Skip to main content

API integration

Direct integration

Direct integration allows you to accept split payments using your own payment page. At the same time, the integration allows making payments using payment cards and alternative payment methods.

Interaction format:

An image from the static

info

Note: the use of direct integration when collecting card data on the merchant side requires PCI DSS certification. Alternatively, you can use our tokenization widget by implementing it on your site.

If using direct integration, if payment data is collected on your end, make sure that it is properly validated on your page, including:

  • Card expiration date validation.

  • Checking the card number according to the (Luhn algorithm).

  • The entered CVV/CVC contains only numbers.

Features of using direct integration:

  1. The payment page must use the HTTPS protocol.
  2. Customer details must be persistent and unique.
  3. Use the HTTP POST method.

Request parameters:

ParameterTypeRequiredDescription
pos_idUUIDMerchant's identifier (POS_ID)
modeMODEdirect
methodMETHODPayment method (purchase)
amountNumberTransaction amount. Must be a positive number. The number of decimal digits must be less than or equal to 2 (e.g., 100.00, 250, 50.50)
currencyCURRENCYTransaction currency (ISO_4217)
descriptionStringPayment description
order_idStringUnique identified of order
order_3ds_bypassString3-D Secure flow option
cc_numberCC_NUMBERCard number
exp_monthNumberCard expiration month field
exp_yearNumberCard expiration year field
card_cvvStringCard CVV
cc_tokenStringCard token
productsArray[Product]Array of products to be paid
customer_idStringCustomer’s identifier in merchant's system
customer_fnameStringCustomer’s first name
customer_lnameStringCustomer’s last name
customer_patronymStringCustomer’s patronym
customer_emailStringCustomer’s email
customer_phoneStringCustomer’s phone
customer_ipStringCustomer’s IP address
customer_countryStringCustomer’s country (ISO 3166-1 (alpha-2)). For instance, UA for Ukraine
customer_birthdayStringCustomer's birthday (format: yyyy-MM-dd)
customer_referrerURLPage customer is redirected from.
customer_tax_idStringCustomer’s tax identification number
server_urlURLWebhook notification will be sent to this URL
result_urlURLCustomer will be redirected to this URL after payment.
merchant_mccMCCMCC for this transaction
payloadStringField for merchant custom data. Max 4000 symbols.
validation_urlStringPreflight request will be sent to this URL
browser_fingerprintJsonBrowser fingerprint. These parameters could be used in 3DS 2.0 verification.
cryptogramJsonCryptogram parameters.
customer_referrerURLPage customer is redirected from.
splitArray[SplitPayment]Split payment properties

Depending on whether the request is full card data or a token, you need to pass the following parameters:

  • Using full card data: cc_number, exp_month, exp_year, card_cvv.
  • Using tokens: cc_token.
info

In addition to supporting payments with tokens received after card payments, we also support tokens generated during the first payment via Apple Pay or Google Pay™. These tokens should be passed in the cc_token parameter

For example:

"cc_token":"rcr:ODJkZjBhNmY2OTMyNDJlN2wjMjFjfTQzOXU3ZDFhYzI6cWJmWHFmMHlzM3hYaXJMWEZv" (token after an Apple Pay or Google Pay™ payment)
or
"cc_token": "ODJkZjBhNmY2OTMyND7sSjdD0S8TQzOXU3ZDFhYzI6cWJmWHFmMHlz M3hYaXJMWEZv" (token after a card payment).

Additionally, the split payment must also include specific parameters in the split array:

ParameterTypeRequiredDescription
amountNumberTransaction amount. Must be a positive number. The number of decimal digits must be less than or equal to 2 (e.g., 100.00, 250, 50.50)
sub_merchant_idUUIDUnique Sub merchant identifier (to get the identifier, please contact support at [email protected])

Example request using card data:

$ curl "https://cpay.tranzzo.com/api/v1/split/purchase" \
-H "Content-Type: application/json" \
-H "X-API-AUTH: CPAY ${API_KEY}:${API_SECRET}" \
-H "X-API-KEY: ${ENDPOINTS_KEY}" \
-X POST -d '{
"pos_id": "${POS_ID}",
"mode": "direct",
"method": "purchase",
"amount": 100,
"currency": "UAH",
"description": "Order description",
"order_id": "123",
"order_3ds_bypass": "always",
"cc_number": "4242424242424242",
"exp_month": 2,
"exp_year": 24,
"card_cvv": "111",
"server_url": "https://callback.blackhole.com/callback",
"result_url": "https://example.com/result",
"payload": "sale=true",
"browser_fingerprint": {
"browserColorDepth": "24",
"browserScreenHeight": "860",
"browserScreenWidth": "1600",
"browserJavaEnabled": "false",
"browserLanguage": "uk-UA",
"browserTimeZone": "Europe/Kiev",
"browserTimeZoneOffset": "-120",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"browserIpAddress": "127.0.0.1",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36"
},
"split":[
{
"amount": 70,
"sub_merchant_id": "${SUB_MERCHANT_ID_1}"
},
{
"amount": 30,
"sub_merchant_id": "${SUB_MERCHANT_ID_2}"
}
]
}'

Example request using token:

$ curl "https://cpay.tranzzo.com/api/v1/split/purchase" \
-H "Content-Type: application/json" \
-H "X-API-AUTH: CPAY ${API_KEY}:${API_SECRET}" \
-H "X-API-KEY: ${ENDPOINTS_KEY}" \
-X POST -d '{
"pos_id": "${POS_ID}",
"mode": "direct",
"method": "purchase",
"amount": 100,
"currency": "UAH",
"description": "Order description",
"order_id": "123",
"order_3ds_bypass": "always",
"cc_token": "ODJkZjBhNmY2OTMyNDJlN2wjMjFjfTQzOXU3ZDFhYzI6cWJmWHFmMHlzM3hYaXJMWEZv",
"server_url": "https://callback.blackhole.com/callback",
"result_url": "https://example.com/result",
"payload": "sale=true",
"browser_fingerprint": {
"browserColorDepth": "24",
"browserScreenHeight": "860",
"browserScreenWidth": "1600",
"browserJavaEnabled": "false",
"browserLanguage": "uk-UA",
"browserTimeZone": "Europe/Kiev",
"browserTimeZoneOffset": "-120",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"browserIpAddress": "127.0.0.1",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36"
},
"split":[
{
"amount": 70,
"sub_merchant_id": "${SUB_MERCHANT_ID_1}"
},
{
"amount": 30,
"sub_merchant_id": "${SUB_MERCHANT_ID_2}"
}
]
}'

Response parameters:

ParameterTypeDescription
pos_idUUIDMerchant's identifier (POS_ID)
modeMODEdirect
methodMETHODPayment method (purchase)
amountNumberTransaction amount
currencyCURRENCYTransaction currency (ISO_4217)
descriptionStringPayment description
order_idStringUnique identifier of order
order_3ds_bypassString3-D Secure flow option
cc_numberCC_NUMBERCard number
exp_monthNumberCard expiration month field
exp_yearNumberCard expiration year field
card_cvvStringCard CVV
productsArray[Product]Array of products to be paid
customer_idStringCustomer’s identifier in merchant's system
customer_fnameStringCustomer’s first name
customer_lnameStringCustomer’s last name
customer_patronymStringCustomer’s patronym
customer_emailStringCustomer’s email
customer_phoneStringCustomer’s phone
customer_ipStringCustomer’s IP address
customer_countryStringCustomer’s country (ISO 3166-1 (alpha-2)). For instance, UA for Ukraine
customer_birthdayStringCustomer’s birthday (format: yyyy-MM-dd)
server_urlURLWebhook notification will be sent to this URL
result_urlURLCustomer will be redirected to this URL after payment.
merchant_mccMCCMCC for this transaction
payloadStringField for merchant custom data. Max 4000 symbols.
validation_urlStringPreflight request will be sent to this URL
browser_fingerprintJsonBrowser fingerprint. These parameters could be used in 3DS 2.0 verification.
splitArray[SplitPayment]Split payment properties

Response example:

{
"payment_id": "9b1392a5-d030-4e85-b02d-9b7191ea2a5e",
"order_id": "123",
"gateway_order_id": "9B39A076243EB3EBB0925EAA981763AC:158545961",
"billing_order_id": "11231231231",
"transaction_id": "a8d80c86-0c7b-41bc-b63d-1e78f80edcd9",
"pos_id": "dc728de1-51ef-4ef1-80f7-3b44b07b5667",
"mode": "direct",
"method": "purchase",
"amount": 100,
"currency": "UAH",
"description": "Order description",
"status": "pending",
"status_code": "2122",
"status_description": "3DS verification is required to finish the transaction.",
"user_action_required": true,
"user_action_url": "http://secure.secure3d.net/s3st?a=start_3ds&tid=a8d81c860c7b41bcb65d1e78f80edcd923ac18d5dd1d4a37e6c7df7d5e4bec74ab5d790b",
"eci": "7",
"mcc": "4900",
"options_3ds": "supported",
"cc_mask": "424242******4242",
"cc_token": "ODJkZjBhNmY2OTMyNDJlN2wjMjFjfTQzOXU3ZDFhYzI6cWJmWHFmMHlzM3hYaXJMWEZv",
"cc_token_expiration": "2020-10-10T10:10:22",
"customer_id": "123",
"customer_ip": "194.183.171.239",
"customer_fname": "Tom",
"customer_lname": "Hanks",
"customer_email": "[email protected]",
"customer_phone": "+380999999999",
"customer_country": "UA",
"result_url": "https://example.com/result",
"created_at": "2018-10-10T10:10:22.100",
"processing_time": "2018-10-10T10:10:23.300",
"payload": "sale=true",
"bank_short_name": "Bank name"
}

In addition, the following data regarding the fingerprint of the payer's browser must be submitted in the request:

ParameterTypeDescription
browserColorDepthStringBrowser's color depth
browserScreenHeightStringBrowser's screen height
browserScreenWidthStringBrowser's screen width
browserJavaEnabledStringBrowser's java enabled
browserLanguageStringBrowser's language
browserTimeZoneStringBrowser's timezone
browserTimeZoneOffsetStringBrowser's timezone offset
browserAcceptHeaderStringBrowser's accept header
browserIpAddressStringBrowser's IP address
browserUserAgentStringBrowser's user agent

An example of a payer's browser fingerprint:

"browser_fingerprint": {
"browserColorDepth": "24",
"browserScreenHeight": "860",
"browserScreenWidth": "1600",
"browserJavaEnabled": "false",
"browserLanguage": "uk-UA",
"browserTimeZone": "Europe/Kiev",
"browserTimeZoneOffset": "-120",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"browserIpAddress": "127.0.0.1",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36"
}

Hosted integration

The Hosted integration will allow you to accept split payments from customers from the Tranzzo payment page. This payment method provides an ability to use payment cards, Apple Pay and Google Pay™ digital wallets, as well as local payment methods.

Interaction format:

An image from the static

To create a payment through the hosted integration, use the HTTP POST method.

Request parameters:

ParameterTypeRequiredDescription
pos_idUUIDMerchant's identifier (POS_ID)
modeMODEhosted
methodMETHODPayment method (purchase)
amountNumberTransaction amount. Must be a positive number. The number of decimal digits must be less than or equal to 2 (e.g., 100.00, 250, 50.50)
currencyCURRENCYTransaction currency (ISO_4217)
descriptionStringPayment description
order_idStringUnique identified of order
order_3ds_bypassString3-D Secure flow option
productsArray[Product]Array of products to be paid, empty array can be specified
customer_idStringCustomer’s identifier in merchant's system
customer_fnameStringCustomer’s first name
customer_lnameStringCustomer’s last name
customer_patronymStringCustomer’s patronym
customer_emailStringCustomer’s email
customer_phoneStringCustomer’s phone
customer_langStringCheckout language. Supported values.
customer_countryStringCustomer’s country (ISO 3166-1 (alpha-2)). For instance, UA for Ukraine
customer_birthdayStringCustomer's birthday (format: yyyy-MM-dd)
customer_tax_idStringCustomer’s tax identification number
server_urlURLWebhook notification will be sent to this URL
result_urlURLCustomer will be redirected to this URL after payment.
merchant_mccMCCMCC for this transaction
payloadStringField for custom data. Max 4000 symbols.
validation_urlURLPreflight request will be sent to this URL
splitArray[SplitPayment]Split payment properties

Additionally, the split payment must also include specific parameters in the split array:

ParameterTypeRequiredDescription
amountNumberTransaction amount. Must be a positive number. The number of decimal digits must be less than or equal to 2 (e.g., 100.00, 250, 50.50)
sub_merchant_idUUIDUnique Sub merchant identifier (to get the identifier, please contact support at [email protected])

Request example:

$ curl -i "https://cpay.tranzzo.com/api/v1/split/purchase" \
-H "Content-Type: application/json" \
-H "X-API-AUTH: CPAY ${API_KEY}:${API_SECRET}" \
-H "X-API-KEY: ${ENDPOINTS_KEY}" \
-X POST -d '{
"pos_id": "${POS_ID}",
"mode": "hosted",
"method": "purchase",
"amount": 100,
"currency": "UAH",
"description": "description_1",
"order_id": "123",
"order_3ds_bypass": "always",
"server_url": "https://callback.blackhole.com/callback",
"result_url": "https://example.com/result",
"payload": "sale=true",
"split":[
{
"amount": 70,
"sub_merchant_id": "${SUB_MERCHANT_ID_1}"
},
{
"amount": 30,
"sub_merchant_id": "${SUB_MERCHANT_ID_2}"
}
]
}'

A 303 HTTP response status to a successful request contains a location header to which the customer should be redirected to proceed with payment.

Response example:

HTTP/2 303
# .. other headers
location: https://cpay.tranzzo.com/api/v1/checkout/1b806782-3d97-4444-abb9-6e4b45d34663/form

Next steps

To test the payment process:

Find more details in the integration checklist.

After completing the test to go live, you need:

  1. Create a live project in the merchant portal.
  2. With direct integration: pass PCI DSS certification (if you intend to work with card data of payers on your side) or implement a tokenization widget (possibility of making direct payments without using card data).
  3. After receiving information from our Compliance team about the completion of the settings for the project, make changes to the authentication data using the data of the live project.
  4. You are ready to receive payments from your customers.

See also: