city String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.company String OPTIONAL

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.country Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
billing.address.postcodeZip Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
billing.address.stateProvince String OPTIONAL

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
billing.address.stateProvinceCode String OPTIONAL

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
billing.address.street String OPTIONAL

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.street2 String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
checkoutMode Enumeration OPTIONAL

Defines how the Hosted Checkout interaction can be launched.

If you want to immediately redirect the payer from your website (Hosted Payment Page) or launch the Lightbox to make the payment, set this value to WEBSITE. This is the default behavior if the field is not provided.

Value must be a member of the following list. The values are case sensitive.

PAYMENT_LINK

Returns a payment link (paymentLink.url) that you can include in your communication with the payer (e.g. email). Clicking on the link will take the payer to Hosted Checkout.

WEBSITE

Returns a session identifier (session.id) that you need to pass when configuring the Hosted Checkout interaction using the Checkout.configure() function. This is the default value.

constraints OPTIONAL

Information about any constraints that apply to this transaction.

Specify constraints to ensure that the transaction conforms to predefined criteria. This is useful if your integration does not directly collect all the transaction values (e.g. a session-based integration or a checkout integration).

correlationId String OPTIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
cruise OPTIONAL

Cruise industry data.

cruise.departurePort OPTIONAL

A departurePort is the port where the passenger(s) boarded the cruise ship when the cruise trip started

cruise.departurePort.address OPTIONAL

Address of the cruise line.

cruise.departurePort.address.city String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
cruise.departurePort.address.country Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
cruise.departurePort.address.postCodeZip Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
cruise.departurePort.address.stateProvinceCode String OPTIONAL

The state or province code of the address.

The value must match the second part of the ISO 3166-2 code. For an address in the United States provide the 2-letter ISO 3166-2 state code. For US military bases provide one of AE, AA, AP. For an address in Canada provide the 2-letter ISO 3166-2 province code.

Data can consist of any characters

Min length: 1 Max length: 3
cruise.departurePort.address.street String OPTIONAL

The first line of the address.

Data can consist of any characters

Min length: 1 Max length: 100
cruise.departurePort.address.street2 String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
customer OPTIONAL

Information about the customer, including their contact details.

customer.email Email OPTIONAL

The email address of the customer.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

customer.firstName String OPTIONAL

The payer's first name.

Data can consist of any characters

Min length: 1 Max length: 50
customer.lastName String OPTIONAL

The payer's last or surname.

Data can consist of any characters

Min length: 1 Max length: 50
customer.mobilePhone Telephone Number OPTIONAL

The payer's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
customer.phone Telephone Number OPTIONAL

The payer's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
device OPTIONAL

Information about the device used by the payer for this transaction.

device.ani String OPTIONAL

The telephone number captured by ANI (Automatic Number Identification) when the customer calls to place the order.

Data can consist of any characters

Min length: 1 Max length: 10
device.aniCallType String OPTIONAL

The 2 digit ANI information identifier provided by the telephone company to indicate the call type, for example, cellular (61-63), toll free (24,25), etc.

Data can consist of any characters

Min length: 1 Max length: 2
device.fingerprint String OPTIONAL

Information collected about a remote computing device for the purpose of providing a unique identifier for the device.

For example, session ID, blackbox ID.

Data can consist of any characters

Min length: 1 Max length: 4000
device.mobilePhoneModel String OPTIONAL

The mobile phone manufacturer's identifier for the model of the mobile device used to initiate the payment.

Data can consist of any characters

Min length: 1 Max length: 255
initiator.userId String OPTIONAL

The person who initiated this transaction.

This field is automatically populated by the gateway if the transaction was created via Merchant Administration (gatewayEntryPoint=MERCHANT_ADMINISTRATION) or Merchant Manager (MERCHANT_MANAGER). In this case this is the name that the person used to log in to Merchant Administration or Merchant Manager respectively.

Data can consist of any characters

Min length: 1 Max length: 256
interaction REQUIRED

Information that controls the payer's checkout interaction.

interaction.action.3DSecure Enumeration OPTIONAL

Control when you offer 3-D Secure to the payer.

By default, 3-D Secure authentication is offered to the payer if available

Control when you offer 3-D Secure to the payer. By default, 3-D Secure authentication is offered to the payer if available.

Value must be a member of the following list. The values are case sensitive.

BYPASS

Do not offer 3DS authentication to the payer.

MANDATORY

Offer 3DS authentication to the payer if it is available.

USE_GATEWAY_RECOMMENDATION

Only offer 3-D Secure Authentication to the payer if the gateway has issued a recommendation to do so. Only applicable if your gateway configuration supports optional payment features.

interaction.cancelUrl URI OPTIONAL

The URL to which you want to redirect the payer's browser if they cancel their payment.

This could be a link to the payer's shopping cart, or the home page of your website.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

interaction.country Upper case alphabetic text OPTIONAL

The ISO 3166 alpha-3 country code of the payer's country, to be used to present country-specific content to the payer during the interaction.

For a Secure Remote Commerce interaction, the payer's country is used to present country-specific content such as Terms and Conditions and you only need to provide it, if you wish to override the default payer country you have configured for Secure Remove Commerce interactions.

Note that all content, including country-specific content, will be presented in the language based on the payer's locale provided in the interaction.locale field.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
interaction.displayControl OPTIONAL

A group of objects that control the visibility of, and payer-interaction with, displayed information.

interaction.displayControl.billingAddress Enumeration OPTIONAL

Indicates if you require the payer to provide their billing address during the payment interaction.

If you do not provide this field, the billing address will be optional.

Value must be a member of the following list. The values are case sensitive.

HIDE

Hides data fields from the payer.

MANDATORY

Displays data fields and allows the payer to enter data into these fields.

OPTIONAL

Displays data fields and allows the payer to opt out of data entry for these fields.

READ_ONLY

Data is displayed but cannot be modified.

interaction.displayControl.cardSecurityCode Enumeration OPTIONAL

Indicates if you require the payer to provide the card security code for their card payment during the payment interaction.

If you do not provide this field, the card security code will be mandatory.

Value must be a member of the following list. The values are case sensitive.

MANDATORY

Displays data fields and allows the payer to enter data into these fields.

OPTIONAL

Displays data fields and allows the payer to opt out of data entry for these fields.

interaction.displayControl.customerEmail Enumeration OPTIONAL

Indicates if you require the payer to provide their email address on the payment interaction.

If you do not provide this field, the payer's email address will be hidden.

Value must be a member of the following list. The values are case sensitive.

HIDE

Hides data fields from the payer.

MANDATORY

Displays data fields and allows the payer to enter data into these fields.

OPTIONAL

Displays data fields and allows the payer to opt out of data entry for these fields.

READ_ONLY

Data is displayed but cannot be modified.

interaction.displayControl.paymentTerms Enumeration OPTIONAL

Indicates whether you wish to hide payment terms for a payment plan during the payment interaction.

If you do not provide this field the payment terms for a payment plan will be displayed.

Value must be a member of the following list. The values are case sensitive.

HIDE

Hides the payment terms from the payer. Note that offering Plan AMEX in some regions may require you to inform the payer of the payment terms before processing the payment.

SHOW_IF_SUPPORTED

Displays the payment terms, if available, to the payer.

interaction.displayControl.shipping Enumeration OPTIONAL

Indicates if you wish to hide the shipping details on the payment interaction.

If you don't provide this field, shipping details will be displayed to the payer.

Value must be a member of the following list. The values are case sensitive.

HIDE

Hides data fields from the payer.

READ_ONLY

Data is displayed but cannot be modified.

interaction.locale String OPTIONAL

A language identifier or IETF language tag to control the language of the payment interaction with the payer (e.g. en_US, es, fr-CA).

By default, the language is determined from the payer's browser. Supply a value for this field only if you wish to override the default behavior. If the language you specify is not supported by the gateway, the payment is displayed in the best matching language.

Data must be a language identifier or IETF language tag

Min length: 2 Max length: 5
interaction.merchant OPTIONAL

Information that allows you to display your brand and business details during the payment interaction.

interaction.merchant.address OPTIONAL

Information on your business address.

interaction.merchant.address.line1 String OPTIONAL

The first line of your business address for display to the payer during the payment interaction.

Data can consist of any characters

Min length: 0 Max length: 100
interaction.merchant.address.line2 String OPTIONAL

The second line of your business address for display to the payer during the payment interaction.

Data can consist of any characters

Min length: 0 Max length: 100
interaction.merchant.address.line3 String OPTIONAL

The third line of your business address for display to the payer during the payment interaction.

Data can consist of any characters

Min length: 0 Max length: 100
interaction.merchant.address.line4 String OPTIONAL

The fourth line of your business address for display to the payer during the payment interaction.

Data can consist of any characters

Min length: 0 Max length: 100
interaction.merchant.email Email OPTIONAL

The email address of your business for display to the payer during the payment interaction (e.g. an email address for customer service).

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

interaction.merchant.name String REQUIRED

The name of your business for display to the payer on the payment interaction.

Data can consist of any characters

Min length: 1 Max length: 40
interaction.merchant.phone String OPTIONAL

The phone number of your business for display to the payer during the payment interaction.

Data can consist of any characters

Min length: 0 Max length: 20
interaction.merchant.url URI OPTIONAL

The URL of your business for display to the payer during the payment interaction.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

interaction.operation Enumeration REQUIRED

Indicates the operation that you wish to perform during the Hosted Checkout interaction.

Value must be a member of the following list. The values are case sensitive.

AUTHORIZE

Request for the Hosted checkout interaction to create Authorization transaction for the payment.

NONE

Hosted Checkout will collect the payment details from the payer and securely store them against the Hosted Checkout session. No operation will be performed after the payer interaction.

PURCHASE

Request for the Hosted checkout interaction to create Purchase transaction for the payment.

VERIFY

Request for the Hosted Checkout interaction to verify the payer's account. The payment details are verified using the verification method supported by the acquirer and the data provided in the request.

interaction.redirectMerchantUrl URI OPTIONAL

The URL to which you want to return the payer after unsuccessful payment when retry attempts in the session are exhausted.

The URL should be used with retryAttemptCount for redirection.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

interaction.retryAttemptCount Integer OPTIONAL

The number of retry attempts allowed per session.

This is the number of time payer can retry attempts for the unsuccessful payment before it navigates to the merchant portal.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 3
interaction.returnUrl URI OPTIONAL

The URL to which you want to return the payer after completing the payment attempt.

During the redirect, the gateway will append a resultIndicator parameter to this URL. This parameter determines the result of the payment. See Obtain the Payment Result section.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

interaction.style OPTIONAL

Merchant can update the styles to align the checkout page with their branding.

interaction.style.accentColor Alphanumeric + additional characters OPTIONAL

The accent color of your business for display to the payer on the payment interaction.

Data may consist of the characters 0-9, a-z, A-Z, '#'

Min length: 7 Max length: 7
interaction.style.theme Alphanumeric + additional characters OPTIONAL

The theme used to control the look and feel of your checkout interaction.

If you do not provide this field the default theme is will be used.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 50
interaction.timeout Integer OPTIONAL

The duration (in seconds) available to the payer to make a payment.

Set this field when you want to limit the time you reserve the goods or service for this payer. For example, ticket bookings.

If the payment is not completed within this time, their browser will be returned to the website you specified in interaction.timeoutUrl.

Note: Timeouts are best effort and approximate, as some services (for example, 3-D Secure authentication) cannot be interrupted.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 600 Max value: 1800
interaction.timeoutUrl URI OPTIONAL

The URL to which you want to return the payer if the payment is not completed in the allowed time.

This will either be the time you specified in interaction.timeout or the gateway default timeout value.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

interaction.tokens[n] Alphanumeric OPTIONAL

Uniquely identifies a card and associated details.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 40
lineOfBusiness String OPTIONAL

Your payment service provider might have configured your merchant profile to support several lines of business.

Each line of business can have different payment parameters, such as bank account, supported cards or such.

For example, lineOfBusiness = TICKET_SALES can have a different bank account from lineOfBusiness = MERCHANDISING. One line of business on your profile might be "null". To use that, do not provide the lineOfBusiness field.

Data can consist of any characters except space

Min length: 1 Max length: 100
order.id String REQUIRED

A unique identifier for this order to distinguish it from any other order you create.

Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order you create using your merchant profile.

Data can consist of any characters

Min length: 1 Max length: 40
partnerSolutionId String OPTIONAL

If, when integrating with the gateway, you are using a solution (e.g. a shopping cart or e-commerce solution) provided, supported or certified by your payment service provider, enter the solution ID issued by your payment service provider here.

If your payment service provider has not provided you with a solution ID, you should ignore this field.

Data can consist of any characters

Min length: 1 Max length: 40
paymentLink OPTIONAL

If you have requested a payment link (checkoutMode=PAYMENT_LINK) you must provide the values in this parameter group to configure the payment link functionality.

shipping OPTIONAL

Shipping information for this order.

shipping.address OPTIONAL

The address to which this order will be shipped.

shipping.address.city String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.company String OPTIONAL

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.country Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
shipping.address.postcodeZip Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
shipping.address.source Enumeration OPTIONAL

How you obtained the shipping address.

Value must be a member of the following list. The values are case sensitive.

ADDRESS_ON_FILE

Order shipped to an address that you have on file.

NEW_ADDRESS

Order shipped to an address provided by the payer for this transaction.

shipping.address.stateProvince String OPTIONAL

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
shipping.address.stateProvinceCode String OPTIONAL

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
shipping.address.street String OPTIONAL

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.street2 String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.sameAsBilling Enumeration OPTIONAL

Indicates whether the shipping address provided is the same as the payer's billing address.

Provide this value if you are not providing the full shipping and billing addresses, but you can affirm that they are the same or different.

The default value for this field is:

SAME - if the shipping and billing address are supplied, and all fields are the same (ignoring non-alphanumerics).
DIFFERENT - if the shipping and billing address are supplied, and at least one field is different (ignoring non-alphanumerics).
UNKNOWN - either shipping address or billing address is absent.

Value must be a member of the following list. The values are case sensitive.

DIFFERENT

The shipping and billing addresses are different.

SAME

The shipping and billing addresses are the same.

UNKNOWN

It is not known if the shipping and billing addresses are the same.

shipping.contact OPTIONAL

Details of the contact person at the address the goods will be shipped to.

shipping.contact.email Email OPTIONAL

The contact person's email address.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

shipping.contact.firstName String OPTIONAL

The first name of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.lastName String OPTIONAL

The last name or surname of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.mobilePhone Telephone Number OPTIONAL

The contact person's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.contact.phone Telephone Number OPTIONAL

The contact person's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.method Enumeration OPTIONAL

The shipping method used for delivery of this order.

Value must be a member of the following list. The values are case sensitive.

ELECTRONIC

Electronic delivery.

GROUND

Ground (4 or more days).

NOT_SHIPPED

Order for goods that are not shipped (for example, travel and event tickets)

OVERNIGHT

Overnight (next day).

PICKUP

Shipped to a local store for pick up.

PRIORITY

Priority (2-3 days).

SAME_DAY

Same day.

transaction OPTIONAL

Information about this transaction.

transaction.acquirer OPTIONAL

Additional information to be passed to acquirer.

transaction.acquirer.customData String OPTIONAL

Additional information requested by the acquirer which cannot be passed using other available data fields.

This field must not contain sensitive data.

Data can consist of any characters, but sensitive data will be rejected

Min length: 1 Max length: 2048
transaction.acquirer.traceId String OPTIONAL

The unique identifier that allows the issuer to link related transactions.

Typically the gateway takes care of submitting this identifier to the issuer on your behalf. However, you must submit this identifier if you have processed the payer-initiated transaction (also called CIT) for the payment agreement outside the gateway or you are submitting a Refund where the Authorization or Payment has been performed outside the gateway.

For a Mastercard transaction this identifier must contain the scheme issued transaction identifier, network code and network date, and is also known as the Trace ID. For a Visa or American Express transaction this identifier matches the scheme issued transaction identifier, also known as Transaction Identifier or TID. Refer to the scheme's documentation for more details.

Payment in a Series

You must provide the information returned in the Authorization/Payment/Verification response for the last payer-initiated transaction in the series (CIT).

Refund

You must provide the information returned in the Authorization/Payment response for the payment for which you are issuing a refund.

Data can consist of any characters, but sensitive data will be rejected

Min length: 1 Max length: 15
transaction.acquirer.transactionId String OPTIONAL

This is the value provided to the acquirer to identify the order.

Ideally this will be the order.id, however if that value cannot be used directly, it will be transformed by the gateway to a unique value that the acquirer will accept. If that behavior is not suitable, you can directly provide the value in this field and it will be passed to the acquirer. You then take responsibility for its correctness. (Note: Contact your payment provider to see if this is supported for your acquirer).

Data can consist of any characters, but sensitive data will be rejected

Min length: 1 Max length: 100
transaction.deferredAuthorization Boolean OPTIONAL

Indicates that you were not able to submit the Authorization (or Payment) transaction at the time it was completed with the cardholder due to a connectivity, system issue, or other limitations and have deferred submitting it until your system was back online.

JSON boolean values 'true' or 'false'.

transaction.merchantNote String OPTIONAL

Your note about this transaction.

Data can consist of any characters

Min length: 1 Max length: 250
transaction.reference String OPTIONAL

An optional identifier for this transaction.

Data can consist of any characters

Min length: 1 Max length: 40
transaction.source Enumeration OPTIONAL

Indicates the channel through which you received authorization for the payment for this order from the payer.

For example, set this value to INTERNET if the payer initiated the payment online.

If you have an existing agreement with the payer that authorizes you to process this payment (for example, a recurring payment) then set this value to MERCHANT. You only need to provide transaction.source if you want to override the default value configured for your acquirer link.

Note:

  • You can only override the default value if you have the requisite permission.
  • The value you provide must match one of those configured by your payment service provider.
  • You can only set the transaction source on the initial transaction on an order. It cannot be changed on subsequent transactions.

Value must be a member of the following list. The values are case sensitive.

CARD_PRESENT

Transaction where the card is presented to the merchant.

INTERNET

Transaction conducted over the Internet.

MOTO

Transaction received by mail or telephone.

Response

Fields

checkoutMode Enumeration ALWAYS PROVIDED

Defines how the Hosted Checkout interaction can be launched.

If you want to immediately redirect the payer from your website (Hosted Payment Page) or launch the Lightbox to make the payment, set this value to WEBSITE. This is the default behavior if the field is not provided.

Value must be a member of the following list. The values are case sensitive.

PAYMENT_LINK

Returns a payment link (paymentLink.url) that you can include in your communication with the payer (e.g. email). Clicking on the link will take the payer to Hosted Checkout.

WEBSITE

Returns a session identifier (session.id) that you need to pass when configuring the Hosted Checkout interaction using the Checkout.configure() function. This is the default value.

lineOfBusiness String CONDITIONAL

Your payment service provider might have configured your merchant profile to support several lines of business.

Each line of business can have different payment parameters, such as bank account, supported cards or such.

For example, lineOfBusiness = TICKET_SALES can have a different bank account from lineOfBusiness = MERCHANDISING. One line of business on your profile might be "null". To use that, do not provide the lineOfBusiness field.

Data can consist of any characters except space

Min length: 1 Max length: 100
merchant Alphanumeric + additional characters ALWAYS PROVIDED

The unique identifier issued to you by your payment provider.

This identifier can be up to 12 characters in length.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40
paymentLink CONDITIONAL

If you have requested a payment link (checkoutMode=PAYMENT_LINK) you must provide the values in this parameter group to configure the payment link functionality.

result Enumeration ALWAYS PROVIDED

A system-generated high level overall result of the transaction/operation.

Value must be a member of the following list. The values are case sensitive.

FAILURE

The operation was declined or rejected by the gateway, acquirer or issuer

PENDING

The operation is currently in progress or pending processing

SUCCESS

The operation was successfully processed

UNKNOWN

The result of the operation is unknown

session.id ASCII Text CONDITIONAL

The session identifier for the Hosted Checkout interaction.

You must include this identifier in the Checkout.configure() function to redirect the payer from your website (Hosted Payment Page) or open the Embedded Page.

Data consists of ASCII characters

Min length: 31 Max length: 35
session.updateStatus Enumeration CONDITIONAL

A summary of the outcome of the last attempt to modify the session.

In order to perform an operation using this session this value must be SUCCESS.

Value must be a member of the following list. The values are case sensitive.

FAILURE

The last attempt to place data into the session was unsuccessful. The session may contain invalid data. A request operation using this session will be rejected by the payment gateway.

NO_UPDATE

No attempt has been made to place data into the session. A request operation using this session will be rejected by the payment gateway.

SUCCESS

The last attempt to update the session was successful. You may submit a request operation using this session.

session.version ASCII Text CONDITIONAL

Use this field to implement optimistic locking of the session content.

Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.

To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.

See Making Business Decisions Based on Session Content.

Data consists of ASCII characters

Min length: 10 Max length: 10
successIndicator ASCII Text ALWAYS PROVIDED

An identifier to determine the success of the hosted payment.

The gateway will return this value in the resultIndicator parameter (appended to the returnUrl) for successful payments only. See Obtain the Payment Result section.

Data consists of ASCII characters

Min length: 16 Max length: 32

Errors

error

Information on possible error conditions that may occur while processing an operation using the API.

error.cause Enumeration

Broadly categorizes the cause of the error.

For example, errors may occur due to invalid requests or internal system failures.

Value must be a member of the following list. The values are case sensitive.

INVALID_REQUEST

The request was rejected because it did not conform to the API protocol.

REQUEST_REJECTED

The request was rejected due to security reasons such as firewall rules, expired certificate, etc.

SERVER_BUSY

The server did not have enough resources to process the request at the moment.

SERVER_FAILED

There was an internal system failure.

error.explanation String

Textual description of the error based on the cause.

This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.

Data can consist of any characters

Min length: 1 Max length: 1000
error.field String

Indicates the name of the field that failed validation.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Data can consist of any characters

Min length: 1 Max length: 100
error.supportCode String

Indicates the code that helps the support team to quickly identify the exact cause of the error.

This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.

Data can consist of any characters

Min length: 1 Max length: 100
error.validationType Enumeration

Indicates the type of field validation error.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Value must be a member of the following list. The values are case sensitive.

INVALID

The request contained a field with a value that did not pass validation.

MISSING

The request was missing a mandatory field.

UNSUPPORTED

The request contained a field that is unsupported.

result Enumeration

A system-generated high level overall result of the operation.

Value must be a member of the following list. The values are case sensitive.

ERROR

The operation resulted in an error and hence cannot be processed.