Payments
Payment Statuses
The current stage of a payment lifecycle is represented in
status
field. The status of a payment can be one of the following:
Name | Description |
---|---|
processing | Salt Edge PSD2 Compliance is processing the request or response. |
redirect | Provider requires a redirect for authentication. |
waiting_confirmation | Provider is waiting for the consent of Customer. |
waiting_confirmation_code | Provider is waiting for a confirmation code, be it OTP for authentication or Dynamic linking for performing a payment. |
closed | Session is closed. |
Create
Create a payment order on behalf of PSU
CURL
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InJlZGlyZWN0X3VybCI6Imh0dHBzOi8vdXNlci53aWxsLmJlL3JlZGlyZWN0ZWQvaGVyZSIsImJlbmVmaWNpYXJ5X2lkIjozODMsImZvcmNlX3NjYSI6dHJ1ZSwiZXh0cmEiOnt9LCJ0ZW1wbGF0ZV9pZCI6ODI0LCJwYXltZW50X2F0dHJpYnV0ZXMiOnsiZnJvbV9hY2NvdW50IjoiOTU0MjM0MjMxMiIsInRvX2FjY291bnQiOiIzNDU4OTc5NTcwIiwiYW1vdW50IjoiMTUwLjAwIiwiZGVzY3JpcHRpb24iOiJUZXN0IHBheW1lbnQuIn0sInByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayJ9LCJleHAiOjE3MTUxODUwMTN9.R0osPsdSsy7rEoM3aRQUz-bYlK4alvT07sT-FEKjXB-B2-aLsusYWjfymfn9griTqLNxq513xAFFRBrepb4HkqM15O5nyP3NXDQgGcrUJ_aXlJrvIQbjzCPiBw_RZ2E9BLNhg-ARU4zIau2S-Wk_2a5o95NuzInacfR90YKj8X_1jqfWhPd7_kY2iR4DlTu1cX-3zjVz2cw-sFjIgR9R533I0xibx4_LO8M7NmQEL59eMSHhnj1PdZHs0q9HYoltQ4LoHalDRiAaOkoHXWZIc8kMwtXGpn4dLWvWAKd0ZkyHnh8Il4yOApxa6lLaAVjrCcn9IlfhYTrWR6ZppQfC-A" \
-H "App-Id: pRhi4X5YXwmccpgmDsLb1w" \
-H "App-Secret: dszz3LNHbWnqz9HnnH8DhA" \
-H "Access-Token: aacd4e18fab5b180b5e3cc4d35f8600ec08e1be219e5ec9400bc819357928a9283e8d6941215742aaa127d9076496bf210044545cbc1dc00489f295024c926c8" \
-H "Client-Request-Id: 17" \
-X POST "/api/v2/payments"
Example of request parameters
{"data":{"redirect_url":"https://user.will.be/redirected/here","beneficiary_id":383,"force_sca":true,"extra":{},"template_id":824,"payment_attributes":{"from_account":"9542342312","to_account":"3458979570","amount":"150.00","description":"Test payment."},"provider_code":"demobank"},"exp":1574093209}
Example of response
{"data":{"status":"pending","description":"Internal payment.","fees":[{"amount":0.25,"description":"Bank fee.","currency_code":"EUR"},{"amount":0.1,"description":"Payment fee.","currency_code":"EUR"}],"updated_at":"2019-11-18T16:04:50.320Z","id":997,"payment_attributes":{"from_account":"9542342312","to_account":"3458979570","amount":"150.00","description":"Test payment."},"session":{"fail_message":"","id":611,"secret":"x2xxJojJkQ9u56EyU_NS","status":"processing","events":[{}],"success_at":"2019-11-18T16:04:50.320Z","expires_at":"2019-11-18T17:04:50.320Z","fail_at":""},"created_at":"2019-11-18T16:04:50.320Z"}}
Request
POST
/api/v2/payments
Headers
Header | Type | Description |
---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key .
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
TokenMissing | 400 | This request cannot be performed without Access_Token header. |
AccessDenied | 401 | Action you want to perform is not allowed. More in error_message |
AuthorizationMissing | 401 | Authorization header is missing. |
TokenNotFound | 401 | Token specified in request does not exist or cannot be retrieved. |
TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
TokenExpired | 401 | Token specified in request is expired and cannot be used. |
ProviderNotFound | 404 | Provider specified in request does not exist or cannot be retrieved. |
TrustedBeneficiaryNotFound | 404 | Trusted Beneficiary specified in request does not exist or cannot be retrieved. |
TemplateNotFound | 404 | Template specified in request does not exist or cannot be retrieved. |
OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
CertificateNotFound | 404 | Certificate has no permissions. |
Show
Endpoint used to fetch all data relevant to a payment including fees, status and other.
CURL
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImlkIjo5NjF9LCJleHAiOjE3MTUxODUwMTN9.n_oqwsB_n1lYjlFvgAG7FiXRI8AS6hjoYRDksLkHHEgHsSBtEjzxPDzMKpaRSA6h49kC-jbxvi_T2-s_XJZNLzcaNO43C7S63cBN0fdY90dSZG7P3NSbioGoc4tFWE1puGfCxr1d_c4F5KHlgi9WuSnXloH554swAilnG39XM9axIE-PVY4mxiZWkKWPWSzsywmwVEWxdcXeKt_zHMB6hKAzuS40ltqe94HjWCkEp6MQxWKU-OwmT_MrGj39q6DVpNH09ueCQzHwDkJDlbvi886YPQhQiWO6IPhrHsMRWa-h4_R4QTkrME3y1ORNJc6XKnlO9Zib2Y3moYUHCy0VQg" \
-H "App-Id: xiPaOjVpBugwMgcYacdZtA" \
-H "App-Secret: -vhQNUkweQ8udbSof_w-Fg" \
-H "Access-Token: 057b31e63213d7c1f825398fb26de481c5d97ff2d89caad409c2b765418f84ca398f9338df21012f3e004d4c73fef623ce8464e829ce9e58ffc52fdbc48da467" \
-H "Client-Request-Id: 17" \
-X GET "/api/v2/payments/:id"
Example of request parameters
{"data":{"id":961},"exp":1574093210,"id":141}
Example of response
{"data":{"status":"closed","description":"Test payment","fees":[{"amount":0.25,"description":"Bank fee.","currency_code":"EUR"},{"amount":0.1,"description":"Payment fee.","currency_code":"EUR"}],"updated_at":"2019-11-18T16:04:50.451Z","id":305,"payment_attributes":{"from_account":"9542342312","to_account":"3458979570","amount":"150.00","description":"Test payment."},"interactive_step_instruction":{"interactive_field":"sms_pincode","instruction":{}},"session":{"fail_message":"","id":501,"secret":"oxL4oeiCApNvSKQYKGoi","status":"processing","events":[{}],"success_at":"2019-11-18T16:04:51.450Z","expires_at":"2019-11-18T17:04:50.450Z","fail_at":""},"created_at":"2019-11-18T16:04:50.451Z"}}
Request
GET
/api/v2/payments/:id
Headers
Header | Type | Description |
---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key .
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
TokenMissing | 400 | This request cannot be performed without Access_Token header. |
AuthorizationMissing | 401 | Authorization header is missing. |
TokenNotFound | 401 | Token specified in request does not exist or cannot be retrieved. |
TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
TokenExpired | 401 | Token specified in request is expired and cannot be used. |
PaymentNotFound | 404 | Payment specified in request does not exist or cannot be retrieved. |
OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
CertificateNotFound | 404 | Certificate has no permissions. |
Confirm
This endpoint is used for processing additional interactive steps in the process of payment creation.
CURL
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNyZWRlbnRpYWxzIjp7InNtc19waW5jb2RlIjoiMTIzNDU2In19LCJleHAiOjE3MTUxODUwMTN9.AiL0YX_YtCQ6_LkwF1NAdQj4Y6BZj_0O6ZjRmxPYKqG5MJXPDOTDa-50g25Ao3zxn3NbvvBYqTFQ4hdIh0uJ81PcjyulPBiPajmsFuxaml8oVrMJLUgQXOsffy6nGtZ9bWMwORmh8aQ0bNpqAOOFLO3D_IQubY9iP-v1-cJbu3jMCArlkGKydrMXtsU8E2PMdXHtn5ffTIVFDr3DfWAyncK-XaAIL8JLXCmdfhVS8M05d_0r4rlFOkM-tYx_BrN6WH9tZk-4RBhsR0Qs0pdyjhm9HXft1YziapQVhLCd_RrTtPhdKeLEdHRQ91xzqcJUj-UoeSjtk9KHzlH0AM1Pdw" \
-H "App-Id: kai5JbcoWosdVUzLG2ib1A" \
-H "App-Secret: H9EhmbtXlqm73MML5Z8E8w" \
-H "Access-Token: 19561f4a7115f1c8cd6818748e4f2f90aafa24ac42c139a0c99c92784a786e70eb7755be5582867fca28c78addd743f17c2758de65b0c69eb8ef78c049c62af6" \
-H "Client-Request-Id: 17" \
-X PUT "/api/v2/payments/:id"
Example of request parameters
{"data":{"credentials":{"sms_pincode":"123456"}},"exp":1574093209,"id":794}
Example of response
{"data":{"status":"good","description":"Internal transfer.","fees":[{"amount":0.25,"description":"Bank fee.","currency_code":"EUR"},{"amount":0.1,"description":"Payment fee.","currency_code":"EUR"}],"updated_at":"2019-11-18T16:04:50.249Z","id":691,"payment_attributes":{"from_account":"9542342312","to_account":"3458979570","amount":"150.00","description":"Test payment."},"session":{"fail_message":"","id":461,"secret":"yua36KyKycry_hAPQQVQ","status":"processing","events":[],"success_at":"","expires_at":"2019-11-18T16:04:50.249Z","fail_at":""},"created_at":"2019-11-18T16:04:50.249Z"}}
Request
PUT
/api/v2/payments/:id
Headers
Header | Type | Description |
---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key .
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
SessionClosed | 400 | Session specified in request is already closed and cannot be modified. |
TokenMissing | 400 | This request cannot be performed without Access_Token header. |
SessionExpired | 401 | Found session is expired and cannot be processed anymore. |
AuthorizationMissing | 401 | Authorization header is missing. |
TokenNotFound | 401 | Token specified in request does not exist or cannot be retrieved. |
TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
TokenExpired | 401 | Token specified in request is expired and cannot be used. |
PaymentNotFound | 404 | Payment specified in request does not exist or cannot be retrieved. |
OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
CertificateNotFound | 404 | Certificate has no permissions. |
Destroy
Cancel the payment that is in the process of creation, meaning it has not been confirmed yet.
CURL
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzE1MTg1MDEzfQ.nARsX9ZIC_b5VVkR4LLFf5G8HckwAIQgK2y6AEmXJEr3oi4IcxXc16wWYbiRotDvjb2gEtFsK7uoh0zghPImhWZFJnVnU5jhtOFk4kQCulK-WfE0Aiv2VtOvUve31UQkBizYqdh1214cBPr40rzCxkV8m7S5tqmjRU30uyWQ1sF8EXdQm-QD8ffN9wxbkSErkKIFl2YjaIiTTee-j92ujOcSpYQIsdpRqc5ZzSiJ2na2HeGGoI2g8J0LJ9YlRPOMTGJWgJ-YDB8gEyThX4RC7JK0HwZ0AtovR__kxPh52pqUNeUGHwdyH3l_PfhG_IUosFqBHd3G1L6ldNiFMU-slg" \
-H "App-Id: DZ8IEYmbfDvS3eMeLhA-Lw" \
-H "App-Secret: 5FXgZCioWalfvTGVHqNe0g" \
-H "Access-Token: 55de2eb27669505499da9cdfd7d8f9dccbc61b3c2d158df4959c35d01fc0dc856505986f750f4d84b6bee0b85d4e6dfb3e6309e59078ec81832274c72bb62d1a" \
-H "Client-Request-Id: 17" \
-X DELETE "/api/v2/payments/:id"
Example of request parameters
{"data":{},"exp":1574093210,"id":546}
Example of response
{"data":{"payment_id":324}}
Request
DELETE
/api/v2/payments/:id
Headers
Header | Type | Description |
---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key .
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
SessionClosed | 400 | Session specified in request is already closed and cannot be modified. |
TokenMissing | 400 | This request cannot be performed without Access_Token header. |
SessionExpired | 401 | Found session is expired and cannot be processed anymore. |
AuthorizationMissing | 401 | Authorization header is missing. |
TokenNotFound | 401 | Token specified in request does not exist or cannot be retrieved. |
TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
TokenExpired | 401 | Token specified in request is expired and cannot be used. |
PaymentNotFound | 404 | Payment specified in request does not exist or cannot be retrieved. |
OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
CertificateNotFound | 404 | Certificate has no permissions. |