FAQ

How should I authenticate requests?
How can I test payments?
Are there examples for requests?

How should I authenticate requests?

The authentication method varies based on the API and who is making the call.

If you’re	And you want to	Use
A merchant or partner	Request a payment token	The public key from your merchant account
A merchant	Make test requests	The test secret key from your merchant account
A merchant	Make live requests	The live secret key from your merchant account
A partner	Make merchant or payment gateway requests	An access token to request gateway credentials for a specific AffiniPay merchant, which returns the secret keys for the merchant account. See Connecting current merchants and Connecting new merchants.

Important Note for Merchant and Payment Gateway API requests

Merchant and payment gateway API requests are authenticated using HTTP Basic Authentication. When you submit a request, you must always base64-encode the public or secret key plus a trailing colon, using tools such as base64 (https://linux.die.net/man/1/base64) (OS X/Linux) or certutil (Windows).

For example, if your public key is: m_cSiyNUh9RBWHfdbFRFGrkB, you’ll base64-encode m_cSiyNUh9RBWHfdbFRFGrkB:. The result is bV9jU2l5TlVoOVJCV0hmZGJGUkZHcmtCOg==, which you’ll use in your request header.

How can I test payments?

You can use test card numbers and test bank accounts to make test payments.

Are there examples for requests?

Every operation you can perform using the API has a corresponding example request and response in the API Reference. The examples are in cURL and have the following structure:

curl -X <method> -H <content_type> <authentication> <endpoint_url> -d `{<request_body>}`

Here’s a description of each part of this request:

Component	Description
<method>	The type of operation that the request will perform, such as POST to create an object.
<content_type>	The type of data that will be passed in the request body.
<authentication>	The key or token used to authenticate the request.
<endpoint_url>	The API endpoint where the request is sent.
<request_body>	The request body. It must be surrounded by single quotes.

Here’s an example request using each of these components:

curl -X POST -H "Content-Type:application/json" --user AbCdEfG= https://api.chargeio.com/v1/charges -d '
  {
      "amount": "100",
      "account_id": "1A2B3C",
      "method": {
          "type": "card",
          "number": "4242424242424242",
          "exp_month": 10,
          "exp_year": 2025,
          "cvv": "123",
          "name": "Some Customer"
      }
  }'