How should I authenticate requests?

The authentication method varies based on the API and who is making the call.

If you’reAnd you want toUse
A merchant or partnerRequest a payment tokenThe public key from your merchant account
A merchantMake test requestsThe test secret key from your merchant account
A merchantMake live requestsThe live secret key from your merchant account
A partnerMake merchant or payment gateway requestsAn access token to request gateway credentials for a specific AffiniPay merchant, which returns the secret keys for the merchant account. See Connecting current merchants and Connecting new merchants.

Important Note for Merchant and Payment Gateway API requests

Merchant and payment gateway API requests are authenticated using HTTP Basic Authentication. When you submit a request, you must always base64-encode the public or secret key plus a trailing colon, using tools such as base64 (https://linux.die.net/man/1/base64) (OS X/Linux) or certutil (Windows).

For example, if your public key is: m_cSiyNUh9RBWHfdbFRFGrkB, you’ll base64-encode m_cSiyNUh9RBWHfdbFRFGrkB:. The result is bV9jU2l5TlVoOVJCV0hmZGJGUkZHcmtCOg==, which you’ll use in your request header.

How can I test payments?

You can use test card numbers and test bank accounts to make test payments.

Are there examples for requests?

Every operation you can perform using the API has a corresponding example request and response in the API Reference. The examples are in cURL and have the following structure:

curl -X <method> -H <content_type> <authentication> <endpoint_url> -d `{<request_body>}`

Here’s a description of each part of this request:

<method>The type of operation that the request will perform, such as POST to create an object.
<content_type>The type of data that will be passed in the request body.
<authentication>The key or token used to authenticate the request.
<endpoint_url>The API endpoint where the request is sent.
<request_body>The request body. It must be surrounded by single quotes.

Here’s an example request using each of these components:

curl -X POST -H "Content-Type:application/json" --user AbCdEfG= https://api.chargeio.com/v1/charges -d '
      "amount": "100",
      "account_id": "1A2B3C",
      "method": {
          "type": "card",
          "number": "4242424242424242",
          "exp_month": 10,
          "exp_year": 2025,
          "cvv": "123",
          "name": "Some Customer"