NAV Navigation
Logo
shell

Quick Start

Introduction

Welcome to the new Nexio Hub API Reference!

If you're looking for the previous version of our documentation, you can find them at olddocs.nexiopay.com or download our postman collection.

The Nexio API provides several services to help you manage your payments. With these services, you can:

  • Obtain iframes for tokenizing and saving payment methods
  • Obtain iframes for processing payments
  • Process payments directly via the API
  • Manage transactions
  • Manage chargebacks
  • Get reports

This reference contains information or the Nexio API endpoints, including:

  • Available Parameters
  • Required Parameters
  • Example Requests
  • Example Responses
  • Authentication information
  • Code Samples

For additional code samples (including PHP, Node, C# and plugin examples for WooCommerce and Magento), see our Code Examples on GitHub.

Download and explore our Postman collection here:

Run in Postman

Getting Started

Base URLs and Environments

All endpoints are RESTful with the following base URLs:

  • Sandbox: https://api.nexiopaysandbox.com

  • Production: https://api.nexiopay.com

The sandbox environment allows you to run test transactions without affecting live data.

Once you have successfully integrated using the sandbox environment you are ready to integrate to the production environment with minimal changes (you will need to update authentication information, encryption keys, etc.)

Your First Request

A good place to start getting familiar with our API is by sending a request to the Who Am I endpoint.

Prerequisites

To send a valid request, you will be required to authenticate via basic authentication

Example Request
curl -X get https://api.nexiopaysandbox.com/user/v3/account/whoAmI \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

A 200 response will return information about the user whose credentials have been used to authenticate the request, including (but not limited to):

  • First Name
  • Last Name
  • Username
  • A list of merchants to which the user has access rights
 Example 200 Response 
{
  "cognitoSub": "g52679a2-tan5-4a56-b6gc-2592aedd373e",
  "firstName": "John",
  "lastName": "Doe",
  "userName": "jdoe@yourwebsite.com",
  "accessRights": {
    "merchantIds": {
      "100039": "A"
    },
    "role": "A"
  },
  "dateLastModified": "2019-03-08T00:58:27.893Z",
  "dateCreated": "2018-09-27T14:27:39.626Z",
  "enabled": true,
  "phone": "15555555555",
  "notifications": false
}

Next Steps

Once you have successfully made your first request, you are ready to move on.

Depending on your workflow, you may wish to:

Contact Us

If you have additional questions, our integrations team is happy to help:

If you would like to provide feedback on any part of this documentation, please email us at: docs@nexiopay.com

Authentication

Basic Authentication

Basic authentication allows you to:

Prerequisites

Basic authentication requires the following Nexio credentials:

  • Username
  • Password

Please contact integration support to create a Nexio account and/or user.

Steps

  1. Base 64 encode your Nexio username and password with no spaces, separated by a colon. Ex:

    myname@nexiohub.com:mypassword

  2. Prefix the value from Step 1 with the string "Basic " and include in the Authorization Header of your API request. Ex:

    Authorization: Basic bXluYW1lQG5leGlvaHViLmNvbTpteXBhc3N3b3Jk

One-time-use Token

A one-time-use token is required to:

Prerequisites

To obtain a one-time-use token you will first be required to authenticate via basic authentication.

Steps

To obtain an e-commerce one-time-use token:

  1. Send a request to the One-time-use Token (E-commerce) endpoint.

To load an Alternative Payment Method (APM) one-time-use token:

  1. Send a request to the One-time-use Token (APM) endpoint.

In your request for a one-time-use token, you must include any information you wish to pass along to the applicable iframe or popup. This information may include:

  • Transaction information (amount, currency, etc.)
  • Customer information (name, billing address, etc.)
  • UI options for the iframe (URL to a custom CSS file, option to display a submit button, etc.)
  • Processing options (option to check fraud, webhook URLs, etc.)

Notes

  • CORS requires that every request for a one-time-use token must be sent from a server. If you attempt to send a request a frontend you will receive an error
  • One-time-use tokens for e-commerce iframes and alternative payment methods are not interchangeable
  • Not all body parameters that may be included in the body of a request for a one-time-use token apply to every iframe or popup
  • Each one-time-use token can only be used to submit a single form
  • Each one-time-use token expires after one hour

E-commerce Flows & Operations

Overview

Nexio's ecommerce API enables you to:

You will have hands-on control to:

You can also choose to enable built-in fraud protection services, including:

Getting Started

To get started with our ecommerce API, you will need a Nexio username and password.

Contact integrations support to request credentials.

Prior to accessing any endpoint, you will be required to authenticate.

Please see our API Reference for more information on the required authentication for each endpoint. The form of authentication required for each endpoint is listed in a red box at the top of each section.

Create a Checkout Page

  1. Create an iframe on your web page

  2. Create an event listener

    Create an event listener to monitor actions in the iframe. This listener will keep your code updated on what is happening inside the iframe. You will handle the success, error, and loading states here. See our iframe events table for a list of possible events.

Example
window.addEventListener('message', function messageListener(event) {
    if (event.origin === iframeUrl) {
        // switch on event.data properties
        // (e.g. loaded, formValidations, error)
    }
});
  1. Authenticate using a one-time-use token

    Send a POST request to the Eccommerce One-time-use Token endpoint.

Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2",
  "fraudUrl": "https://tst.kaptcha.com/collect/sdk?m=717000&s=f81f6b7647ae47bf8ef04879a3de896e"
}
  1. Copy or store the token from the above response

    This is your one-time-use token. It will be used in the next step.

    Notes:

    • Each one-time-use token expires after one hour
    • Each one-time-use token can only be used to submit a single form
    • Any iframe uiOptions or processingOptions must be included in this step
  2. Load the iframe

    a. Append the one-time-use token to the iframe's URL a query parameter called token.

    b. Assign the result to your iframe's src tag.

Note: The URL may be used to load the iframe multiple times, but it will expire as soon as the form is submitted. (This feature is to prevent errors when a user mistakenly refreshes the page prior to form submission. It is strongly recommended that you request a new one-time-use token prior to requesting each iframe.)

Example
var iframeBaseUrl = "https://api.nexiopaysandbox.com/pay/v3";
var oneTimeUseToken = "?token=ec53cd46-cee5-44db-a20f-f5c373a44fd2";
var returnHtml = "&shouldReturnHtml=true";
var url = iframeBaseUrl + oneTimeUseToken + returnHtml;
window.document.getElementById('myIframe').src = url;

Notes:

  • If an error occurs while loading an iframe, the endpoint will return a JSON object with the error message
  • To receive an HTML response instead, include shouldReturnHtml=true as a query parameter, as in the example above
  1. Create an event listener

    Add an event listener to your form's submit button that will trigger a POST request inside the iframe. Now when a user clicks submit on your outer form, the iframe will submit itself. Because of the event listener you created in step 2, your code is aware of iframe responses and errors.

Example
myForm.addEventListener('submit', function processPayment(event) {
    event.preventDefault();
    const url = 'https://api.nexiopaysandbox.com';
    myIframe.contentWindow.postMessage('posted', url);
    return false; // keeps the form from auto submitting
});

Create a Save Card Page

  1. Create an iframe on your web page

  2. Create an event listener

    Create an event listener to monitor actions in the iframe. This listener will keep your code updated on what is happening inside the iframe. You will handle the success, error, and loading states here. See our iframe events table for a list of possible events.

Example
window.addEventListener('message', function messageListener(event) {
    if (event.origin === iframeUrl) {
        // switch on event.data properties
        // (e.g. loaded, formValidations, error)
    }
});
  1. Authenticate using a one-time-use token

    Send a POST request to the One-time-use Token (E-commerce) endpoint.

Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2",
  "fraudUrl": "https://tst.kaptcha.com/collect/sdk?m=717000&s=f81f6b7647ae47bf8ef04879a3de896e"
}
  1. Copy or store the token from the above response

    This is your one-time-use token. It will be used in the next step.

    Notes:

    • Each one-time-use token expires after one hour
    • Each one-time-use token can only be used to submit a single form
    • Any iframe uiOptions or processingOptions must be included in this step
  2. Load the iframe

    a. Append the one-time-use token to the iframe's URL a query parameter called token.

    b. Assign the result to your iframe's src tag.

Note: The URL may be used to load the iframe multiple times, but it will expire as soon as the form is submitted. (This feature is to prevent errors when a user mistakenly refreshes the page prior to form submission. It is strongly recommended that you request a new one-time-use token prior to requesting each iframe.)

Example
var iframeBaseUrl = "https://api.nexiopaysandbox.com/pay/v3/saveCard";
var oneTimeUseToken = "?token=ec53cd46-cee5-44db-a20f-f5c373a44fd2";
var returnHtml = "&shouldReturnHtml=true";
var url = iframeBaseUrl + oneTimeUseToken + returnHtml;
window.document.getElementById('myIframe').src = url;

Notes:

  • If an error occurs while loading an iframe, the endpoint will return a JSON object with the error message
  • To receive an HTML response instead, include shouldReturnHtml=true as a query parameter, as in the example above
  1. Create an event listener

    Add an event listener to your form's submit button that will trigger a POST request inside the iframe. Now when a user clicks submit on your outer form, the iframe will submit itself. Because of the event listener you created in step 2, your code is aware of iframe responses and errors.

Example
myForm.addEventListener('submit', function processPayment(event) {
    event.preventDefault();
    const url = 'https://api.nexiopaysandbox.com';
    myIframe.contentWindow.postMessage('posted', url);
    return false; // keeps the form from auto submitting
});

More

Run a Transaction Using the API

You may often wish to authorize and capture a transaction in a single step. To do this, you may create a checkout page or run a transaction through the API.

To authorize and capture by creating a checkout page, see the Create a Checkout Page tutorial.

To authorize and capture using the API, follow the steps below:

  1. Contact integrations@nexiopay.com to ensure your merchant ID and account have access to the proper API endpoint. (You may be asked to provide additional information such as Gateway, TokenEx, or Kount credentials.)
  2. Post payment details with tokenized card information to the Run Transaction endpoint.
Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/process \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD"
  }
}'

Save Card Data Using the API

  1. Contact integrations@nexiopay.com to ensure your merchant ID and account have access to the proper API endpoint. (You may be asked to provide additional information such as Gateway, TokenEx, or Kount credentials.)
  2. Post payment details with tokenized card information to the Save Card endpoint.
Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/saveCard \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "token": "eb50a022-d6de-4244-a1e6-dcb8522b2d19",
  "card": {
    "encryptedNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ==",
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardHolderName": "John H Doe"
  }
}'

Retail Flows & Operations

Overview

Nexio's retail platform allows you to seamlessly integrate checkout and save card pages into your company's software, all while limiting your PCI scope.

Nexio's retail payment forms can be accessed at https://retail.nexiopay.com.

Nexio's retail iframes enable you to:

  • Save Card: Save a credit or debit card token for use in recurring billing or one-time payments
  • Run Transaction: Process a credit or debit card transaction by keying in the card number or using a terminal

You can also choose to enable built-in fraud protection services, including:

Authentication

Simple Login

Simple Login allows trusted users to proceed directly to the retail/MOTO Iframe without the necessity of entering a Nexio username and password. This option is useful for cases in which multiple users will be using a single Nexio account. It can also save time for internal users by eliminating the need to enter a username and password upon each login. To use Simple Login:

  1. Send a request to the Simple Login endpoint. A successful request will return a response with the following structure:
 Example 200 Response 
{
  "username": "youremail@cmsonline.com",
  "key": "4f211fde-d135-4c91-afbc-bcdb73c0c504",
  "jwt": "t3jraWQiOiI3V2JrOFdSVVliMVljR2p3Mlhwd2swR3lIRWt6THcwVDRqckVhNVVVTjBnPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI4YWYzZTQwZC02Y2I0LTQ0ZWQtOWRlZS0yN2Y3NmNmNDc0YmMiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfVlVEN21MeWNqIiwiY3VzdG9tOmFjY291bnRJZCI6ImVjN2NiOWJhLWQwMmQtNDhkYS1hY2I3LWI2ZWQ3YmJiZWQwMiIsImNvZ25pdG86dXNlcm5hbWUiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIiwiYXVkIjoiNDBtZWQ2YnNybDZ1aWpnMmpmZzQwcmJzOGkiLCJldmVudF9pZCI6IjE0YmU5MWFjLTM0NjctMTFlOS9iNDZjLWMxMjdjYTkzZjA3NCIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTUwNTk1Mjk0LCJleHAiOjE1NTA1OTg4OTRsImN1c3RvbTphY2Nlc3NSaWdodHMiOiJ7XCJtZXJjaGFudElkc1wiOntcIjEwMDAzOVwiOlwiQVwiLFwiMTAwMDQxXCI6XCJBXCIsXCI1MTU3OTQwMDAwMTM1MDRcIjpcIkFcIixcIjkyMzYwMDAwMTEyNDUwM1wiOlwiQVwiLFwiOTIzNTAwMDAxNDMyNzQyXCI6XCJBXCIsXCI1MTM0ODUwMDAwMDAwMThcIjpcIkFcIixcIjkyMzYwMDAwODEyNjYxMFwiOlwiQVwiLFwiOTIzNjAwMDAzMTYzODEwXCI6XCJBXCJ9LFwicm9sZVwiOlwiQVwifSIsImlhdCI6MTU1MDU5NTI5NCwiZW1haWwiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIn0.OEEZarSzbSLpxUM55UKmycYtAAWEtm__XUJdqBJ9QPSF_8sdLIL9EXBF8cLarhv3DoLqeWKUpieNgfcME2IsIc8amDXitvJtJe3STQtI_zaJwAibBxJhFKQRLRCrIe3kpslVJPuw3OeST54QcseifLlA64bxNaveXygja7aejwINueE4_Nj0NEzcFGZoYHgNB6br6Ksbjgx-z_SiFIZ1XHS-eOMnBoCIVWjFr3FY9IbfnQf4v0c0AFWKt9mOpjYracSqOHHmSER7GuaMBNrHxfbe0kHVh6hvnrzh10SEnTsF573qbP1R_aZA_Uh80MOLB0UvPWWFzzyP4GniNc3zLw",
  "refreshToken": "t3jjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.CejuLZHvZcrISuiwE7N4xg7EYq6ArivbyNwDVE2X7eTdr7CTO4l5udgc9ZUV1byTe1r3eLN_szbte1nlaimbQj5ZcJpim1zmW5pkk7aFVF-WcnLjIBVPilp6bLW8gsZaB04WErDjwzt4r7Bxnz6YnmLM7e3V15ZVkY6GLFqgrUF9Tb9UOFbCDD_H8qe1AdFktVeeVgefekJew3RuZ8p2BnKWejt1BcyMUnYY-QgaLm3TzUpd14PRbdvOfBG3D9KmJCnZ_6H9sQ5FUirqsF_U6eXNppE1QXZdjhFg4oic791Kq5rXU2xbMI9ggeFoGIjLLP0Keb0iT66NwXpf50-h4w.eUOjohgz3zXTJWHH.IBQMMiNKtbAZ02r0QGXJXw_zM2c3epH5LGtdZxIVUReMRr5CLm-ptE7zaFTK0D1tpUHcVonqiDuXyc09IN0IO4jL32QqQjgeG-V9LBYgpr1xV3qyc5TR-L2VNHjJt3A3SbJsIzxHDqKLucJw2N0WaiOgLb577q8B8lu0pLCpOV_POlUiT4BLAvycMCKkgUCDrejyjzR39ofCUqtZKuMglXanUfVE3hC0OaNOMpl65N_utjuf9vzklyZZRQMTgokQ7V0yp0VSpCC6D_zNBvwTPUKHVFyMrzEC4wJZ9uOtIS9h9rv_HywpwrPqHYajsGYNrv7QvHE1Kg80I73CbL0owW-J5bKEbgImqkahNVhBoFJejnvN3PEr9zthNey15Q_utOUFUkR0Po9GH6fnXFXxQnIC7c2hQ4lgjV2wR3WGzEiE5L0aNLF1Cnjyn-t1VZxQHG2uiyiT1aIUFBPbItTkVPjKhkFKf7AfXqOTAl52VFdBPpFdbG5Ecwfm_4ZGgO_4KJnLcb7qMQuEI6G20xelkPD2NHIpdS9gHx7XIlyfiBPkvq3YEKMtOQQbRAQ_Hcy7leeZnSyPgq65Bnsn22xZ4NG5bSshSEEMlq5lbOV4-dzBGV8SA6dOeNHR7GeQvSr1XQ89sBloJlMKJLe9WL0fYhkY6u-MbmecvMoU1OrC4mvIv-0l53TIeeGDMtn8UkcaSxQG7HBEqcQlvaFAxGaol7kiDPlAMxdp11lnk0ix3G0M74xHRFpZalIFtUAPm2xEVFJLWlwLqalRgJpO70asiw9QJ_pi0HERT5N_wCXraxeQyNrknNmi157ih5yP7SGm7MXrSVUOHu6GIBZktAfP8IURhJNQZfSk3Do_up1vUBPN7yLNumqPq2PWH3CgFXle3nDaQYCVsVkGU-FZTy7KLIbKc2EStkOFOCPiYYSoD8h1-C8kclCeIKFLDFQIo7weJyIGjQqV_pY9HEPQivgXw6X1ti711x0YZ2bhl9tPuUEtXeja7hGAxLnrU4QqHr2iS58J9F5NMVc6LlK_NcExLzrlnQBJws7urmDkV_yoOtCRadxVuAxVCYqfAh8X4gzQ7LQMT27pFeV98iCvAmkhWx4RpAmFYHmacUJIXUVXKe6eTlN27gsYir1H9SrkbFgjOjvoUBj5p-mn-mMathsdAbRtlryJEjfCzAfBWis-7d4GsxCZGQnCJ0NezIP50_2dCPyzpgYcUwt4E4kHIA5-SBOLWneULDPz7VpRJxKv8BaYxOZuotnV2zz2nwB3vlDWK1h6cgRfMT8o8iphcUMxdZdjd-FElzNCdQ.SDQXbyIYZu6_jdCeAzTzoA",
  "exp": 1550600014
}
  1. Take the key from the above response and use it as a query parameter to send a request to Nexio's retail iframe endpoint:

Example: https://retail.nexiopaysandbox.com/?simpleLogin=4f211fde-d135-4c91-afbc-bcdb73c0c504

Notes:

  • Each key can only be used once and will expire after one hour
  • The iframe may also be used without Simple Login by going to https://retail.nexiopaysandbox.com and logging in with your Nexio username and password


Was this section helpful?

Create a Retail Save Card Page

  1. Authenticate

    You may authenticate through either of the following options:

    • By using Simple Login
    • By going to https://retail.nexiopaysandbox.com and entering your Nexio credentials where prompted
  2. Load the iframe

    a. Append the setting

    { "uiOptions" : { "saveCard": true } }

    to Nexio's Retail Iframe URL: https://retail.nexiopaysandbox.com

    See the examples below:

    • To load the save card iframe with Simple Login:

      • https://retail.nexiopaysandbox.com/?simpleLogin=4f211fde-d135-4c91-afbc-bcdb73c0c504&settings={%22uiOptions%22:
    • To load the save card iframe without Simple Login:

      • https://retail.nexiopaysandbox.com/?settings={%22uiOptions%22:
  3. Enter the card information

  4. Click 'Save Card'



Was this section helpful?

Run a Keyed Transaction

  1. Authenticate

    You may authenticate through either of the following options:

    • By using Simple Login
    • By going to https://retail.nexiopaysandbox.com and entering your Nexio credentials where prompted
  2. Load the iframe

    • The run transaction iframe will load by default
    • You may also select additional UI options as shown in the table below

    See the examples below:

    • To load the run transaction iframe with Simple Login:

      • https://retail.nexiopaysandbox.com/?simpleLogin=4f211fde-d135-4c91-afbc-bcdb73c0c504
    • To load the run transaction iframe without Simple Login:

      • https://retail.nexiopaysandbox.com/
  3. Select ‘Card (keyed)’ in the Payment Method dropdown Note: If you do not see the Payment Method dropdown, your account does not yet have a terminal registered. If this is the case, contact Nexio Integrations for help getting registered with a terminal, then continue to step 4.

  4. Enter or confirm the amount

  5. Key in card information

  6. Click ‘Pay $X.XX’ to complete the transaction

Note: The iframe will display a simple ‘Success’ page—it does not generate a default receipt. You will use our response to create a success/confirmation page and your own receipt.



Was this section helpful?

Run a Terminal Transaction

Nexio's API allows you to process card present (EMV) transactions using a terminal. To do so, follow the steps below:

  1. Send a GET request to the Get Terminal List endpoint. For example:
curl -X get https://api.nexiopaysandbox.com/pay/v3/getTerminalList \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

A successful request will return a list of the terminals available to your merchant ID. For example:

 Example 200 Response 
[
  {
    "merchantId": "103002",
    "merchantName": "Test Merchant",
    "gatewayName": "yourGateway",
    "gatewayType": 110,
    "gatewayLabel": "...2e21,...5ee7",
    "terminalName": "Terminal 1",
    "terminalSerialNumber": "84937213",
    "terminalId": "eyJtZXJjaGFudElkIjoiMTAxMDM5IiwiZ2F0ZXdheUxhYmVsIjoiLi4uMmUyMSwuLi41ZWU3IiwidGVybWluYWwiOnsiaWQiOiIxMWU5MDIxMGNmZTdmNmFlOWVkNWUwYTgiLCJsb2NhdGlvbklkIjoiMTFlOGNkNmE4YjQ0YzUzZWFkNmFkY2UxIn19"
  }
]
  1. Copy the terminalId from the response above. We will use it in step 3.

  2. Send a POST request including the transaction details and terminalId to the Process From Terminal endpoint.

curl -X post https://api.nexiopaysandbox.com/pay/v3/processFromTerminal \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "terminalId": "eyJtZXJjaGFudElkIjoiMTAxMDM5IiwiZ2F0ZXdheUxhYmVsIjoiLi4uMmUyMSwuLi41ZWU3IiwidGVybWluYWwiOnsiaWQiOiIxMWU5MDIxMGNmZTdmNmFlOWVkNWUwYTgiLCJsb2NhdGlvbklkIjoiMTFlOGNkNmE4YjQ0YzUzZWFkNmFkY2UxIn19",
  "data": {
    "amount": "13.45"
  }
}'

A successful response will return a terminalRequestId, which you can use to check the status of the transaction

  1. To check the status of the transaction, send a GET request including the terminalRequestId to the Terminal Transaction Status endpoint.
curl -X get https://api.nexiopaysandbox.com/pay/v3/processFromTerminal/{terminalRequestId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'



Was this section helpful?

More

Customize the Iframe

To customize the retail/MOTO iframe, include a settings object as a query parameter in your request to https://retail.nexiopaysandbox.com. You can include settings with or without a Simple Login key.

For example, the following URL can be used to load the Save Card retail/MOTO iframe without using Simple Login:

https://retail.nexiopaysandbox.com/?settings={%22uiOptions%22:{%22saveCard%22:true} }

The following can be used to load the Run Transaction retail/MOTO iframe using Simple Login with a default amount of $20:

https://retail.nexiopaysandbox.com/?simpleLogin={key}&settings={%22processingOptions%22:{%22amountDefault%22:"20"} }

UI Options

Name Description
amountSet Prepopulates the amount field. User will not be able to change it
amountDefault Prepopulates the amount field. User will be able to change it
merchantIdSet Prepopulates the merchant dropdown. User will not be able to change it
merchantIdDefault Prepopulates the merchant dropdown. User will be able to change it
amountMax The maximum amount the user may enter into the amount field
hideBilling Hides or displays all billing fields (default: false)
limitCountriesTo If this array is nonempty the Country dropdown field will be limited to the countries in the list.

Note: These must be the two-character (Alpha-2) ISO country codes

Features

Fraud Prevention

Security Code (CVC) Verification

The Nexio security code (CVC) verification feature allows you to save only those cards that pass a CVC check, helping you reduce your risk of fraud.

To Check CVC using the Save Card iframe:

  1. Include the following object

    "processingOptions": { "verifyCvc": true }

    in the body of your request to the One-time-use Token endpoint:

  2. Use your One-time-use Token to load the Save Card iframe.

Note: The following uiOptions will be selected by default:

"uiOptions": { "requireCvc": true, "hideCvc": false }

See the CVC verification settings table for an explanation of how changing these settings will affect your iframe.

Check CVC using the Nexio API:

  1. Include the following in your data object when you send a request to the Save Card endpoint:

    "processingOptions": { "verifyCvc": true }, "card": { "securityCode": 111 }

Example 200 Response
{
  "token": {...},
  "card": {...},
  "data": {
    "customer": {...},
    "customFields": {...}
    "cvcResults": {
      "matchCvv": true,
      "error": false,
      "gatewayMessage": {
        "cvvresponse": "M",
        "message": "CVV2/CVC2 match"
      }
    },
  },
  "cardType": "visa"
}
Example 400 Response
{
  "error": 437,
  "message": "Verify CVC Failed",
  "cvcResults": {
    "matchCvv": false,
    "error": false,
    "gatewayMessage": {
      "cvvresponse": "N",
      "message": "CVV2/CVC2 no match"
    }
  }
}

Testing CVC Verification

You can test the CVC Verification Service using the Nexio Sandbox Tester, Postman or your own code base.

The following values can be used while testing:

Card Number CVC Result
Any number provided here 111 Success
Any number provided here 222 Failure

CVC Verification Settings

verifyCvc hideCvc requireCvc Result
true false true The user will be required to input the CVC field and the card will only be saved if the CVC is verified.
true false false The card will only be saved if the provided CVC is verified, but users will also have the option of ignoring the CVC field.

Please also note the following:

verifyCvc hideCvc requireCvc Result
true true true, false You will receive a 400 error, because the CVC cannot be verified when the field is hidden.

Kount Verification

Nexio utilizes Kount for fraud and risk management. Kount verification can be performed both when saving a card and at the time of processing a transaction.

Nexio will run one of two Risk Inquiry Service (RIS) requests depending on whether customer information (customer.customerRef) is provided in the request body:

Information Provided Inquiry Mode
Customer Ref Provided Kount Central full inquiry with returned thresholds (Inquiry Mode: W)
Customer Ref Not Provided Default Inquiry (Inquiry Mode: Q)

(Please see Kount's documentation for more information on Inquiry Modes.)

Contact your CMS sales agent for more information or if you are interested in using Kount with your Nexio merchant account.

Performing Kount Verification

To check fraud using the Nexio iframe:
  1. Ensure Kount is enabled for your merchant account by contacting CMS customer support.

  2. Include the object

    "processingOptions": { "checkFraud": true }

    in the body of your request to the One-time-use Token endpoint.

  3. Use the token in the response from Step 2 to load either the Save Card iframe or the Run Transaction iframe.

To check fraud using the Nexio API:
  1. Ensure Kount is enabled for your merchant account by contacting CMS customer support.

  2. Include the object

    "processingOptions": { "checkFraud": true }

    in the body of your request to the Save Card endpoint or the Run Transaction endpoint.

Kount Verification Response

When you perform a Kount verification your response will include an object called kountResponse. It consists of two parts: status and rules.

Kount Response Example
"kountResponse": {
    "status": "success",
    "rules": {...}
}
Status

There are three possible statuses. The status indicates what action will be taken. The action will differ based on the endpoint. See below for more information:

  • Success:
    • Run Credit Card Transaction: Based on the Kount rule(s) configured, the transaction will be processed with no further action required.
    • Save Card: The card will be saved with no further action required.
  • Review:
    • Run Credit Card Transaction: Based on the Kount rule(s) triggered, the transaction has been run as an Auth Only, meaning the transaction has been authorized but is pending further action. You can manually approve or decline these transactions in the Fraud tab of Nexio Dashboard. (Please note that these transactions will auto-approve after 48 hours if no action is taken.)
    • Save Card: A 'Review' status will not prevent the card from being saved.
  • Decline:
    • Run Credit Card Transaction: Based on the Kount rule(s) triggered, the transaction will not be processed with no further action required.
    • Save Card: The card will not be saved.
Rules

This part of the response will include Kount-specific information including Kount version, mode, transaction ID, and a brief description of each rule that was triggered.

Kount Rules Example
"kountResponse": {
    "status": "success",
    "rules": "{
        "VERS": "0630",
        "MODE": "W",
        "TRAN": "79970C4SYHL2",
        "SESS": "61504d7500d44f67bba921474750f90f",
        "ORDR": "456",
        "AUTO": "A",
        "SCOR": "76",
        "RULES_TRIGGERED": 2,
        "RULE_ID_0": "1004064",
        "RULE_DESCRIPTION_0": "Scorecard:  Distance from Device to Billing > 1000km (1)",
        "RULE_ID_1":"1004066",
        "RULE_DESCRIPTION_1":"Scorecard:  Billing Country not equal to BIN Country (Visa/MC)
    }"
}

Testing Kount Verification

While testing Kount in your sandbox account you may force a status of review or decline by using the values listed below. Any other combination will result in a status of success.

Value Result
Address 1 or Address 2 contains '456' review
Amount between 6.00 and 6.99 review
Amount = 7.00 decline

The examples below show how to test Kount verification on the Run Transaction endpoint.

Example Request: Triggers Status of Review
curl -X post https://api.nexiopaysandbox.com/pay/v3/process \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "customer": {
      "billToAddressOne": "456"
    }
  },
  "processingOptions": {
    "checkFraud": true
  }
}'

Example Request: Triggers Status of Decline
curl -X post https://api.nexiopaysandbox.com/pay/v3/process \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d"
  },
  "data": {
    "amount": 7,
    "currency": "USD"
  },
  "processingOptions": {
    "checkFraud": true
  }
}'

To test the Save Card endpoint use any of the values listed in the table above in your request for a One-time-use Token (E-commerce), then use the token to request a Save Card iframe.



Was this section helpful?

Address Verification Service (AVS)

AVS compares the address and postal code provided with the information on file with the credit card issuer.

Nexio interprets these results and returns them concisely back to you, making it easy for you to determine which cards to save, giving you greater control over your risk management.

Contact Integrations Support if you have questions about Address Verification.

Using AVS

To check AVS using the Nexio iframe:
  1. Use the AVS Settings table to determine which AVS setting best suits your needs.

  2. Include the object

    "processingOptions": { "verifyAvs": yourAvsSetting }

    in your data object when you send a request to the One-time-use Token endpoint.

  3. Use your One-time-use Token to load the Save Card iframe.

To check AVS using the Nexio API:
  1. Use the table below to determine which AVS setting best suits your needs.

  2. Include the object

    "processingOptions": { "verifyAvs": yourAvsSetting }

    in your data object when you send a request to the Save Card endpoint.

AVS Response

When you check AVS your response will include an object in following format:

AVS Response Example
"avsResults": {
    "matchAddress": true,
    "matchPostal": true,
    "gatewayResponse": {...}
}

Match Address

The results of the address check.

(In this case, 'address' refers to the street address portion of the billing address.

Ex: If the address provided were 123 Sesame St. Manhattan, NY 10128, matchAddress would compare '123 Sesame St.' with the address on file.)

Note: Card issuers may handle address checks differently. For your convenience, Nexio returns a simple true or false regardless of the card issuer.

  • True: The address provided matches the address on file with the credit card issuer.
  • False: The address provided does not match the address on file with the credit card issuer.

Match Postal

The results of the postal code check.

(Using the example address above, matchPostal would compare '10128' with the postal code on file.)

  • True: The postal code provided matches the postal code on file with the credit card issuer.
  • False: The postal code provided does not match the postal code on file with the credit card issuer.

Gateway Response

This part of the response includes raw details from the gateway's response to the AVS check. Format may vary by gateway.

Note: A gateway AVS error will NOT prevent the card token from being saved. In this case, you may wish to delete the card token using the Delete Card Token endpoint.

Testing AVS

In the sandbox environment you may trigger matchAddress and matchPostal values by using the following postal codes:

Postal Code matchAddress result matchPostal result
56649 true true
39601 true false
53574 false true
49802 false false

Please be sure to use only the test postal codes provided in the table above.

AVS Settings

verifyAvs set to: Purpose
0 Do not perform AVS check
1 Always save card regardless of result
2 Do not save card if the address match fails
3 Do not save card if the postal code match fails
4 Do not save the card if either the address match fails OR the postal code match fails
5 Do not save the card if both the address match AND the postal code match fail
When verifyAvs is set to 0

You will not receive an avsResponse object.

When verifyAvs is set to 1
addressMatch postalMatch What will happen:
true true Card will be saved
true false Card will be saved
false true Card will be saved
false false Card will be saved
When verifyAvs is set to 2
addressMatch postalMatch What will happen:
true true Card will be saved
true false Card will be saved
false true Card will not be saved
false false Card will not be saved
When verifyAvs is set to 3
addressMatch postalMatch What will happen:
true true Card will be saved
true false Card will not be saved
false true Card will be saved
false false Card will not be saved
When verifyAvs is set to 4
addressMatch postalMatch What will happen:
true true Card will be saved
true false Card will not be saved
false true Card will not be saved
false false Card will not be saved
When verifyAvs is set to 5
addressMatch postalMatch What will happen:
true true Card will be saved
true false Card will be saved
false true Card will be saved
false false Card will not be saved


Was this section helpful?

Lodging Data

Merchants in the lodging industry can pass certain parameters that help qualify lodging transactions.

Sending Lodging Parameters

While the entire lodging object is optional, the following are the minimum required parameters to qualify lodging transactions:

  • Check-in Date (lodging.checkInDate)
  • Check-out Date (lodging.checkOutDate)
  • Room Rate (lodging.roomNumber)
  • Either of the following flags:
    • Advanced Despoit (lodging.advanceDeposit)
    • No Show (lodging.noShow)
  • Folio Number (customer.orderNumber)

Note: Passing these data points does not guarantee lodging transaction rates.

To send lodging data using the Nexio iframe:

  1. Include the lodging object and the folio number, as shown below:

    "data": {
        "lodging": {
            "advanceDeposit": true,
            "checkInDate": "2018-12-31",
            "checkOutDate": "2019-01-05",
            "roomNumber": "14",
            "roomRate": 143.99,
            "noShow": false
        },
        "customer": {
            "orderNumber": 4567 //this is the folio number
        }
    }
    

    in the body of your request to the e-commerce One-time-use Token endpoint.

    Note: Folio number must be sent in the customer object, labeled orderNumber.

  2. Use the token in the response above to load the Run Credit Card Transaction iframe.

To send lodging data using the Nexio API:

  1. Include the lodging object and the folio number, as shown below:

    "data": {
        "lodging": {
            "advanceDeposit": true,
            "checkInDate": "2018-12-31",
            "checkOutDate": "2019-01-05",
            "roomNumber": "14",
            "roomRate": 143.99,
            "noShow": false
        },
        "customer": {
            "orderNumber": 4567 //this is the folio number
        }
    }
    

    in your request to the Run Transaction endpoint.

Note: Folio number must be sent in the customer object, labeled orderNumber.



Was this section helpful?

Account Updater

The account updater service allows merchants to automatically update saved cards due to changes in card number or expiration date.

Merchants that process recurring transactions will see fewer declines due to invalid or expired cards by having the most recent card information before the transaction is attempted.

To Use Account Updater

  1. Contact your sales agent to enroll in account updater.

    Notes:

    • By default all cards are tagged for registration with account updater
    • Any existing card tokens that are tagged for registration will start the registration process as soon as you are enrolled

    We recommend checking the enrollment tag of all exisiting card tokens prior to enrolling your merchant account with account updater.

  2. Update all existing tokens to the proper tag.

  3. Tag all new card tokens with the proper tag:

Update the Enrollment Tag of an Existing Card Token

Tag a card for registration
  1. Send a PUT request to the Edit Card Token endpoint. Include { "shouldUpdateCard": true } in the body of your request.
Example Request
curl -X put https://api.nexiopaysandbox.com/pay/v3/vault/card/{cardToken} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "shouldUpdateCard": true
}'

  1. The card token's enrollment tag is now updated.

    Note: It usually takes three to four business days for a card token to become registered with account updater.

    If desired, you may check the card status by sending a request to the View Card Token endpoint.

Tag a card for exclusion/deregistration
  1. Send a PUT request to the Edit Card Token endpoint. Include { "shouldUpdateCard": false } in the body of your request.
Example Request
curl -X put https://api.nexiopaysandbox.com/pay/v3/vault/card/{cardToken} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "shouldUpdateCard": false
}'

  1. The card token's enrollment tag is now updated.

    Note: It usually takes three to four business days for a card token to become deregistered from account updater.

    If desired, you may check the card status by sending a request to the View Card Token endpoint.

Tag a New Card for Enrollment in Account Updater

By default, all cards are tagged for enrollment in account updater upon creation.

Tag a New Card for Exclusion from Account Updater

Using a Nexio iframe:
  1. Send a POST request to the One-time-use Token (E-commcerce) endpoint. Include { "shouldUpdateCard": false } in the body of your request:
Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "shouldUpdateCard": false
}'

in your request to the [One-time-use Token](#one-time-use-token-e-commerce) endpoint.
  1. Use the token in the response from Step 1 to load either the Save Card iframe or the Run Credit Card Transaction iframe.
Using the Nexio API:
  1. Send a POST request to the Save Card or the Run Credit Card Transaction endpoint. Include { "shouldUpdateCard": false } in the body of your request:
Example Save Card Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/saveCard \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "token": "eb50a022-d6de-4244-a1e6-dcb8522b2d19",
  "card": {
    "encryptedNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ==",
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardHolderName": "John H Doe"
  },
  "shouldUpdateCard": false
}'

Check a Card's Account Updater Status and Tag

  1. Send a GET request to the View Card Token endpoint. Replace {cardToken} in the example below with the card token you wish to view.
Example Request
curl -X get https://api.nexiopaysandbox.com/pay/v3/vault/card/{cardToken} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

 Example 200 Response 
{
  "key": "aafb1033-599a-4392-859e-f98033fc37f5.5292712865664733",
  "merchantId": "100100",
  "data": {...},
  "tokenex": {...},
  "dateCreated": "2019-07-31T17:02:39.035Z",
  "dateLastModified": "2019-07-31T18:33:30.660Z",
  "card": {...},
  "originalCard": {...},
  "tokenHistory": {...},
  "accountUpdaterStatus": "isExcluded",
  "shouldUpdateCard": true
}

The tag shouldUpdateCard indicates whether a card will be registered or excluded/deregistered from account updater. However, the card will not be registered until the merchant account is enrolled. See the Account Updater Enrollment Tag table below for more information.

The account updater status (accountUpdaterStatus) indicates the card's current status with account updater. See the Account Updater Card Status table for a list of possible values and their meanings.

Account Updater Enrollment Tag

Merchant's Enrollment in Account Updater shouldUpdateCard Action
Enrolled true The card will be registered with account updater
Enrolled false The card will be excluded from account updater. If the card was previously registered it will be deregistered
Not Enrolled true The card is tagged for registration. Upon merchant enrollment the card will be registered with account updater
Not Enrolled false The card is tagged for exclusion. Upon merchant enrollment the card will be excluded from account updater

Account Updater Card Status

accountUpdaterStatus Description
isRegistered Card has been successfully registered. Automatic card updates will occur.
pendingExclusion Card is in the process of being deregistered (usually takes about three to four business days).
isExcluded Card is excluded or has been deregistered from the account updater service. (This is the default value.)
toDelete Indicates that Nexio must first deregister the card before deleting the token.
pendingDeletion Card is in the process of being deregistered after which the token will be deleted (usually takes three to four business days).


Was this section helpful?

Iframe Label Customization

Nexio provides the option to customize the labels on your e-commerce or retail iframe. This feature is particularly helpful for localization, allowing you to translate your checkout or save card page.

You may use this feature in two ways:

Out of the Box Translations

Nexio currently provides out of the box localization files for the following languages/regional dialects:

To use our translation files to customize your iframe, follow steps below:

  1. Send a POST request for a one-time-use token
    • Include a uiOptions object in the body of your request
    • Within the uiOptions object, include the key customTextUrl
    • Set the value to the URL of the desired language file listed above
Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "uiOptions": {
    "customTextUrl": "https://customerassets.nexiopay.com/CMSLabels_es.json"
  }
}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2",
  "fraudUrl": "https://tst.kaptcha.com/collect/sdk?m=717000&s=f81f6b7647ae47bf8ef04879a3de896e"
}
  1. Use the token from the response in step 1 to send a GET request for the desired iframe. You may wish to customize a:

For example, the following request will return the HTML for a save card page, with the labels from the out of the box translation file you specified in step 1.

Example Request
curl -X get https://api.nexiopaysandbox.com/pay/v3/saveCard?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: application/json'

Customizing Your Iframe Labels

If you would like to completely customize your iframe's labels, or if you would like to translate them into a language that is not currently included in Nexio's out of the box translations, follow the steps below:

  1. Create a JSON file with the same keys as shown below. (Click here to download a copy.)
Custom Text File Example
{
    "Card Information": "",
    "Name": "",
    "as it appears on card": "",
    "Card Number": "",
    "Card number is invalid": "",
    "We only accept": "",
    "Expiration Date": "",
    "Select a date in the future": "",
    "Security Code": "",
    "Security code is invalid, must be 3-4 digits": "",
    "Billing Information": "",
    "Country": "",
    "Address 1": "",
    "Address 2": "",
    "City": "",
    "State / Province": "",
    "Postal Code": "",
    "eCheck Information": "",
    "Routing Number": "",
    "Routing Number is invalid, must be 9 digits": "",
    "Account Number": "",
    "Account number is invalid": "",
    "Submit": "",
    "You are now being redirected to Alipay for payment.": "",
    "Cancel": "",
    "Confirm": "",
    "Required": "",
    "Establishing secure connection to payment engine.": "",
    "Failed to connect to secure server. Please check your internet connection.": ""
}
  1. Replace any values you would like to customize.

    Note: If any value is an empty string, or the property is left out, the default value will be used.

  2. Host the JSON file. This step varies based on the environment:

    • Sandbox: You may host the file anywhere. (For instuctions on how to host your custom JSON file on GitHub, see this FAQ)

    Take note of the URL for use in step 4

    • Production: Send the file to integrations@nexiopay.com for approval. Once approved, we will host it on our secure servers and provide you with the URL to use in step 4
  3. Send a POST request for a one-time-use token

    • Include a uiOptions object in the body of your request
    • Within the uiOptions object, include the key customTextUrl
    • Set the value to the URL of the JSON file from step 3
Example Request
curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "uiOptions": {
    "customTextUrl": "https://your-webpage.com/custom-labels.json"
  }
}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2",
  "fraudUrl": "https://tst.kaptcha.com/collect/sdk?m=717000&s=f81f6b7647ae47bf8ef04879a3de896e"
}
  1. Use the token from the response in step 4 to send a GET request for the desired iframe. You may wish to customize a:
Example Request
curl -X get https://api.nexiopaysandbox.com/pay/v3?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: application/json'

Once the iframe is loaded, the labels will be replaced with values you provided.



Was this section helpful?

Browser-based Encryption

Browser-based encryption gives you the ability to encrypt card numbers prior to tokenizing and storing them through Nexio. To use browser-based encryption follow the steps below:

  1. Contact integrations@nexiopay.com to obtain the public key.

  2. Request a one-time-use token.

  3. Generate your page that contains the card number field.

  4. Accept the full credit card number through your form.

  5. Encrypt the card number using the provided public key.

  6. Submit the encrypted card number to Nexio via the Save Card endpoint using a client-side or server-side call.

Nexio will then tokenize the card and store it. The card token will be included in the response.

See an example of Steps 5 & 6, written in JavaScript below:

Example
<html>
//This example uses the JSEncrypt library.
//You may use any library you want for standard RSA encryption.
<script src="./jsencrypt.js"></script>
<script>
    //the full card number accepted through your form
    const cardNumber = '4111111111111111';
    //this is the sandbox public key provided by Nexio, contact integration support for a production key
    const publicKey = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWpIQFjQQCPpaIlJKpeg irp5kLkzLB1AxHmnLk73D3TJbAGqr1QmlsWDBtMPMRpdzzUM7ZwX3kzhIuATV4Pe 7RKp3nZlVmcrT0YCQXBrTwqZNh775z58GP2kZs+gVfNqBampJPzSB/hB62KkByhE Cn6grrRjiAVwJyZVEvs/2vrxaEpO+aE16emtX12RgI5JdzdOiNyZEQteU6zRBRJE ocPWVxExaOpVVVJ5+UnW0LcalzA+lRGRTrQJ5JguAPiAOzRPTK/lYFFpCAl/F8wt oAVG1c8zO2NcQ0Pko+fmeidRFxJ/did2btV+9Mkze3mBphwFmvnxa35LF+Cs/XJHDwIDAQAB';

    const crypt = new JSEncrypt();
    crypt.setKey(publicKey);
    //the encrypted card number
    const encryptedNumber = crypt.encrypt(cardNumber);

    //Send a POST request to Nexio.
    fetch('https://api.nexiopaysandbox.com/pay/v3/saveCard', {
        method: 'POST',
        body: JSON.stringify({
            token: '<Your One-time Use Token>',
            card: {
                encryptedNumber: encryptedNumber,
                expirationMonth: '1',
                expirationYear: '2021',
                cardHolderName: 'Test Card'
            }
        })
    }).then((response) => {
        return response.json();
    }).then((response) => {
        //This response will contain the card token.
        console.log('response', response);
    }).catch((error) => {
        console.log('error', error);
    });
</script>
</html>

Note: If you want to store the token in your own database you must either use a callback or use the token returned in the event info.

Although card data never touches your servers, this option changes your PCI liability from SAQ A to SAQ A-EP. If you do not to perform browser-based encryption in the card holder's browser you have full PCI liability.

See this JSFiddle for an example of how to encrypt data to be tokenized.



Was this section helpful?

Alternative Payment Methods

Alipay

Accept payments from consumers using Alipay in two steps:

  1. Obtain a one-time-use token

  2. Redirect shopper to Alipay to complete payment

You can perform the following transaction types:

  • Sale: simultaneous authorization and capture (settles automatically)
  • Auth only: authorize a transaction to be captured at a later time
  • Capture: capture a previously authorized transaction
  • Void: void/cancel an auth only transaction
  • Refund: fully or partially refund captured or settled transactions

Sale

To perform a sale, set isAuthOnly to false when requesting the one-time-use token or omit isAuthOnly from the request completely. See Step 1: Obtain a one-time-use token below.

Auth only

To perform an auth only to be captured at a later time, set isAuthOnly to true when requesting the one-time-use token.

See Step 1: Obtain a one-time-use token below.

Step 1: Obtain a one-time-use token

Send a GET request to the One-time-use Token (APM) endpoint.

Include the following object in the body of your request:

"data": {
    "paymentMethod": "alipay"
  }

See One-time-use Token (APM) in the Alternative Payment Methods API reference for a full list of body parameters.

Example Sale Request
curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "paymentMethod": "alipay"
  },
  "isAuthOnly": false
}'

Example Auth Only Request
curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "paymentMethod": "alipay"
  },
  "isAuthOnly": true
}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2"
}

Step 2: Redirect shopper to Alipay to complete payment

The can be done by either:

  • Using Nexio's redirect iframe (preferred)
  • Using your own button

Both options will create a popup window in which the user will be able to complete the payment via Alipay.

We recommend using Nexio's redirect iframe as it will:

  • Create the new popup within the correct time frame (as required by popup blockers)
  • Provide an error message if the user closes the popup prematurely

If you choose to redirect using your own button you will need to handle the above in your own code base

Use Alipay With Nexio’s Redirect Iframe:
  1. Create an iframe on your checkout page
  2. Append the one-time-use token from Step 1 to the Alternative Payment Method iframe URL as a query parameter called token

The result will look like this:

https://api.nexiopaysandbox.com/apm/v3?token=477d626c-9d29-46cf-8a41-abab04874eac

Assign the URL above to your iframe's src tag.

Example
var iframeBaseUrl = "https://api.nexiopaysandbox.com/apm/v3";
var oneTimeUseToken = "?token=477d626c-9d29-46cf-8a41-abab04874eac";

var url = iframeBaseUrl + oneTimeUseToken;
window.document.getElementById('myIframe').src = url;

Shoppers will be asked to confirm whether to proceed with the redirect for payment. The Alipay login page will be opened in a new tab in the browser where the shopper will complete the payment.

Note: This iframe will emit events, alerting you when the transaction has been submitted, processed, etc. You will also receive an error event if the user closes the popup window prior to completing the transaction.

Use Alipay With Your Own Button:
  1. Create a button on your checkout page
  2. Append the one-time-use token from Step 1 to the Alternative Payment Method popup endpoint as a query parameter called token

The result will look like this:

https://api.nexiopaysandbox.com/apm/v3/popup?token=477d626c-9d29-46cf-8a41-abab04874eac

Use the button to trigger the creation of a popup window directing the user to the above URL. For example:

Example
window.popup = window.open('https://api.nexiopaysandbox.com/apm/v3/popup?token=477d626c-9d29-46cf-8a41-abab04874eac', '_blank');
window.popup.parent = window;

Shoppers will be redirected to the Alipay login page in a new tab in the browser where the shopper will complete the payment.

Note: If you use this option Nexio will be unable to alert you if the user closes the popup window prior to completing the transaction.

Transaction response

Once transactions are completed, the Alipay window will be closed automatically.

We recommend using the events emitted by the iframe or popup to display your own success or failure page to the shopper.

Example Sale Response:
Example Sale Response
{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MDc4MTkiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkwNzgxOSIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100039",
  "transactionDate": "2019-01-15T13:19:39.329Z",
  "authCode": "035410",
  "transactionStatus": "pending",
  "amount": 34.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {...},
  "data": {...},
  "card": {...},
  "kountResponse": {...}
}
Example Auth Only Response
{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MDc4MTkiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkwNzgxOSIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100039",
  "transactionDate": "2019-01-15T13:19:39.329Z",
  "authCode": "035410",
  "transactionStatus": "authOnly",
  "amount": 34.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {...},
  "data": {...},
  "card": {...},
  "kountResponse": {...}
}

Capture an Auth Only Alipay Transaction

Send a POST request to the Capture APM Transaction endpoint to capture a previously authorized (auth only) transaction.

https://api.nexiopay.com/apm/v3/capture

See Capture APM Transaction for an example request and response.

Void an Auth Only Alipay Transaction

Send a POST request to the Void APM Transaction endpoint to void or cancel a previously authorized (auth only) transaction.

Note: Captured and settled transactions cannot be voided and must be refunded.

https://api.nexiopaysandbox.com/apm/v3/void

See Void APM Transaction for an example request and response.

Refund an Alipay Transaction

Send a POST request to the Refund APM Transaction endpoint to refund a previously captured or settled transaction.

https://api.nexiopaysandbox.com/apm/v3/refund

See Refund APM Transaction for an example request and response.



Was this section helpful?

Paynet

Paynet by OpenPay is a payment platform that allows customers to make e-commerce payments with cash.

They do this by initiating the transaction on your checkout page, receiving a store charge request barcode, taking the store charge request barcode to be scanned at a participating location, and completing the cash payment at the participating location


To integrate with Paynet, follow the steps below:

Step 1: Create an Iframe on your web page

Example
<iframe id="myIframe"></iframe>

Step 2: Create an Event Listener

Create an event listener to monitor actions in the iframe. This listener will keep your code updated on the success and error events inside the iframe.

Step 3: Authenticate Using a One-time-use Token

Send a POST request to the One-time-use Token (APM) endpoint with the following object in the body of your request:

data: {
  paymentMethod: "paynet"
}

Notes:

  • The following body parameters are also required:
    • data.amount
    • data.customer.email
    • data.customer.firstName
  • You may also wish to provide a due date:
    • To do so, include data.dueDate in the body of your request
    • If you do not include a due date, the latest possible due date of 30 days will be set by default
  • You will receive a 432 error if data.currency does not match the merchant's currency. To fix this error, do one of the following:
    • Make sure your default currency matches the merchant's currency, or
    • Include merchant's currency as data.currency in the body of your request
Example Request
curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "data": {
    "amount": 29.99,
    "currency": "MXN",
    "paymentMethod": "paynet",
    "dueDate": "2020-01-01 23:59",
    "customer": {
      "email": "jdoe@yourwebsite.com",
      "firstName": "Jane"
    }
  }
}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2"
}

Step 4: Copy or store the token from the above response

This is your one-time-use token. It will be used in the next step.

Notes:

  • Each one-time-use token expires after one hour
  • Each one-time-use token can only be used to load a single iframe

Step 5: Load the Iframe

a. Append the one-time-use token from Step 1 to the Alternative Payment Method iframe URL as a query parameter called token

The result will look like this:

https://api.nexiopaysandbox.com/apm/v3?token=477d626c-9d29-46cf-8a41-abab04874eac

b. Assign the URL above to your iframe's src tag

Example
var iframeBaseUrl = "https://api.nexiopaysandbox.com/apm/v3";
var oneTimeUseToken = "?token=477d626c-9d29-46cf-8a41-abab04874eac";

var url = iframeBaseUrl + oneTimeUseToken;
window.document.getElementById('myIframe').src = url;

Step 6: Create the Store Charge Request Page

a. Listen for success events

The event listener you created in Step 2 will alert you of any events emitted by your iframe.

Example Success Event
"event": "success",
"data": {
  {
    "id": "eyJuYW1lIjoicGF5bmV0IiwibWVyY2hhbnRJZCI6IjEwMDA2OCIsInJlZk51bWJlciI6InRyYmNhbHZkZnRod2l5a2NicHM4IiwicmFuZG9tIjowLCJjdXJyZW5jeSI6Im14biJ9",
    "merchantId": "100068",
    "transactionDate": "2019-12-06T04:49:51.886Z",
    "transactionStatus": "pending",
    "amount": 1.15,
    "transactionType": "sale",
    "currency": "MXN",
    "gatewayResponse": {
      "result": 200,
      "refNumber": "trbcalvdfthwiykcbps8",
      "gatewayName": "paynet",
      "message": 200
    },
    "data": {
      "amount": 1.15,
      "currency": "MXN",
      "settlementCurrency": "MXN",
      "customer": {
        "firstName": "Jane",
        "email": "jane.doe@email.fake"
      }
    },
    "store": {
      "dueDate": "2020-01-03T23:59:00.000Z",
      "barcodeNumber": "1010100248919021",
      "barcodeUrl": "https://sandbox-api.openpay.mx/barcode/1010100248919021?width=1&height=45&text=false"
    }
  }
}

b. Copy the barcode URL (data.store.barcodeUrl) from the response from the previous step. This is the store charge request barcode.

c. Create a store charge request page with the following information:

  • Barcode (store.barcodeUrl)
  • Barcode number (store.barcodeNumber)
  • Total to pay (amount)
  • Transaction date and time (transactionDate)
  • Due date (store.dueDate)

You may also wish to include:

  • A list of participating locations at which the user can complete the payment
  • Instructions on how to complete the payment

Note: If you choose not to create your own store charge request page, the user will see Nexio's default page. However, we strongly recommend creating your own as that will make completing the next step easier.

d. Send the customer a copy of the store charge request page via email or text message. We also recommend saving a copy of the store charge request in the customer's order history.

This step is extremely important because the information will be lost as soon as the browser window is closed. Without the barcode the user will be unable to complete the payment.

Nexio does not retain a copy of the barcode URL or barcode number.

Step 7: Shopper Completes Payment

The shopper will then take the barcode to the location of their choice to complete the cash payment. They will have until the due date to complete the payment. (The default due date is 30 days from the date the transaction was initiated.)

Notes:

  • When the customer initiates the transaction online, the transactionStatus will be pending

  • Once they have completed the cash payment, the transactionStatus will be updated to settled

  • If they do not complete the cash payment before the due date, the transactionStatus will be updated to voided



Was this section helpful?

PayPal

Accept payments from consumers using PayPal in two steps:

  1. Obtain a one-time-use token

  2. Redirect shopper to PayPal to complete payment

You can perform the following transaction types:

  • Sale: simultaneous authorization and capture (settles automatically)
  • Auth only: authorize a transaction to be captured at a later time
  • Capture: capture a previously authorized transaction
  • Void: void/cancel an auth only transaction
  • Refund: fully or partially refund captured or settled transactions

Sale

To perform a sale, set isAuthOnly to false when requesting the one-time-use token or omit isAuthOnly from the request completely. See Step 1: Obtain a one-time-use token below.

Auth only

To perform an auth only to be captured at a later time, set isAuthOnly to true when requesting the one-time-use token.

See Step 1: Obtain a one-time-use token below.

Step 1: Obtain a one-time-use token

Send a GET request to the One-time-use Token (APM) endpoint.

Include the following object in the body of your request:

"data": {
    "paymentMethod": "payPal"
  }

See One-time-use Token (APM) in the Alternative Payment Methods API reference for a full list of body parameters.

Example Sale Request
curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "paymentMethod": "payPal"
  },
  "isAuthOnly": false
}'

Example Auth Only Request
curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "paymentMethod": "payPal"
  },
  "isAuthOnly": true
}'

 Example 200 Response 
{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2"
}

Step 2: Redirect shopper to PayPal to complete payment

The can be done by either:

  • Using Nexio's redirect iframe (preferred)
  • Using your own button

Both options will create a popup window in which the user will be able to complete the payment via PayPal.

We recommend using Nexio's redirect iframe as it will:

  • Create the new popup within the correct time frame (as required by popup blockers)
  • Provide an error message if the user closes the popup prematurely

If you choose to redirect using your own button you will need to handle the above in your own code base

Use PayPal With Nexio’s Redirect Iframe:
  1. Create an iframe on your checkout page
  2. Append the one-time-use token from Step 1 to the Alternative Payment Method iframe URL as a query parameter called token

The result will look like this:

https://api.nexiopaysandbox.com/apm/v3?token=477d626c-9d29-46cf-8a41-abab04874eac

Assign the URL above to your iframe's src tag.

Example
var iframeBaseUrl = "https://api.nexiopaysandbox.com/apm/v3";
var oneTimeUseToken = "?token=477d626c-9d29-46cf-8a41-abab04874eac";

var url = iframeBaseUrl + oneTimeUseToken;
window.document.getElementById('myIframe').src = url;

Shoppers will be asked to confirm whether to proceed with the redirect for payment. The PayPal login page will be opened in a new tab in the browser where the shopper will complete the payment.

Note: This iframe will emit events, alerting you when the transaction has been submitted, processed, etc. You will also receive an error event if the user closes the popup window prior to completing the transaction.

Use PayPal With Your Own Button:
  1. Create a button on your checkout page
  2. Append the one-time-use token from Step 1 to the Alternative Payment Method popup endpoint as a query parameter called token

The result will look like this:

https://api.nexiopaysandbox.com/apm/v3/popup?token=477d626c-9d29-46cf-8a41-abab04874eac

Use the button to trigger the creation of a popup window directing the user to the above URL.

Example
window.popup = window.open('https://api.nexiopaysandbox.com/apm/v3/popup?token=477d626c-9d29-46cf-8a41-abab04874eac', '_blank');
window.popup.parent = window;

Shoppers will be redirected to the PayPal login page in a new tab in the browser where the shopper will complete the payment.

Note: If you use this option Nexio will be unable to alert you if the user closes the popup window prior to completing the transaction.

Transaction response

Once transactions are completed, the PayPal window will be closed automatically.

We recommend using the events emitted by the iframe or popup to display your own success or failure page to the shopper.

Example Sale Response
{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MDc4MTkiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkwNzgxOSIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100039",
  "transactionDate": "2019-01-15T13:19:39.329Z",
  "authCode": "035410",
  "transactionStatus": "pending",
  "amount": 34.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {...},
  "data": {...},
  "card": {...},
  "kountResponse": {...}
}
Example Auth Only Response
{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MDc4MTkiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkwNzgxOSIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100039",
  "transactionDate": "2019-01-15T13:19:39.329Z",
  "authCode": "035410",
  "transactionStatus": "authOnly",
  "amount": 34.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {...},
  "data": {...},
  "card": {...},
  "kountResponse": {...}
}

Capture an Auth Only PayPal Transaction

Send a POST request to the Capture APM Transaction endpoint to capture a previously authorized (auth only) transaction.

https://api.nexiopay.com/apm/v3/capture

See Capture APM Transaction for an example request and response.

Void an Auth Only PayPal Transaction

Send a POST request to the Void APM Transaction endpoint to void or cancel a previously authorized (auth only) transaction.

Note: Captured and settled transactions cannot be voided and must be refunded.

https://api.nexiopaysandbox.com/apm/v3/void

See Void APM Transaction for an example request and response.

Refund a PayPal Transaction

Send a POST request to the Refund APM Transaction endpoint to refund a previously captured or settled transaction.

https://api.nexiopaysandbox.com/apm/v3/refund

See Refund APM Transaction for an example request and response.



Was this section helpful?

Dev Tools

Webhooks

Nexio's Webhook service allows you to configure webhooks to retrieve real-time information about payment events.

When webhooks are set up, Nexio will send a POST request with event information to the specified endpoint. You may additionally choose to receive a signature header—allowing you to verify the webhook's authenticity.

Configuring Webhooks

Webhooks are configured on a merchant-by-merchant basis. Your user must have administrator rights to a merchant in order to configure webhooks.

To configure webhooks for a merchant, follow the steps below:

  1. Ensure your account has admin access to the Merchant ID you would like to configure.

    Tip: You can see your access rights by sending a request to the Who Am I endpoint in the User Management Service.

  2. Send a POST request to the Configure Merchant endpoint.

    This request must include:

    • The merchant ID
    • The event type(s) that will trigger the webhooks
    • The endpoint to which the data will be sent
Example Request
curl -X post https://api.nexiopaysandbox.com/webhook/v3/config \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "merchantId": "100039",
  "webhooks": {
    "TRANSACTION_AUTHORIZED": {
      "url": "https://your-company-webhook-url-here.com"
    }
  }
}'

The example above will:

  • Configure the webhooks for merchant ID 200039
  • Send a POST request with event data to https://your-company-webhook-url-here.com when a transaction is authorized

Event Types

Below are the possible keys that can be included in the webhooks object.

Key Description
CARD_DATA_UPDATED Webhook will be sent when card data has been updated
CARD_SAVED Webhook will be sent when card data has been saved
ECHECK_SAVED Webhook will be sent when e-check data has been saved
TRANSACTION_AUTHORIZED Webhook will be sent when a transaction is authorized
TRANSACTION_CAPTURED Webhook will be sent when a transaction is captured
TRANSACTION_PENDING Webhook will be sent when a transaction is marked as pending
TRANSACTION_REFUNDED Webhook will be sent when a transaction is refunded
TRANSACTION_SETTLED Webhook will be sent when a transaction is settled
TRANSACTION_VOIDED Webhook will be sent when a transaction is voided

Configuring the Merchant Secret

For additional security you may set up a merchant secret. When configured, you will be provided with a merchant secret and each webhook will include a header containing a signature. These can be used to verify that all data received is authentic.

To set up a merchant secret:

  1. Set up the Webhook Service for a merchant.

    Tip: You can check a merchant's webhook configuration by sending a GET request to the Merchant Configuration endpoint.

  2. Send a POST request to the Create Merchant Secret endpoint. Include the merchant ID to be configured in the body of your request.

Example Request
curl -X post https://api.nexiopaysandbox.com/webhook/v3/secret \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "merchantId": "100039"
}'

A successful request will return a response object containing the merchant secret.

 Example 200 Response 
{
  "secret": "446946d5-bdd9-48c7-9504-0459d19c08e5"
}
  1. Store the secret from the response in Step 2 in a secure location. You will use it later for signature verification.

  2. When you receive webhook data, Nexio will include a signature in the header called Nexio-signature. This header will also include a timestamp.

Example:

Nexio-signature: t=1554146049,v1=f66f6c47e7288e4922629ffe87819678b793944c60668d8695804e4a2b9f90d1

Use the Nexio-signature along with the shared secret and the response body to verify the authenticity of the data.

Verifying Webhook Signatures

Once you have set up the merchant secret, each webhook request from Nexio will include a header called Nexio-signature. This header include a timestamp and a signature.

Example:

Nexio-signature: t=1554146049,v1=f66f6c47e7288e4922629ffe87819678b793944c60668d8695804e4a2b9f90d1

To verify a signature you will need the following:

  • The shared secret
  • The Nexio-signature header
  • The request body

See the steps below to get started.

  1. Extract the signature and timestamp from Nexio-signature:

    • Split the header string at the , character
    • Split each of the two strings at the = characters
    • Save the data following the t= as a variable. (For this example, we'll call it timestamp.) var timestamp = 1554146049;
    • Save the data following the s= as a variable. (For this example, we'll call it signature.) var signature = f66f6c47e7288e4922629ffe87819678b793944c60668d8695804e4a2b9f90d1;
  2. Save the request body as a variable—we'll call it body.

  3. Create the payload:

    Concatenate timestamp and body with a . character in between. Save the above as a variable—we'll call it payload.

    var payload = '1554146049.<JSON request body>'

  4. Create an HMAC using the SHA256 hash function. Use the secret as the key and the payload as the message.

    This is the expected signature.

  5. Compare the expected signature from Step 4 with the signature you received.

Steps 1-5 Node.js Example
import crypto from 'crypto';

function verifyHMACSignature(payload, signature, sharedSecret) {
    //Create an HMAC using the SHA256 hash function
    const hmac = crypto.createHmac('sha256', sharedSecret);
    hmac.update(payload);

    const mySig = hmac.digest().toString('hex');

    //Compare the expected signature with the signature you received
    return mySig.length === signature.length
        && crypto.timingSafeEqual(Buffer.from(mySig, 'hex'), Buffer.from(signature, 'hex'));
}

function verifyNexioSignature(body, signatureHeader, sharedSecret) {
    //Split the Nexio-Signature on the comma to get the timestamp field and the signature field
    const [timeStampField, signatureField] = signatureHeader.split(',');

    //Split each of the two strings on the equals signs and save them as variables
    const timestamp = timeStampField.split('=')[1];
    const signature = signatureField.split('=')[1];

    //Recreate the payload that was signed by Nexio
    const payload = `${timestamp}.${body}`;

    return verifyHMACSignature(payload, signature, sharedSecret);
}


Was this section helpful?

Error Handling

For most situations you will encounter a handful of error and success codes including 200, 401, 404, 400 and 500. The most common responses will be:

  • 200: Payment was successful

  • 4xx: Payment was not processed. (Due to gateway decline or another reason.) See below for more information

Note: Due to PCI regulations error messages may often be intentionally ambiguous. Please contact us if you wish to discuss your error messages.

See our Common Errors for a list of common errors.

Errors in the payment forms can be handled by adding an event listener to the window.

Example
window.addEventListener('message', function messageListener(event) {
    if (event.origin === iframeDomain) {
        if (event.data.event === 'error' || event.data.event === 'success') {
        // handle success or error messages
        }
        if (event.data.event === 'loaded') {
        //handle form loaded state
        }
        if (event.data.event === 'cardSaved') {
        //handle cardSaved
        }
        console.log(event.data.event);
    }
});


Was this section helpful?

Release Notes

2019

November 27, 2019

  • Now accepting Paynet as an Alternative Payment Method.

September 30, 2019

  • New UI option: useLegacyIframe
    • Default: true
    • Set to false to use Nexio's iframe without TokenEx.

September 11, 2019

  • All transaction endpoints now accepting billToPhone and shipToPhone parameters. This information is especially helpful for Kount verification.

  • All e-check transactions now accepting secCode.

  • New transaction status: fraudReject.

September 7, 2019

  • 3D Secure now available for switch transactions run through the API.

July 10, 2019

  • Now accepting PayPal as an Alternative Payment Method.

May 29, 2019

  • Updated webhook request body message when a TRANSACTION_CAPTURED event type has resulted in an error or decline.
    • data.gatewayProcessingError is now data.error

May 23, 2019

  • New options have been added to allow greater control over the hideBilling UI Option for iframes.
HideBilling Object
{
    "hidePostal": true,
    "hideCountry": true,
    "hideAddressOne": true,
    "hideAddressTwo": true,
    "hideCity": true,
    "hideState": true
}
  • Note: hideBilling will continue to accept true and false if you wish to hide all billing fields. (Default continues to be false)"

May 22, 2019

  • Webhook events TRANSACTION_AUTHORIZED and TRANSACTION_CAPTURED are now fired when a transaction is processed.
  • The retail iframe can now be configured for webhooks.
  • When card information is manually provided to run a transaction for a card that has already been saved:
    • If the saved expiration date is better than the provided expiration date:
      • The saved card will be used and the provided card information date will be disregarded.
    • If the new expiration date is better than the saved expiration date:
      • The provided card information will be used.
      • A new card token will be created and returned in the response.
      • If applicable, webhooks will be fired.
      • The old card token will still be valid.

May 9, 2019

  • You may now choose to prevent a card token from being saved when a transaction is run using the Run Transaction iframe.
    • To do so, set processingOptions.saveCardToken to false in your request for a One-time-use Token.
    • (Note: If you do not provide this option a card token will be saved by default.)
  • Option to return an HTML response when an iframe returns an error. (By default error response content-type will be application/json.)
    • To use this option, send shouldReturnHtml=true as a query parameter to your GET request.

May 8, 2019

  • Recently added features:
    • Ability to configure Webhooks in order to retrieve real-time data regarding events that occur in your Payment Service iframes.
    • Retail iframe added.
    • New Simple Login endpoint: allowing trusted users to proceed directly to the retail/MOTO Iframe without the necessity of entering a Nexio username and password.
    • Option to include Lodging data when making a payment.

January 28, 2019

  • The following deprecated response objects have now been removed from the Run Credit Card Payment endpoint:
    • foreignProcessingCurrency
    • cardDetails
    • customFields
    • customerInfo
    • cart
  • The following deprecated response object has now been removed from the Save Card and Run Credit Card Payment endpoints:
    • kountResponse.kountData

2018

December 12, 2018

  • Additional fields being passed along to Nexio's fraud tools:
    • Customer created at date (data.customer.createdAtDate)
    • Shipping Address (data.customer.shipTo)
    • This information is useful for customizing your fraud rules

November 7, 2018

  • New processing option allows users to choose which merchant to use to process a transaction.

October 10, 2018

  • AVS results (avsResults) returned in response object.
  • EnsureBill account updater now available.
  • Nexio Dashboard:
    • Merchant ID selector filtering: you may now filter merchants by name, merchant ID, and currency code.

October 3, 2018

  • Address Verification Service (AVS) now enabled.
  • Nexio Dashboard:
    • Chargeback widget added.
    • Currency selector changes all charts and widgets.
    • Column filtering on tables can now search for partial amounts.
    • Merchant ID selector widens to fit merchant name.
    • Now importing Customer ID from Gateway responses.
    • Chargeback page now shows Cardholder Name when linked to a transaction.

September 26, 2018

  • Additional Authorize.Net features now available in Nexio Dashboard: ability to void transactions, approve or decline auth only transactions, and refund settled transactions.
  • Processor Management: Clients with multiple merchants can now choose which merchants to process with, or to balance their processing equally across all merchants. This feature works by checking each merchant's processing volume at the time of the transaction and then running the transaction against whichever merchant has less volume.
  • Nexio Dashboard:
    • Merchant ID selector now accommodates long merchant names.
    • Merchant ID selector now lists merchant names alphabetically.
    • New widgets: Transactions, Salesf, Approvals & Declines.

September 12, 2018

  • Gateway Failover: Merchants set up with more than one gateway are now able to choose a backup gateway in case of primary gateway failure
  • Option to limit country list in the Make Payment and Save Card iframes
  • Option to choose default country in the Make Payment and Save Card iframes
  • Nexio Dashboard:
    • New Reserve Tab for merchants with a reserve account

September 5, 2018

  • Integration with Authorize.Net
  • Refund disabled on transactions with pending chargeback

August 22, 2018

  • Added Order ID to Refunds in the Transactions Tab of Nexio
  • Added the ability to delete tokens in the API

July 16, 2018

  • Fixed bug where View Only users were able to run transactions. This functionality is now limited to Admin and Standard users

Frequently Asked Questions

Common Errors

Q: Can I host my localization/translation JSON file as a GitHub gist?

Yes, you can host your sandbox localization/translation file anywhere you choose.

To use a GitHub gist to host your translation file, follow the steps below:

  1. Create a GitHub gist containing your translation JSON file

    • Note: The gist must be public in order for Nexio to access it
  2. Copy the gist's URL. It will look like this:

    https://gist.github.com/your-github-username/8bdeaf3e8bc8c473d06b82ad56dd1c7d

  3. Append /raw to end of the URL from Step 2:

    https://gist.github.com/your-github-username/8bdeaf3e8bc8c473d06b82ad56dd1c7d/raw

    • This allows Nexio to access the raw JSON file hosted in your gist repository
  4. Proceed to Step 4 of the Iframe Label Customization tutorial

Note: These steps do not apply to the production environment. Production translation/localization files must be hosted by Nexio. See Step 3 of the Iframe Label Customization tutorial for more information.

Q: I keep receiving the error: '442 Invalid one time use token'. Why is my token not working?

Once a one-time-use token has been used to submit an iframe it cannot be used to load another. You must request a new one-time-use token prior to submitting each iframe.

Q: Why am I getting a 403 error when I send a request for a one-time-use token? I know my credentials are correct.

To request a one-time-use token you must send a POST request. Sending a GET request will result in a 403 Forbidden error.

Q: I'm getting a 440 error when I try to specify which merchant to process with.

To troubleshoot this issue, follow the steps below:

  1. Make sure there are no typos when you enter the merchant ID.
  2. Check that you have access to this merchant. You can do this by logging into the Nexio Dashboard. If you do not see your desired merchant in the merchant selector dropdown, contact CMS Customer Service
  3. Make sure you are sending the variable merchantId as a string and not as an integer.

Testing

Q: Can I test the iframes before integrating?

Yes! Once you have a Nexio account, you can use our Sandbox Tester.

Q: Are there any cards I can test with?

Yes, see below for test card references:

Note: If you are testing with the Processing Option verifyCvc: true you must set the CVC equal to 111, otherwise you will receive a 437 Invalid CVC error.

Other

Q: All payments are coming back as pending, are these actually successful? Can I mark the order as paid and ship product?

The status of pending means the transaction is approved but the batch has not yet settled.

Settled transactions will show a status of authorized.

You can be assured that any pending/authorized transactions will settle without any issue.

Note: Batch close time is typically at 11pm PDT.

See the Transaction Status table for more information.

Q: Is there a joint auth & capture method?

Yes! The endpoint is called Run Transaction. When you send a request to this endpoint, by default the transaction will be authorized and captured.

If you wish to run an auth only transaction, send isAuthOnly: true in the body of your request.

Q: I see two custom field entries, what are those for?

The two custom fields provided are optional for partners to use for reconciliation and/or reporting purposes.

Q: Is it possible to run an auth only using the iframe and then capture through the API?

Yes, you can use the Nexio iframe in AuthOnly mode then capture the sale later if that is best for your workflow.

To run an auth only in the iframe, include isAuthOnly: true the body of your request when you retrieve a one-time-use token.

You can then capture using the Capture Transaction endpoint of the API or through Nexio dashboard.

Reference Tables

Common Errors

Error Description Status Code
404 The requested item is not found 404
404 Merchant not found or invalid merchant configuration 404
409 No merchants enabled for processing on this account for selected currency 409
431 Kount has identified a possible risk with the transaction 400
432 Invalid currency 400
433 Invalid gateway 400
434 Invalid TokenEx configuration 400
435 Unable to process with gateway 400
436 Unable to capture void or refund 400
436 Missing required fields 400
437 Invalid CVC 400
438 Invalid request 400
439 Unable to load TokenEx 500
440 Insufficient access 401
441 Amount needs to be a number 400
443 Verify AVS Failed 400
5xx Generic server error 500


Was this section helpful?

Test Cards

Test transactions can be submitted using the following card numbers:

Issuer Number
Visa 4111111111111111
Mastercard 5431111111111111
Discover 6011601160116611
American Express 341111111111111


Was this section helpful?

Iframe Events

The following events may be emitted by various Nexio iframes.

The 'Iframe' column lists the iframe(s) that may emit that event. If 'All' is listed that event applies to all of the following iframes:

Event Description Iframe
cardSaved The card token has successfully been saved Save Card, Retail Save Card
eCheckProcessed The e-check has successfully been processed Run E-check Transaction
eCheckSaved The e-check token has successfully been saved Save E-check
error An error has occurred All
formValidations There are form validation errors All
loaded The iframe has finished loading All
initiate The user clicks 'confirm' to be redirected to the APM APMs
processed The credit card transaction has been processed Run CC Transaction
submit The form has been submitted All
success The credit card transaction has been processed Retail Run CC Transaction


Was this section helpful?

Constant Values

When querying transaction data, the following numerical values are returned which represent the corresponding constant value.

Transaction Status (transactionStatus)

After running a transaction through Nexio's Payment Service or querying for a transaction using Nexio's Transaction Service you will receive a transactionStatus in the response.

Please note the following:

  • The transactionStatus returned by the Payment Service will be a string
  • The transactionStatus returned by the Transaction Service will be an integer

Both values are explained in the table below.

Status Description Nexio Dashboard Status Transaction Service transactionStatus Payment Service transactionStatus
Auth Only Pending The payment is asynchronous and may receive a webhook notice with a status of authOnly in the future AUTHONLYPENDING 3 authOnlyPending
Authorized Pending The payment is asynchronous. The payment is pending and may receive a webhook notice with status of settled in the future AUTHORIZEDPENDING 9 authorizedPending
Authorized The transaction has been successfully authorized and is pending settlement AUTHORIZED 10 authorized
Auth Only The payment is Auth Only and capturing is required to receive the funds. The transaction can also be voided AUTHONLY 11 authOnly
Pending The payment is pending. PENDING 12 pending
Submitted The payment was submitted to the bank for authorization SUBMITTED 13 submitted
Settled The transaction is settled. It can be refunded but not voided SETTLED 20 settled
Declined The transaction was declined DECLINED 30 declined
Fraud Reject The transaction was declined by Kount prior to being submitted to the gateway FRAUDREJECT 32 fraudReject
Rejected The ACH transaction was rejected REJECTED 33 rejected
Void Pending The payment is asynchronous and may receive a webhook notice with a status of voided in the future VOIDPENDING 39 voidPending
Voided The payment has been voided VOIDED 40 voided
Error An error has occurred ERROR 50 error

Transaction Type (transactionType)

Name Value
Sale 10
Refund 20

Card Type (cardType)

Name Value
Visa 10
MasterCard 20
Discover 30
American Express 40
Unknown null

Process Method (processMethod)

Name Value
Card 10
Card Present 11
Card Not Present 12
AliPay 20
CUP 30
E-check 40
PayPal 50
Cash 60
ACH 70

Currency (currency)

Name Value
Australian Dollar 036
Canadian Dollar 124
Yuan 156
Yen 392
Won 410
Mexican Peso 484
Pound Sterling 826
US Dollar 840
Euro 978


Was this section helpful?

API Reference

Payments API Reference

E-commerce

One-time-use Token (E-commerce)

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "isAuthOnly": false,
  "shouldUpdateCard": true,
  "installment": {
    "period": 10
  },
  "card": {
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardType": "visa",
    "cardHolderName": "John H Doe",
    "securityCode": 927,
    "classification": "business",
    "password": "12",
    "businessNumber": "1234567890"
  },
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d",
    "firstSix": "479300",
    "lastFour": "3313"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "allowedCardTypes": [
      "discover"
    ],
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "uiOptions": {
    "displaySubmitButton": true,
    "hideCvc": true,
    "requireCvc": false,
    "hideBilling": true,
    "limitCountriesTo": [
      "US"
    ],
    "customTextUrl": "",
    "css": "https://tester.nexiopaysandbox.com/example1.css",
    "useLegacyIframe": true
  },
  "processingOptions": {
    "checkFraud": false,
    "check3ds": true,
    "verboseResponse": true,
    "webhookUrl": "",
    "webhookFailUrl": "",
    "verifyCvc": false,
    "verifyAvs": 2,
    "saveCardToken": true,
    "paymentOptionTag": "switch",
    "merchantId": "string"
  }
}'

POST /pay/v3/token

A token from this endpoint is necessary prior to loading any e-commerce iframe.

There are no required body parameters to retrieve a one-time-use token. However, any body parameters included in this request are used to pass information along to the iframe for which the one-time-use token is used.

All processing options and UI options for your iframe forms must be sent in the body of this request. Any data (ex. card or customer information) you wish to be pre-filled in your iframe forms must also be sent in this request.

Note: Once a token has been used to submit an iframe it cannot be used to load another. You must request a new one-time-use token prior to submitting each iframe..

Parameters

Name Type Description
isAuthOnly boolean Set to true to run an auth only transaction
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information
Default: true
installment object none
card object Credit card information
tokenex object TokenEx information
data object This data will be passed along to the iframe you choose to load using your one-time-use token.

Note: Some fields may not be applicable to all iframes

uiOptions object Used to customize the iframe's user interface
processingOptions object Processing options

Example responses

200 Response

{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2",
  "fraudUrl": "https://tst.kaptcha.com/collect/sdk?m=717000&s=f81f6b7647ae47bf8ef04879a3de896e"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
expiration string The date and time your One-time-use Token will expire in ISO 8601 format. (Always 30 min after creation)
token string Your One-time-use Token
fraudUrl string The URL to be used for device fingerprinting



Was this section helpful?

Save Card

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/saveCard \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "shouldUpdateCard": true,
  "token": "eb50a022-d6de-4244-a1e6-dcb8522b2d19",
  "card": {
    "encryptedNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ==",
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardType": "visa",
    "cardHolderName": "John H Doe",
    "securityCode": 927
  },
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d",
    "firstSix": "479300",
    "lastFour": "3313"
  },
  "processingOptions": {
    "checkFraud": false,
    "check3ds": true,
    "verboseResponse": true,
    "webhookUrl": "",
    "webhookFailUrl": "",
    "verifyCvc": false,
    "verifyAvs": 2,
    "saveCardToken": true,
    "paymentOptionTag": "switch",
    "merchantId": "string"
  }
}'

POST /pay/v3/saveCard

Allows you to securely save a card number using your own form. Before tokenizing with the Nexio API, the card number must first be encrypted.
You also have the option to pass an existing TokenEx token directly to be saved for use in Nexio.

Parameters

Name Type Description
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information
Default: true
token
Required
string A one-time-use token
card
Required
object Credit card information
tokenex object TokenEx information
processingOptions object Processing options

Example responses

200 Response

{
  "token": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d",
    "firstSix": "479300",
    "lastFour": "3313"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "card": {
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardType": "visa",
    "cardHolderName": "John H Doe",
    "securityCode": 927,
    "classification": "business",
    "password": "12",
    "businessNumber": "1234567890"
  },
  "merchantId": "100100",
  "key": "3ef55100-3bde-45c3-96b1-5643a0854544.5292712865664733",
  "kountResponse": {
    "status": "success",
    "kountRules": "{\"VERS\":\"0630\",\"MODE\":\"Q\",\"TRAN\":\"7V7D0V1BMKPX\",\"MERC\":\"717000\",\"SESS\":\"3bbb89edcd5742f18e2502ebb2bbb18b\",\"ORDR\":\"14233\",\"AUTO\":\"A\",\"SCOR\":\"29\",\"GEOX\":\"US\",\"BRND\":\"VISA\",\"REGN\":null,\"NETW\":\"N\",\"KAPT\":\"N\",\"CARDS\":\"1\",\"DEVICES\":\"1\",\"EMAILS\":\"1\",\"VELO\":\"0\",\"VMAX\":\"0\",\"SITE\":\"DEFAULT\",\"DEVICE_LAYERS\":\"....\",\"FINGERPRINT\":null,\"TIMEZONE\":null,\"LOCALTIME\":\" \",\"REGION\":null,\"COUNTRY\":null,\"PROXY\":null,\"JAVASCRIPT\":null,\"FLASH\":null,\"COOKIES\":null,\"HTTP_COUNTRY\":null,\"LANGUAGE\":null,\"MOBILE_DEVICE\":null,\"MOBILE_TYPE\":null,\"MOBILE_FORWARDER\":null,\"VOICE_DEVICE\":null,\"PC_REMOTE\":null,\"RULES_TRIGGERED\":0,\"COUNTERS_TRIGGERED\":0,\"REASON_CODE\":null,\"MASTERCARD\":\"\",\"DDFS\":null,\"DSR\":null,\"UAS\":null,\"BROWSER\":null,\"OS\":null,\"PIP_IPAD\":null,\"PIP_LAT\":null,\"PIP_LON\":null,\"PIP_COUNTRY\":null,\"PIP_REGION\":null,\"PIP_CITY\":null,\"PIP_ORG\":null,\"IP_IPAD\":null,\"IP_LAT\":null,\"IP_LON\":null,\"IP_COUNTRY\":null,\"IP_REGION\":null,\"IP_CITY\":null,\"IP_ORG\":null,\"WARNING_COUNT\":0}"
  },
  "avsResults": {
    "matchAddress": true,
    "matchPostal": true,
    "gatewayResponse": {}
  }
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
token object TokenEx information
data object Transaction data
card object Credit card information
merchantId string The merchant ID (MID)
key string none
kountResponse object Fraud data and rules
avsResults object none



Was this section helpful?

Save Card Iframe

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/saveCard?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: application/json'

GET /pay/v3/saveCard

Returns an iframe that can be used to securely save a credit card token.

Parameters

Name Type Description
token
Required
string Your one-time-use token

Example responses

200 Response

"<html>A save card form</html>"

Responses

Status Meaning Description
200 OK Success



Was this section helpful?

Run Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/process \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "isAuthOnly": false,
  "card": {
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardType": "visa",
    "cardHolderName": "John H Doe",
    "securityCode": 927,
    "classification": "business",
    "password": "12",
    "businessNumber": "1234567890"
  },
  "tokenex": {
    "token": "6ee140a0-05d1-4958-8325-b38a690dbb9d",
    "firstSix": "479300",
    "lastFour": "3313"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "processingOptions": {
    "checkFraud": false,
    "check3ds": true,
    "verboseResponse": true,
    "webhookUrl": "",
    "webhookFailUrl": "",
    "verifyCvc": false,
    "verifyAvs": 2,
    "saveCardToken": true,
    "paymentOptionTag": "switch",
    "merchantId": "string"
  }
}'

POST /pay/v3/process

Allows you to securely process a card transaction without a browser.

Parameters

Name Type Description
isAuthOnly boolean Set to true to run an auth only transaction
card object Credit card information
tokenex
Required
object TokenEx information
data
Required
object Transaction data
processingOptions object Processing options

Example responses

200 Response

{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MDc4MTkiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkwNzgxOSIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100039",
  "transactionDate": "2019-01-15T13:19:39.329Z",
  "authCode": "035410",
  "transactionStatus": "pending",
  "amount": 34.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {
    "gatewayName": "yourGateway"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "card": {
    "expirationMonth": "12",
    "expirationYear": "20",
    "cardType": "visa",
    "cardHolderName": "John H Doe",
    "securityCode": 927,
    "classification": "business",
    "password": "12",
    "businessNumber": "1234567890"
  },
  "kountResponse": {
    "status": "success",
    "kountRules": "{\"VERS\":\"0630\",\"MODE\":\"Q\",\"TRAN\":\"7V7D0V1BMKPX\",\"MERC\":\"717000\",\"SESS\":\"3bbb89edcd5742f18e2502ebb2bbb18b\",\"ORDR\":\"14233\",\"AUTO\":\"A\",\"SCOR\":\"29\",\"GEOX\":\"US\",\"BRND\":\"VISA\",\"REGN\":null,\"NETW\":\"N\",\"KAPT\":\"N\",\"CARDS\":\"1\",\"DEVICES\":\"1\",\"EMAILS\":\"1\",\"VELO\":\"0\",\"VMAX\":\"0\",\"SITE\":\"DEFAULT\",\"DEVICE_LAYERS\":\"....\",\"FINGERPRINT\":null,\"TIMEZONE\":null,\"LOCALTIME\":\" \",\"REGION\":null,\"COUNTRY\":null,\"PROXY\":null,\"JAVASCRIPT\":null,\"FLASH\":null,\"COOKIES\":null,\"HTTP_COUNTRY\":null,\"LANGUAGE\":null,\"MOBILE_DEVICE\":null,\"MOBILE_TYPE\":null,\"MOBILE_FORWARDER\":null,\"VOICE_DEVICE\":null,\"PC_REMOTE\":null,\"RULES_TRIGGERED\":0,\"COUNTERS_TRIGGERED\":0,\"REASON_CODE\":null,\"MASTERCARD\":\"\",\"DDFS\":null,\"DSR\":null,\"UAS\":null,\"BROWSER\":null,\"OS\":null,\"PIP_IPAD\":null,\"PIP_LAT\":null,\"PIP_LON\":null,\"PIP_COUNTRY\":null,\"PIP_REGION\":null,\"PIP_CITY\":null,\"PIP_ORG\":null,\"IP_IPAD\":null,\"IP_LAT\":null,\"IP_LON\":null,\"IP_COUNTRY\":null,\"IP_REGION\":null,\"IP_CITY\":null,\"IP_ORG\":null,\"WARNING_COUNT\":0}"
  }
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
id string The Nexio payment ID
merchantId string The merchant ID through which the transaction was processed
transactionDate string The transaction date
authCode string The authorization code
transactionStatus string The transaction status
amount number The transaction amount
transactionType string The type of transaction (to be) processed
currency string The three-character currency code
gatewayResponse object Gateway specific information. Included keys may vary by gateway
data object Transaction data
card object Credit card information
kountResponse object Fraud data and rules



Was this section helpful?

Run Transaction Iframe

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: application/json'

GET /pay/v3

Returns an iframe that can be used to securely run a credit or debit card transaction.

Parameters

Name Type Description
token
Required
string Your one-time-use token

Example responses

200 Response

"<html>A run transaction form</html>"

Responses

Status Meaning Description
200 OK Success



Was this section helpful?

Save E-check

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/saveECheck \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "bank": {
    "accountHolderName": "John Doe",
    "routingNumber": "231375151",
    "encryptedBankAccountNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ=="
  },
  "tokenex": {
    "lastFour": "1111",
    "success": true,
    "customerRefNumber": "74771a19-3c28-4c27-83c6-9",
    "cardType": "visa",
    "sesssionID": "115a44ea7f804229acd7c88d5e15b988",
    "error": true,
    "token": "aafb1033-599a-4392-859e-f98033fc37f5"
  }
}'

POST /pay/v3/saveECheck

Allows you to securely save bank account information without a browser or using your own form. Before tokenizing, the bank account number must first be encrypted. You also have the option to pass an existing TokenEx token directly to be saved for use in Nexio.

Parameters

Name Type Description
bank
Required
object Bank information for ACH transactions. Required if tokenex.token is not included
tokenex object E-check token information

Example responses

200 Response

{
  "token": {
    "lastFour": "1111",
    "success": true,
    "customerRefNumber": "74771a19-3c28-4c27-83c6-9",
    "cardType": "visa",
    "sesssionID": "115a44ea7f804229acd7c88d5e15b988",
    "error": true,
    "token": "aafb1033-599a-4392-859e-f98033fc37f5"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "bank": {
    "accountHolderName": "John Doe",
    "routingNumber": "231375151",
    "encryptedBankAccountNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ=="
  },
  "merchantId": "100100",
  "key": "3ef55100-3bde-45c3-96b1-5643a0854544.5292712865664733"
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
token object E-check token information
data object Transaction data
bank object Bank information for ACH transactions. Required if tokenex.token is not included
merchantId string The merchant ID (MID)
key string none



Was this section helpful?

Save E-check Iframe

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/saveECheck?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: text/html'

GET /pay/v3/saveECheck

Returns an iframe that can be used to securely save a bank account information.

Parameters

Name Type Description
token
Required
string Your one-time-use token

Example responses

200 Response

"<html>A save e-check form</html>"

Responses

Status Meaning Description
200 OK Success



Was this section helpful?

Run E-check Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/processECheck \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "tokenex": {
    "lastFour": "1111",
    "success": true,
    "customerRefNumber": "74771a19-3c28-4c27-83c6-9",
    "cardType": "visa",
    "sesssionID": "115a44ea7f804229acd7c88d5e15b988",
    "error": true,
    "token": "aafb1033-599a-4392-859e-f98033fc37f5"
  },
  "bank": {
    "accountHolderName": "John Doe",
    "routingNumber": "231375151",
    "encryptedBankAccountNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ=="
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "processingOptions": {
    "checkFraud": false,
    "check3ds": true,
    "verboseResponse": true,
    "webhookUrl": "",
    "webhookFailUrl": "",
    "verifyCvc": false,
    "verifyAvs": 2,
    "saveCardToken": true,
    "paymentOptionTag": "switch",
    "merchantId": "string"
  }
}'

POST /pay/v3/processECheck

Allows you to securely process an e-check transaction without a browser.

Parameters

Name Type Description
tokenex
Required
object E-check token information
bank
Required
object Bank information for ACH transactions. Required if tokenex.token is not included
data
Required
object Transaction data
processingOptions object Processing options

Example responses

200 Response

{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MzY4NjAiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkzNjg2MCIsImN1cnJlbmN5IjoiVVNEIn0=",
  "shouldUpdateCard": true,
  "merchantId": "100100",
  "transactionDate": "2019-01-17T10:27:24.700Z",
  "authCode": "A4523",
  "transactionStatus": "pending",
  "amount": 15.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {
    "result": "Approved",
    "refNumber": "3105614735",
    "gatewayName": "usaepay"
  },
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "settlementCurrency": "CAD",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "card": {
    "expirationMonth": "12",
    "expirationYear": "20"
  },
  "bank": {
    "accountHolderName": "John Doe",
    "routingNumber": "231375151",
    "encryptedBankAccountNumber": "cu3yRktaYFK2LUC6DpNK289tYDsGRCi7cO+GeG0hkeYFvT7Y8/oY5r53obMz6Q/BZ38gk2u2Ufwy8ojBcX2sfNjG5jplGTXA4NNlSIUjMFfiHe1sff1JFpThoiW/IIlifGlbWu+S1/9pqWPTzJ2+DcjwohbHzsDahhYewFhXgC8qsK0ypi/Shlp+CwRITyIvbVXESD0xz3YOTRHeZLlChvVqN8z4ZzN8nm0MXkmT1wcpYI73bH4KdnPwNU3s7XxvP/ernQP73SHHAOKSLlz4F6AEHFjJiCoXzeLF7LwEjRdxDJ0sKVXbRk3i9BGh+8Nle2VYgjpUWtk2763QkvZiQQ=="
  },
  "token": {
    "lastFour": "1111",
    "success": true,
    "customerRefNumber": "74771a19-3c28-4c27-83c6-9",
    "cardType": "visa",
    "sesssionID": "115a44ea7f804229acd7c88d5e15b988",
    "error": true,
    "token": "aafb1033-599a-4392-859e-f98033fc37f5"
  }
}

Responses

Status Meaning Description
200 OK success

Response Schema

Status Code 200

Name Type Description
id string The Nexio Payment ID
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information
merchantId string The merchant ID through which the transaction was originally run
transactionDate string The transaction date in standard ISO date format
authCode string The authorization code for the transaction
transactionStatus string none
amount number The amount that was voided
transactionType string none
currency string The three-character ISO currency code for the transaction
gatewayResponse object none
data object Transaction data
card object none
bank object Bank information for ACH transactions. Required if tokenex.token is not included
token object E-check token information



Was this section helpful?

Run E-check Transaction Iframe

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/processECheck?token=830d36f6-a5e3-4455-9600-3a55b63e2fc2 \
  -H 'Accept: text/html'

GET /pay/v3/processECheck

Returns an iframe that can be used to securely process an e-check transaction

Parameters

Name Type Description
token
Required
string Your one-time-use token

Example responses

200 Response

"<html>A process e-check form</html>"

Responses

Status Meaning Description
200 OK Success



Was this section helpful?

Void Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/void \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMwOTg2MjEzOTYiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzA5ODYyMTM5NiIsImN1cnJlbmN5IjoiVVNEIn0",
  "data": {
    "amount": 5.15
  }
}'

POST /pay/v3/void

Allows you to void a credit card transaction using the Nexio Payment ID. To do so:

  1. Run a transaction using the Run Credit Card Transaction endpoint.
  2. Retrieve the id from the response. This is the Nexio Payment ID.
  3. Include the id in the body of your request to this endpoint.

Parameters

Name Type Description
id
Required
string The Nexio Payment ID. (To void a transaction through this endpoint it must have been captured through the Nexio Payment API)
data object Transaction data

Example responses

200 Response

{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MzY4NjAiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkzNjg2MCIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100100",
  "transactionDate": "2019-01-17T10:27:24.700Z",
  "authCode": "A4523",
  "transactionStatus": "voided",
  "amount": 15.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {},
  "data": {
    "amount": 15.25,
    "currency": "USD",
    "settlementCurrency": "USD"
  },
  "message": "success"
}

Responses

Status Meaning Description
200 OK Success
400 Bad Request Bad Request

Response Schema

Status Code 200

Name Type Description
id string The Nexio Payment ID
merchantId string The merchant ID through which the transaction was originally run
transactionDate string The transaction date in standard ISO date format
authCode string The authorization code for the transaction
transactionStatus string none
amount number The amount to be voided
transactionType string none
currency string The three-character ISO currency code for the transaction
gatewayResponse object Details may vary by gateway
data object none
message string none



Was this section helpful?

Capture Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/capture \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMwOTg2MjEzOTYiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzA5ODYyMTM5NiIsImN1cnJlbmN5IjoiVVNEIn0",
  "data": {
    "amount": 5.15
  }
}'

POST /pay/v3/capture

Allows you to capture an auth only transaction. To do so:

  1. Run an auth only transaction using the Run Credit Card Transaction endpoint.
  2. Retrieve the id from the response. This is the Nexio Payment ID.
  3. Include the id in the body of your request to this endpoint.

Parameters

Name Type Description
id
Required
string The Nexio Payment ID
data
Required
object Transaction data

Example responses

200 Response

{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MzY4NjAiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkzNjg2MCIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100100",
  "transactionDate": "2019-01-17T10:27:24.700Z",
  "authCode": "A4523",
  "transactionStatus": "pending",
  "amount": 15.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {},
  "data": {
    "amount": 15.25,
    "currency": "USD",
    "settlementCurrency": "USD"
  },
  "message": "success"
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
id string The Nexio Payment ID
merchantId string The merchant ID through which the transaction was originally run
transactionDate string The transaction date in standard ISO date format
authCode string The authorization code for the transaction
transactionStatus string none
amount number The amount to be captured
transactionType string none
currency string The three-character ISO currency code for the transaction
gatewayResponse object Details may vary by gateway
data object none
message string none



Was this section helpful?

Refund Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/refund \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMwOTg2MjEzOTYiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzA5ODYyMTM5NiIsImN1cnJlbmN5IjoiVVNEIn0",
  "data": {
    "amount": 2.5
  }
}'

POST /pay/v3/refund

Allows you to refund a credit card transaction using the Nexio Payment ID. To do so:

  1. Run a transaction using the Run Credit Card Transaction endpoint.
  2. Retrieve the id from the response. This is the Nexio Payment ID.
  3. Include the id in the body of your request to this endpoint.

Parameters

Name Type Description
id
Required
string The Nexio Payment ID. (To void a transaction through this endpoint it must have been captured through the Nexio Payment API)
data
Required
object none

Example responses

200 Response

{
  "id": "eyJuYW1lIjoidXNhZXBheSIsInJlZk51bWJlciI6IjMxMDA5MzY4NjAiLCJtZXJjaGFudElkIjoiMTAwMDM5IiwicmFuZG9tIjoiMzEwMDkzNjg2MCIsImN1cnJlbmN5IjoiVVNEIn0=",
  "merchantId": "100100",
  "transactionDate": "2019-01-17T10:27:24.700Z",
  "authCode": "A4523",
  "transactionStatus": "pending",
  "amount": 15.25,
  "transactionType": "sale",
  "currency": "USD",
  "gatewayResponse": {},
  "data": {
    "amount": 15.25,
    "currency": "USD",
    "settlementCurrency": "USD"
  },
  "message": "success"
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
id string The Nexio Payment ID
merchantId string The merchant ID through which the transaction was originally run
transactionDate string The transaction date in standard ISO date format
authCode string The authorization code for the transaction
transactionStatus string none
amount number The amount to be refunded
transactionType string none
currency string The three-character ISO currency code for the transaction
gatewayResponse object Details may vary by gateway
data object none
message string none



Was this section helpful?

View Card Token

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/vault/card/{cardToken} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /pay/v3/vault/card/{cardToken}

Allows you to view details of a specific card token.

Parameters

Name Type Description
cardToken
Required
string The card token you wish to view

Example responses

200 Response

{
  "key": "aafb1033-599a-4392-859e-f98033fc37f5.5292712865664733",
  "merchantId": "100100",
  "data": {
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "allowedCardTypes": [
      "discover"
    ],
    "customFields": {
      "exampleKey": "Example string"
    },
    "paymentMethod": "creditCard",
    "description": "string",
    "currency": "USD",
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    }
  },
  "tokenex": {
    "lastFour": "1111",
    "success": true,
    "customerRefNumber": "74771a19-3c28-4c27-83c6-9",
    "cardType": "visa",
    "sesssionID": "115a44ea7f804229acd7c88d5e15b988",
    "error": true,
    "token": "aafb1033-599a-4392-859e-f98033fc37f5"
  },
  "dateCreated": "2019-07-31T17:02:39.035Z",
  "dateLastModified": "2019-07-31T18:33:30.660Z",
  "card": {
    "expirationMonth": "07",
    "expirationYear": "2022",
    "cardHolderName": "Jane Doe"
  },
  "originalCard": {
    "expirationMonth": "07",
    "expirationYear": "2019",
    "cardHolderName": "Jane Doe"
  },
  "tokenHistory": [
    {
      "token": "blf38djf-599a-4392-859e-f293jf837f5",
      "lastFour": "1111",
      "firstSix": "123456",
      "createdAt": "string"
    }
  ],
  "accountUpdaterStatus": "isExcluded",
  "shouldUpdateCard": true
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
key string The primary key used to identify the token in Nexio's database
merchantId string The merchant account under which the card token is saved
data object Additional data attached to the card token
tokenex object E-check token information
dateCreated string The date and time at which the card was created
dateLastModified string The date and time at which the card was last modified
card object Card information
originalCard object Original card details
tokenHistory array An array of card objects
accountUpdaterStatus string The card's account updater status. See this table for a list of possible values and their meanings
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information



Was this section helpful?

Edit Card Token

Example request

curl -X put https://api.nexiopaysandbox.com/pay/v3/vault/card/{cardToken} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "shouldUpdateCard": true,
  "card": {
    "expirationMonth": "12",
    "expirationYear": "22",
    "cardHolderName": "Jane Doe"
  },
  "data": {
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    }
  }
}'

PUT /pay/v3/vault/card/{cardToken}

Allows you to edit expiration date, account updater status, and customer information for an existing token.
Use this endpoint to register/deregister card tokens with the account updater service.
Note: Cards registered with the account updater service may take up to 72 hours to be deregistered.

Parameters

Name Type Description
cardToken
Required
string The card token you wish to edit. (Sent as a path parameter)
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information
Default: true
card object Card information you wish to edit. Only provided fields will be edited
data object Optional data you wish to edit. Only provided fields will be edited

Example responses

200 Response

{
  "card": {
    "expirationMonth": "07",
    "expirationYear": "2019",
    "cardHolderName": "Jane Doe"
  },
  "data": {
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    }
  },
  "shouldUpdateCard": true,
  "accountUpdaterStatus": "isExcluded"
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
card object Card information
data object none
shouldUpdateCard boolean The card's account updater enrollment tag
When true the card or e-check token is tagged for registration with account updater
Note: The card or e-check will not be registered until the merchant account is enrolled. See this table for more information
accountUpdaterStatus string The card's account updater status. See this table for a list of possible values and their meanings



Was this section helpful?

Delete Card Tokens

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/deleteToken \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "tokens": [
    "p6711abg-41fd-m56a-81a1-t0k3n287799b"
  ]
}'

POST /pay/v3/deleteToken

Allows you to delete card tokens from the card vault.
Note: Cards registered with the account updater service may take up to 72 hours to be removed.

Parameters

Name Type Description
tokens
Required
array An array of card tokens

Example responses

200 Response

[
  {
    "key": "p6711abg-41fd-m56a-81a1-t0k3n287799b",
    "message": "Successfully removed from vault",
    "error": "",
    "status": "success"
  }
]

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
*anonymous* array none



Was this section helpful?

Retail

Simple Login

Example request

curl -X post https://api.nexiopaysandbox.com/auth/v3/createSimpleLogin \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

POST /auth/v3/createSimpleLogin

Simple Login allows trusted users to proceed directly to the retail/MOTO Iframe without the necessity of entering a Nexio username and password. This option is useful for cases in which multiple users will be using a single Nexio account. It can also save time for internal users by eliminating the need to enter a username and password upon each use.

Example responses

200 Response

{
  "username": "youremail@cmsonline.com",
  "key": "4f211fde-d135-4c91-afbc-bcdb73c0c504",
  "jwt": "t3jraWQiOiI3V2JrOFdSVVliMVljR2p3Mlhwd2swR3lIRWt6THcwVDRqckVhNVVVTjBnPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI4YWYzZTQwZC02Y2I0LTQ0ZWQtOWRlZS0yN2Y3NmNmNDc0YmMiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfVlVEN21MeWNqIiwiY3VzdG9tOmFjY291bnRJZCI6ImVjN2NiOWJhLWQwMmQtNDhkYS1hY2I3LWI2ZWQ3YmJiZWQwMiIsImNvZ25pdG86dXNlcm5hbWUiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIiwiYXVkIjoiNDBtZWQ2YnNybDZ1aWpnMmpmZzQwcmJzOGkiLCJldmVudF9pZCI6IjE0YmU5MWFjLTM0NjctMTFlOS9iNDZjLWMxMjdjYTkzZjA3NCIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTUwNTk1Mjk0LCJleHAiOjE1NTA1OTg4OTRsImN1c3RvbTphY2Nlc3NSaWdodHMiOiJ7XCJtZXJjaGFudElkc1wiOntcIjEwMDAzOVwiOlwiQVwiLFwiMTAwMDQxXCI6XCJBXCIsXCI1MTU3OTQwMDAwMTM1MDRcIjpcIkFcIixcIjkyMzYwMDAwMTEyNDUwM1wiOlwiQVwiLFwiOTIzNTAwMDAxNDMyNzQyXCI6XCJBXCIsXCI1MTM0ODUwMDAwMDAwMThcIjpcIkFcIixcIjkyMzYwMDAwODEyNjYxMFwiOlwiQVwiLFwiOTIzNjAwMDAzMTYzODEwXCI6XCJBXCJ9LFwicm9sZVwiOlwiQVwifSIsImlhdCI6MTU1MDU5NTI5NCwiZW1haWwiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIn0.OEEZarSzbSLpxUM55UKmycYtAAWEtm__XUJdqBJ9QPSF_8sdLIL9EXBF8cLarhv3DoLqeWKUpieNgfcME2IsIc8amDXitvJtJe3STQtI_zaJwAibBxJhFKQRLRCrIe3kpslVJPuw3OeST54QcseifLlA64bxNaveXygja7aejwINueE4_Nj0NEzcFGZoYHgNB6br6Ksbjgx-z_SiFIZ1XHS-eOMnBoCIVWjFr3FY9IbfnQf4v0c0AFWKt9mOpjYracSqOHHmSER7GuaMBNrHxfbe0kHVh6hvnrzh10SEnTsF573qbP1R_aZA_Uh80MOLB0UvPWWFzzyP4GniNc3zLw",
  "refreshToken": "t3jjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.CejuLZHvZcrISuiwE7N4xg7EYq6ArivbyNwDVE2X7eTdr7CTO4l5udgc9ZUV1byTe1r3eLN_szbte1nlaimbQj5ZcJpim1zmW5pkk7aFVF-WcnLjIBVPilp6bLW8gsZaB04WErDjwzt4r7Bxnz6YnmLM7e3V15ZVkY6GLFqgrUF9Tb9UOFbCDD_H8qe1AdFktVeeVgefekJew3RuZ8p2BnKWejt1BcyMUnYY-QgaLm3TzUpd14PRbdvOfBG3D9KmJCnZ_6H9sQ5FUirqsF_U6eXNppE1QXZdjhFg4oic791Kq5rXU2xbMI9ggeFoGIjLLP0Keb0iT66NwXpf50-h4w.eUOjohgz3zXTJWHH.IBQMMiNKtbAZ02r0QGXJXw_zM2c3epH5LGtdZxIVUReMRr5CLm-ptE7zaFTK0D1tpUHcVonqiDuXyc09IN0IO4jL32QqQjgeG-V9LBYgpr1xV3qyc5TR-L2VNHjJt3A3SbJsIzxHDqKLucJw2N0WaiOgLb577q8B8lu0pLCpOV_POlUiT4BLAvycMCKkgUCDrejyjzR39ofCUqtZKuMglXanUfVE3hC0OaNOMpl65N_utjuf9vzklyZZRQMTgokQ7V0yp0VSpCC6D_zNBvwTPUKHVFyMrzEC4wJZ9uOtIS9h9rv_HywpwrPqHYajsGYNrv7QvHE1Kg80I73CbL0owW-J5bKEbgImqkahNVhBoFJejnvN3PEr9zthNey15Q_utOUFUkR0Po9GH6fnXFXxQnIC7c2hQ4lgjV2wR3WGzEiE5L0aNLF1Cnjyn-t1VZxQHG2uiyiT1aIUFBPbItTkVPjKhkFKf7AfXqOTAl52VFdBPpFdbG5Ecwfm_4ZGgO_4KJnLcb7qMQuEI6G20xelkPD2NHIpdS9gHx7XIlyfiBPkvq3YEKMtOQQbRAQ_Hcy7leeZnSyPgq65Bnsn22xZ4NG5bSshSEEMlq5lbOV4-dzBGV8SA6dOeNHR7GeQvSr1XQ89sBloJlMKJLe9WL0fYhkY6u-MbmecvMoU1OrC4mvIv-0l53TIeeGDMtn8UkcaSxQG7HBEqcQlvaFAxGaol7kiDPlAMxdp11lnk0ix3G0M74xHRFpZalIFtUAPm2xEVFJLWlwLqalRgJpO70asiw9QJ_pi0HERT5N_wCXraxeQyNrknNmi157ih5yP7SGm7MXrSVUOHu6GIBZktAfP8IURhJNQZfSk3Do_up1vUBPN7yLNumqPq2PWH3CgFXle3nDaQYCVsVkGU-FZTy7KLIbKc2EStkOFOCPiYYSoD8h1-C8kclCeIKFLDFQIo7weJyIGjQqV_pY9HEPQivgXw6X1ti711x0YZ2bhl9tPuUEtXeja7hGAxLnrU4QqHr2iS58J9F5NMVc6LlK_NcExLzrlnQBJws7urmDkV_yoOtCRadxVuAxVCYqfAh8X4gzQ7LQMT27pFeV98iCvAmkhWx4RpAmFYHmacUJIXUVXKe6eTlN27gsYir1H9SrkbFgjOjvoUBj5p-mn-mMathsdAbRtlryJEjfCzAfBWis-7d4GsxCZGQnCJ0NezIP50_2dCPyzpgYcUwt4E4kHIA5-SBOLWneULDPz7VpRJxKv8BaYxOZuotnV2zz2nwB3vlDWK1h6cgRfMT8o8iphcUMxdZdjd-FElzNCdQ.SDQXbyIYZu6_jdCeAzTzoA",
  "exp": 1550600014
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
username string The simple login username
key string The simple login key
jwt string The JWT
refreshToken string The refresh token
exp integer The expiration time of the Simple Login



Was this section helpful?

Get Terminal List

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/getTerminalList \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /pay/v3/getTerminalList

Retrieves a list of available terminals.
Note: Before terminals are made available for processing, they are first configured in the gateway account directly by Nexio integration support. If you do not see a terminal in the list retrieved here, contact Integration Support for assistance.

Example responses

200 Response

[
  {
    "merchantId": "103002",
    "merchantName": "Test Merchant",
    "gatewayName": "yourGateway",
    "gatewayType": 110,
    "gatewayLabel": "...2e21,...5ee7",
    "terminalName": "Terminal 1",
    "terminalSerialNumber": "84937213",
    "terminalId": "eyJtZXJjaGFudElkIjoiMTAxMDM5IiwiZ2F0ZXdheUxhYmVsIjoiLi4uMmUyMSwuLi41ZWU3IiwidGVybWluYWwiOnsiaWQiOiIxMWU5MDIxMGNmZTdmNmFlOWVkNWUwYTgiLCJsb2NhdGlvbklkIjoiMTFlOGNkNmE4YjQ0YzUzZWFkNmFkY2UxIn19"
  }
]

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description



Was this section helpful?

Process from Terminal

Example request

curl -X post https://api.nexiopaysandbox.com/pay/v3/processFromTerminal \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "terminalId": "eyJtZXJjaGFudElkIjoiMTAxMDM5IiwiZ2F0ZXdheUxhYmVsIjoiLi4uMmUyMSwuLi41ZWU3IiwidGVybWluYWwiOnsiaWQiOiIxMWU5MDIxMGNmZTdmNmFlOWVkNWUwYTgiLCJsb2NhdGlvbklkIjoiMTFlOGNkNmE4YjQ0YzUzZWFkNmFkY2UxIn19",
  "data": {
    "amount": "13.45"
  }
}'

POST /pay/v3/processFromTerminal

Initiates a terminal transaction. See these steps for more information on how to process through EMV.

Parameters

Name Type Description
terminalId string An ID used to identify a specific terminal. For a list of terminal IDs see the Get Terminal List endpoint.
data
Required
object Transaction data

Example responses

Responses

Status Meaning Description
200 OK Success

Response Schema




Was this section helpful?

Terminal Transaction Status

Example request

curl -X get https://api.nexiopaysandbox.com/pay/v3/processFromTerminal/{terminalRequestId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /pay/v3/processFromTerminal/{terminalRequestId}

Checks the status of a transaction run through the terminal.

Parameters

Name Type Description
terminalRequestId
Required
string The terminal request ID. Found in the response of Process from Terminal endpoint

Example responses

200 Response

{
  "message": "Terminal request not found",
  "error": 490,
  "gatewayResponse": {
    "gatewayName": "yourGateway"
  }
}

Responses

Status Meaning Description
200 OK Success

Response Schema

Status Code 200

Name Type Description
message string The response message
error integer The error code, if applicable
gatewayResponse object Gateway specific information. Included keys may vary by gateway



Was this section helpful?

Alternative Payment Methods

One-time-use Token (APM)

Example request

curl -X post https://api.nexiopaysandbox.com/apm/v3/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "isAuthOnly": false,
  "data": {
    "amount": 29.99,
    "currency": "USD",
    "dueDate": "2020-01-01 23:59",
    "paymentMethod": "payPal",
    "description": "test purchase",
    "customer": {
      "firstName": "John",
      "lastName": "Doe",
      "invoice": "IN0001",
      "orderNumber": "210058A",
      "birthDate": "1990-12-05",
      "customerRef": "RP006",
      "createdAtDate": "2005-03-01",
      "email": "jdoe@yourwebsite.com",
      "phone": "1555555555",
      "billToAddressOne": "2147 West Silverlake Drive",
      "billToAddressTwo": "",
      "billToCity": "Scranton",
      "billToState": "PA",
      "billToPostal": "18503",
      "billToCountry": "US",
      "billToPhone": "1555555555",
      "shipToAddressOne": "1725 Slough Avenue",
      "shipToAddressTwo": "Suite 200",
      "shipToCity": "Scranton",
      "shipToState": "PA",
      "shipToPostal": "18505",
      "shipToCountry": "US",
      "shipToPhone": "1555555555"
    },
    "cart": {
      "items": [
        {
          "item": "913261",
          "description": "Hammermill Premium 8.5 x 11 Color Copy Paper, 28 lbs. 500/Ream",
          "quantity": 8,
          "price": 16.49,
          "type": "sale"
        }
      ]
    },
    "lodging": {
      "advanceDeposit": true,
      "checkInDate": "2018-12-31",
      "checkOutDate": "2019-01-05",
      "roomNumber": 14,
      "roomRate": 143.99,
      "noShow": false
    },
    "customFields": {
      "exampleKey": "Example string"
    },
    "secCode": "ICL"
  },
  "uiOptions": {
    "displaySubmitButton": true,
    "hideCvc": true,
    "requireCvc": false,
    "hideBilling": true,
    "limitCountriesTo": [
      "US"
    ],
    "customTextUrl": "",
    "css": "https://tester.nexiopaysandbox.com/example1.css",
    "useLegacyIframe": true
  },
  "processingOptions": {
    "checkFraud": false,
    "check3ds": true,
    "verboseResponse": true,
    "webhookUrl": "",
    "webhookFailUrl": "",
    "verifyCvc": false,
    "verifyAvs": 2,
    "saveCardToken": true,
    "paymentOptionTag": "switch",
    "merchantId": "string"
  }
}'

POST /apm/v3/token

A token from this endpoint is necessary prior to loading any of the Alternative Payment Method iframes.

Any data (amount, currency, etc.) that you wish to be sent to the alternate payment method must be included in the body of this request.

Note: Once a token has been used to submit an iframe it cannot be used to load another. You must request a new one-time-use token prior to submitting each iframe.

Parameters

Name Type Description
isAuthOnly boolean Set to true to run an auth only transaction
data
Required
object Transaction data
uiOptions object Used to customize the iframe's user interface
processingOptions object Processing options

Example responses

200 Response

{
  "expiration": "2018-09-18T15:43:05.664Z",
  "token": "830d36f6-a5e3-4455-9600-3a55b63e2fc2"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
expiration string The date and time your One-time-use Token will expire in ISO 8601 format. (Always 30 min after creation)
token string Your One-time-use Token



Was this section helpful?

APM Iframe

Example request

curl -X get https://api.nexiopaysandbox.com/apm/v3?token=477d626c-9d29-46cf-8a41-abab04874eac \

GET /apm/v3

Returns an iframe that will allow a user to redirect to the chosen alternative payment method's web page in a new window.

The alternative payment method must be chosen upon retrieval of a One-time-use token.

Note: This iframe will emit events, alerting you when the transaction has been submitted, processed, etc.

Parameters

Name Type Description
token
Required
string Your one-time-use token

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

APM Popup

Example request

curl -X get https://api.nexiopaysandbox.com/apm/v3/popup?token=477d626c-9d29-46cf-8a41-abab04874eac \

GET /apm/v3/popup

Creates a popup window that directs the user to the chosen alternative payment method.

The alternative payment method must be chosen upon retrieval of a one-time-use token.

Note: If you chose this option you must handle any events in your own code base, Nexio will not be able to emit any events upon success, error, etc.

Parameters

Name Type Description
token
Required
string Your one-time-use token

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Capture APM Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/apm/v3/capture \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": 0,
  "data": {
    "amount": 5.15
  }
}'

POST /apm/v3/capture

Captures a previously authorized (auth only) transaction run using an Alternative Payment Method.

Parameters

Name Type Description
id
Required
integer The Nexio APM Payment ID
data
Required
object Transaction data

Example responses

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Void APM Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/apm/v3/void \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": 0,
  "data": {
    "amount": 5.15
  }
}'

POST /apm/v3/void

Voids a transaction run using an Alternative Payment Method.

Parameters

Name Type Description
id
Required
integer The Nexio APM Payment ID
data
Required
object Transaction data

Example responses

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Refund APM Transaction

Example request

curl -X post https://api.nexiopaysandbox.com/apm/v3/refund \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "id": 0,
  "data": {
    "amount": 5.15
  }
}'

POST /apm/v3/refund

Refunds a transaction using an Alternative Payment Method.

Parameters

Name Type Description
id
Required
integer The Nexio APM Payment ID
data
Required
object Transaction data

Example responses

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Reporting API Reference

Transactions

Transactions

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3 \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3

Returns all transactions with the given range.
Note: Certain transaction data will be returned as numerical values. The definitions are provided in the Constant Values tables

Parameters

Name Type Description
limit integer The number of transactions to return
offset integer The offset. Used to view transactions further along the list
startDate string The start date
endDate string The end date
transaction object none

Example responses

200 Response

{
  "offset": 10,
  "limit": 1,
  "rows": [
    {
      "id": 7971,
      "merchantId": "100039",
      "transactionDate": "2019-02-21T05:39:08.000Z",
      "amount": 8.99,
      "authCode": "834448",
      "transactionStatus": 10,
      "transactionType": 10,
      "cardType": 10,
      "cardNumber": "424242******4242",
      "cardHolder": "John Doe",
      "processMethod": 10,
      "achDetailId": "MTAtNTAyNzgvMTkwNTNwBTUxNTc5NDAwMDAwMTEwMw==",
      "currencyId": "840",
      "reportDate": "2019-02-23T05:39:59.000Z",
      "settledDate": "2019-02-22T05:39:59.000Z",
      "createdAt": "2019-02-21T05:39:59.000Z",
      "updatedAt": "2019-02-23T05:39:59.000Z"
    }
  ],
  "hasMore": true
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
offset integer The number of rows by which the data is offset
limit integer The limit of the number of rows
rows array An array of transactions
hasMore boolean Will be true if there are more records not included in the current response



Was this section helpful?

Search Transaction

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/search \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/search

Searches for transactions based on the query parameter included in the request.
Note: Certain transaction data will be returned as numerical values. The definitions are provided in the Constant Values tables

Parameters

Name Type Description

Example responses

200 Response

{}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Search For Transaction ID

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/{transactionId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/{transactionId}

Searches for transactions with the given transaction ID.
Notes:

Parameters

Name Type Description
transactionId
Required
string The Nexio Transaction ID

Example responses

200 Response

{
  "id": 7971,
  "merchantId": "100039",
  "transactionDate": "2019-02-21T05:39:08.000Z",
  "amount": 8.99,
  "authCode": "834448",
  "transactionStatus": 10,
  "transactionType": 10,
  "cardType": 10,
  "cardNumber": "424242******4242",
  "cardHolder": "John Doe",
  "processMethod": 10,
  "achDetailId": "MTAtNTAyNzgvMTkwNTNwBTUxNTc5NDAwMDAwMTEwMw==",
  "currencyId": "840",
  "reportDate": "2019-02-23T05:39:59.000Z",
  "settledDate": "2019-02-22T05:39:59.000Z",
  "createdAt": "2019-02-21T05:39:59.000Z",
  "updatedAt": "2019-02-23T05:39:59.000Z"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Transaction Count

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/count \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/count

Returns a count of all transactions between the given dates.

Parameters

Name Type Description
startDate string The start date. In standard ISO date format
endDate string The end date. In standard ISO date format

Example responses

200 Response

6

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Transaction Total

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/total \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/total

Returns a sum of the transaction amounts between the given dates.

Parameters

Name Type Description
startDate string The start date. In standard ISO date format
endDate string The end date. In standard ISO date format

Example responses

200 Response

1470.91

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Transaction Summary

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/transactionsSummary \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/transactionsSummary

Returns a transaction summary (amount, date and merchant ID) for each transaction between the given dates.

Parameters

Name Type Description
startDate string The start date. In standard ISO date format
endDate string The end date. In standard ISO date format

Example responses

200 Response

[
  {
    "amount": 118.02,
    "transactionDate": "2019-02-01",
    "merchantId": "100039"
  }
]

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
*anonymous* array [A transaction summary]



Was this section helpful?

Daily Transaction Summary

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/dailyTransactionsSummary \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/dailyTransactionsSummary

Returns transaction summaries for the given date and previous day.

Parameters

Name Type Description
date string The date. In standard ISO date format

Example responses

200 Response

{
  "today": [
    {
      "hour": 6,
      "amount": 3.06,
      "count": 3
    }
  ],
  "yesterday": [
    {
      "hour": 4,
      "amount": 12.68,
      "count": 6
    }
  ]
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
today array An array containing a summary of today's transactions. Each object will contain the following keys:
  • hour: The hour of the day
  • amount: The sum of the transactions processed during that hour
  • count: The total number of transaction processed during that hour
yesterday array An array containing a summary of yesterday's transactions. Each object will contain the following keys:
  • hour: The hour of the day
  • amount: The sum of the transactions processed during that hour
  • count: The total number of transaction processed during that hour



Was this section helpful?

Card Types

Example request

curl -X get https://api.nexiopaysandbox.com/transaction/v3/paymentTypes \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /transaction/v3/paymentTypes

Returns an array listing all available card types.

Example responses

200 Response

[
  {
    "id": 10,
    "name": "visa"
  }
]

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description



Was this section helpful?

Chargebacks

Chargebacks

Example request

curl -X get https://api.nexiopaysandbox.com/chargeback/v3 \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /chargeback/v3

Returns all chargebacks within a range.

Parameters

Name Type Description
limit integer The number of chargebacks to return
Default: 10
offset integer The offset. Used to view chargebacks further along the list
startDate string The start date
endDate string The end date
Default: today

Example responses

200 Response

{
  "offset": 10,
  "limit": 12,
  "rows": [
    {
      "id": 302773,
      "relatedChargebackId": 0,
      "merchantId": "513485000347013",
      "reportDate": "2019-02-08T00:00:00.000Z",
      "sequenceNumber": "0319039503202",
      "cardType": "MasterCard",
      "cardNumber": "554514******2734",
      "amount": -39.99,
      "transactionDate": "2018-10-18T00:00:00.000Z",
      "reasonCode": "4837",
      "description": "string",
      "referenceNumber": "96134845291989800679798",
      "message": "MESSAGE 1            ",
      "authCode": "06684P",
      "lockBoxBatch": "string",
      "cardIdentifier": "string",
      "transactionCode": "string",
      "transactionId": "string",
      "transactionRef": "00075979",
      "chargebackCycle": 1,
      "isDisputed": "string",
      "achId": "string",
      "achDetailsId": "MTAtMzAtMTkwMjA4LTUxMzQ4NTAwMDM0NzAxMw==",
      "currencyId": "840",
      "createdAt": "2019-02-09T19:01:38.000Z",
      "updatedAt": "2019-02-09T19:01:38.000Z"
    }
  ],
  "hasMore": true
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
offset integer The number of rows by which the data is offset
limit integer The limit on the number of rows
rows array An array of chargebacks
hasMore boolean Will be 'true' if there are more records not included in the current response



Was this section helpful?

Chargeback Summary

Example request

curl -X get https://api.nexiopaysandbox.com/chargeback/v3/summary \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /chargeback/v3/summary

Returns a summary of all chargebacks within a given date range.

Parameters

Name Type Description
startDate string The start date
endDate string The end date
Default: today

Example responses

200 Response

{
  "newChargebacksCount": 5,
  "newChargebacksTotal": 450.87,
  "wonChargebacksCount": 7,
  "wonChargebacksTotal": 558.7,
  "representmentsCount": 1,
  "representmentsTotal": 38.03
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
newChargebacksCount integer The total number of new chargebacks
newChargebacksTotal number The total amount of all new chargebacks
wonChargebacksCount integer The total number of won chargebacks
wonChargebacksTotal number The total amount of all won chargebacks
representmentsCount integer The total number of chargebacks in representment status
representmentsTotal number The total amount of all chargebacks in representment status



Was this section helpful?

Chargeback

Example request

curl -X get https://api.nexiopaysandbox.com/chargeback/v3/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /chargeback/v3/{id}

Returns a single chargeback.

Parameters

Name Type Description
id
Required
integer The Nexio chargeback ID

Example responses

200 Response

{
  "id": 302773,
  "relatedChargebackId": 0,
  "merchantId": "513485000347013",
  "reportDate": "2019-02-08T00:00:00.000Z",
  "sequenceNumber": "0319039503202",
  "cardType": "MasterCard",
  "cardNumber": "554514******2734",
  "amount": -39.99,
  "transactionDate": "2018-10-18T00:00:00.000Z",
  "reasonCode": "4837",
  "description": "string",
  "referenceNumber": "96134845291989800679798",
  "message": "MESSAGE 1            ",
  "authCode": "06684P",
  "lockBoxBatch": "string",
  "cardIdentifier": "string",
  "transactionCode": "string",
  "transactionId": "string",
  "transactionRef": "00075979",
  "chargebackCycle": 1,
  "isDisputed": true,
  "achId": "string",
  "achDetailsId": "MTAtMzAtMTkwMjA4LTUxMzQ4NTAwMDM0NzAxMw==",
  "currencyId": "840",
  "createdAt": "2019-02-09T19:01:38.000Z",
  "updatedAt": "2019-02-09T19:01:38.000Z",
  "Disputes": [
    {
      "id": 9602,
      "merchantId": "100039",
      "chargebackId": 308683,
      "createdAt": "2019-03-07T19:49:36.000Z",
      "updatedAt": "2019-03-07T19:49:36.000Z"
    }
  ],
  "processor": {},
  "transaction": {
    "chargebackId": 302773,
    "transactionId": 65249867,
    "orderNumber": "2843",
    "cardHolder": "Jane Doe",
    "transactionDate": "2018-10-18T12:02:22.000Z",
    "amount": 39.99
  },
  "reason": {
    "name": "4837",
    "description": "No cardholder authorization"
  }
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Dispute Chargeback

Example request

curl -X post https://api.nexiopaysandbox.com/chargeback/v3/dispute \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "userName": "you@nexiopay.com",
  "chargebackId": "305422",
  "description": "",
  "isPreview": false,
  "images": [
    {
      "name": "Receipt with customer signature",
      "data": "data:image/png;base64,iVBO"
    }
  ]
}'

POST /chargeback/v3/dispute

Flags a chargeback as disputed. You may include additional information if desired.
Note: By submitting a chargeback dispute via the Nexio API you agree to the following: I agree that I am not including sensitive information. Sensitive information includes: full credit card numbers, credit card security codes (CVV/CVC), social security numbers, driver's license numbers, health records, etc. Your dispute will be rejected if you include sensitive information.

Parameters

Name Type Description
userName
Required
string Your Nexio account username
chargebackId
Required
string The Nexio chargeback ID to flag as disputed
description string A description of the reason the chargeback has been disputed. 800 character limit.
isPreview boolean Set to true to return a PDF preview of the chargeback dispute in the response
images array Images to be included in your dispute. Accepted file formats: JPEG, PNG

Example responses

200 Response

{
  "message": "success"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
message string A description of the status of your request.



Was this section helpful?

Disputes

Example request

curl -X get https://api.nexiopaysandbox.com/chargeback/v3/dispute \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /chargeback/v3/dispute

Returns a list of disputed chargebacks.

Parameters

Name Type Description
limit integer The number of disputed chargebacks to return
Default: 10
offset integer The offset. Used to view disputed chargebacks further along the list

Example responses

200 Response

{
  "count": 325,
  "rows": [
    {
      "id": 9602,
      "merchantId": "100039",
      "chargebackId": 308683,
      "createdAt": "2019-03-07T19:49:36.000Z",
      "updatedAt": "2019-03-07T19:49:36.000Z"
    }
  ],
  "limit": 1
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
count integer The total number of chargebacks in the list
rows array An array of disputes
limit integer The limit on the number of rows



Was this section helpful?

Dispute

Example request

curl -X get https://api.nexiopaysandbox.com/chargeback/v3/dispute/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /chargeback/v3/dispute/{id}

Returns a disputed chargeback.

Parameters

Name Type Description
id
Required
integer The disputed chargeback ID

Example responses

200 Response

{
  "id": 9602,
  "merchantId": "100039",
  "chargebackId": 308683,
  "createdAt": "2019-03-07T19:49:36.000Z",
  "updatedAt": "2019-03-07T19:49:36.000Z"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Deposits

Deposit Summary

Example request

curl -X get https://api.nexiopaysandbox.com/ach/v3 \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /ach/v3

Returns a summary of all deposits with the given range.

Parameters

Name Type Description
limit integer The number of deposit summaries to return
Default: 10
offset integer The offset. Used to view deposit summaries further along the list
startDate string The start date. Default: none
endDate string The end date
Default: today's date
merchantIds string A list of merchant IDs

Example responses

200 Response

{
  "offset": 10,
  "limit": 1,
  "rows": [
    {
      "id": 3742052,
      "merchantId": "100039",
      "date": "2019-02-05",
      "dda": "*****5132",
      "amount": 4.92,
      "currencyId": "840",
      "createdAt": "2019-02-07T14:04:03.000Z",
      "updatedAt": "2019-02-07T14:04:03.000Z",
      "processor": {},
      "details": [
        {
          "achDetailId": "MTAtNDE0MTQ0MS0xOTAyMTAtNTEzNDg1MDAwMzQ3MDEz",
          "achSummary": {
            "date": "2019-02-10",
            "merchantId": "100039"
          },
          "amount": 40.99,
          "count": 2,
          "processor": {}
        }
      ]
    }
  ],
  "hasMore": true
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
offset integer The number of rows by which the data is offset
limit integer The limit on the number of rows
rows array An array of deposit summary objects
hasMore boolean Will be true if there are more records not included in the current response



Was this section helpful?

Statements and Adjustments

Adjustments

Example request

curl -X get https://api.nexiopaysandbox.com/report/v3/adjustments \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /report/v3/adjustments

Returns all adjustments within a range.

Parameters

Name Type Description
limit integer The number of adjustments to return
Default: 10
offset integer The offset. Used to view adjustments further along the list
startDate string The start date
endDate string The end date
Default: today's date

Example responses

200 Response

{
  "offset": 10,
  "limit": 1,
  "rows": [
    {
      "merchantId": "100039",
      "transactionDate": "2019-02-07",
      "assessmentCode": "01*",
      "lockBoxBatch": "020819GD004",
      "salesCount": 5,
      "salesAmount": 1356.54,
      "returnsCount": 1,
      "returnsAmount": 54.87,
      "cashAdvanceCount": 0,
      "cashAdvanceAmount": 0,
      "paymentCount": 0,
      "paymentAmount": 0,
      "prepaidDiscount": 0,
      "netAmount": 1356.54,
      "term": "GT6P",
      "OPCD": "string",
      "adjustment": "string",
      "reportDate": "2019-02-07",
      "createdAt": "2019-02-08T09:19:04.000Z",
      "bankSource": "1637_000"
    }
  ],
  "hasMore": true
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
offset integer The number of rows by which the data is offset
limit integer The limit on the number of rows
rows array An array of adjustments
hasMore boolean Will be true if there are more records not included in the current response



Was this section helpful?

Statements

Example request

curl -X get https://api.nexiopaysandbox.com/report/v3/statements \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /report/v3/statements

Returns all statements with a statementDate between the given start and end dates.

Parameters

Name Type Description
limit integer The number of statements to return
Default: 10
offset integer The offset. Used to view statements further along the list
startDate string The start date
Default: past 30 days
endDate string The end date
Default: today's date

Example responses

200 Response

{
  "offset": 10,
  "limit": 1,
  "rows": [
    {
      "id": 118740,
      "merchantId": "100039",
      "path": "statements/2019-02-28/923600001124503.pdf",
      "statementDate": "2019-02-28",
      "createdAt": "2019-03-01T16:56:29.000Z",
      "updatedAt": "2019-03-01T16:56:29.000Z"
    }
  ],
  "hasMore": true
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
offset integer The number of rows by which the data is offset
limit integer The limit on the number of rows
rows array An array of statements
hasMore boolean Will be true if there are more records not included in the current response



Was this section helpful?

Statement

Example request

curl -X get https://api.nexiopaysandbox.com/report/v3/statement/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /report/v3/statement/{id}

Returns information on a single PDF statement.

Parameters

Name Type Description
id
Required
string The statement ID

Example responses

200 Response

{
  "id": 118740,
  "merchantId": "100039",
  "path": "statements/2019-02-28/923600001124503.pdf",
  "statementDate": "2019-02-28",
  "createdAt": "2019-03-01T16:56:29.000Z",
  "updatedAt": "2019-03-01T16:56:29.000Z"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

PDF Reports

Statement Summary

Example request

curl -X get https://api.nexiopaysandbox.com/pdf/v3/statement \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /pdf/v3/statement

Returns a summary PDF statement.

Parameters

Name Type Description
date string The statement date
merchantId string The merchant ID

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Chargeback Dispute

Example request

curl -X get https://api.nexiopaysandbox.com/pdf/v3/dispute/{chargebackId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /pdf/v3/dispute/{chargebackId}

Returns a PDF of the chargeback dispute.

Parameters

Name Type Description
chargebackId
Required
string The chargeback ID

Example responses

200 Response

{}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Management API Reference

User Management

Who Am I

Example request

curl -X get https://api.nexiopaysandbox.com/user/v3/account/whoAmI \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /user/v3/account/whoAmI

Returns basic user information.

Example responses

200 Response

{
  "cognitoSub": "g52679a2-tan5-4a56-b6gc-2592aedd373e",
  "firstName": "John",
  "lastName": "Doe",
  "userName": "jdoe@yourwebsite.com",
  "accessRights": {
    "merchantIds": {
      "100039": "A"
    },
    "role": "A"
  },
  "dateLastModified": "2019-03-08T00:58:27.893Z",
  "dateCreated": "2018-09-27T14:27:39.626Z",
  "enabled": true,
  "phone": "15555555555",
  "notifications": false
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Edit Self

Example request

curl -X put https://api.nexiopaysandbox.com/user/v3/self \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "firstName": "John",
  "lastName": "Doe",
  "phone": "15709045023",
  "notifications": true
}'

PUT /user/v3/self

Updates user information.

Parameters

Name Type Description
firstName string The user's first name
lastName string The user's last name
phone string The user's phone number
notifications boolean Set to true to receive notifications

Example responses

200 Response

{
  "cognitoSub": "g52679a2-tan5-4a56-b6gc-2592aedd373e",
  "firstName": "John",
  "lastName": "Doe",
  "userName": "jdoe@yourwebsite.com",
  "accessRights": {
    "merchantIds": {
      "100039": "A"
    },
    "role": "A"
  },
  "dateLastModified": "2019-03-08T00:58:27.893Z",
  "dateCreated": "2018-09-27T14:27:39.626Z",
  "enabled": true,
  "phone": "15555555555",
  "notifications": false
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

User

Example request

curl -X get https://api.nexiopaysandbox.com/user/v3/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /user/v3/{id}

Returns user information based on the provided ID.

Parameters

Name Type Description
id
Required
integer The user ID

Example responses

200 Response

{
  "cognitoSub": "g52679a2-tan5-4a56-b6gc-2592aedd373e",
  "firstName": "John",
  "lastName": "Doe",
  "userName": "jdoe@yourwebsite.com",
  "accessRights": {
    "merchantIds": {
      "100039": "A"
    },
    "role": "A"
  },
  "dateLastModified": "2019-03-08T00:58:27.893Z",
  "dateCreated": "2018-09-27T14:27:39.626Z",
  "enabled": true,
  "phone": "15555555555",
  "notifications": false
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Create User

Example request

curl -X post https://api.nexiopaysandbox.com/user/v3/account \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "email": "newuser@nexiopay.com",
  "role": "A",
  "merchantIds": []
}'

POST /user/v3/account

Creates a new user.

Parameters

Name Type Description
role
Required
string The new user's role. Determines their level of access. Options are:
  • R: Read-Only, has the ability to view data.
  • W: Standard User, can perform actions on data such as void, refund process, etc.
  • A: Admin, has all the permissions of a standard user and can also create and edit other users.
merchantIds array The merchant IDs the new user will be able to access

Example responses

200 Response

{}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Merchants

Example request

curl -X get https://api.nexiopaysandbox.com/user/v3/account/merchants \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /user/v3/account/merchants

Returns a list of merchants.

Example responses

200 Response

{}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema




Was this section helpful?

Login

Example request

curl -X post https://api.nexiopaysandbox.com/user/v3/account/login \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "username": "newuser@nexiopay.com",
  "password": "password123"
}'

POST /user/v3/account/login

Retrieves authentication credentials based on username and password.

Parameters

Name Type Description
username
Required
string Your username
password
Required
string Your password

Example responses

200 Response

{
  "idToken": "erpdjuwicndjCZVRUUDB3OW4zR0tUWDHDPeuifjorZHNXOGltT01lUzllT0x0Z1dNeWNjPSIsImFsZyI6SJpeuNDJ890.eyJzdWIiOiJjNTE2ODlhMi1jY2M1LTRhNDYtYjZmYy0yNTkyYWVkZDM3M2QiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfODV3dzRpWFhSIiwiY3VzdG9tOmFjY291bnRJZCI6Ijc2ZmFjMWZlLTQ3N2EtNDE5NS1iNjgyLWI4NDU3NmQ0NmIwMSIsImNvZ25pdG86dXNlcm5hbWUiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIiwiYXVkIjoiMmlzcW83MW5rMGp0dW1nbGoyc20xNzNtczMiLCJldmVudF9pZCI6ImQ3ZGQwODY1LTRjZDYtMTFlOS04ZjY5LTdj83jfkimNGUzMCIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTUzMjgyMTI0LCJleHAiOj29djf8RH5uMjQsImN1c3RvbTphY2Nlc3NSaWdodHMiOiJ7XCJtZXJjaGFudElkc1wiOntcIjEwMDAzOVwiOlwiQVwifSxcInJvbGVcIjpcIkFcIn0iLCJpYXQiOjE1NTMyODIxMjQsImVtYWlsIjoibHJvYmxlZG9AY21zb25saW5lLmNvbSJ9.mTDBJTsUySj3TRaIaSoAoYVdCKXRfP4bUOkBHD4TZEI7XUlTnkw5hQH2CMIBPokk9fPW3r6LBg8uKlh8O82-sKLSCVmu5q8Fk2xHq2M66ARO5sWdgtEU6z612UdBlkMaxHRgld-iJqZi4YNW2fjeudisjeusP8_Cea45ET82JVOE0JyE5C1_iJX9pYpYHuHonwkojGxYWDzXdi-aieub0Jx1G7UM3k_DPE78-jQ5h63rVwSasdflkje93fj8347fn-j7DHeu7GOtNSX58GwIBUfgRfIVs8fs722KxSt0mGuCF_EpM--1Z31sUY4l2NLoNZ9_PcZicn5fQ",
  "accessToken": "209FJnubdIOiJKV1Qi120fjeuFBnNMPjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.c4z5ndXlUX9_ppRPqsADGJc0MUYIiQeap9eAdsmsUB06zw-4h9FfCQ3V3zKm5R6_itkm4eOp9B39GH-mEqtLDnMgT8ahBzYOrqZVkaKT27uv_daWdHOx_5edfFSMlW0ZKkCA-ushxGJ3IkUkDjNs7NJoxet-PZTCj_dAPksLLpF0NS49CsiMTdcKq5lV8KcmiYndIjD53326CuRYSjY6T8BcotvTQeFnIatga9xmnjnycJ-5agSy644md0LDazYuzSNWc-XFe8H2h0rteB88PALSoAkbUcLt0Zha99lzvM8Lt_gEVpC63-d4E57wNzGsfKkHgXPxJMOXC7G0-uUOig.91rZTJodVCsbYQSD.VR48mAibpb5zpeYWCsQzA0atP9Bg-pux6qSG8_U0tMOb6McUPyFW-jaRE7GqWlfrd2dSf32E2cigXB4wxQ3wXsT_CXwEj3ZwnvGlRCb6zN_CGKngMqzQKhK2TqBWQmAB_UJfVLIzRtkGM4cQJ81qE3RadfbPNtakyEizjvUyGfZofH5qrhZnFKZN0-bBKxGDj-0qcBHLNx3zx3BiH7xO97_LK5ILKj1uIyOmlaG4u8Wc3tNynBqunry07KzQ07XwCURnGU2ClFcgxQqi9-Mb0Rh97Bfh26-jD_YDCsxn7us-WK2OaYXzEp3-nwDGzQgeYJjZKq1mt9gbutnrcql3HsJ6PqbmAxSgkVkcYMGSx1IwVZWEE3mS-uQ_YkVxGiNNdGCrQgGu8ZFnhzeqAoZUOQYva1j6SsluRLJ_mfXngSJrAFc2vx1YWuHskbe4UCAjxP9BInqSe4Z0pOI4rxlMxHowop9HeINK1RDxjXWDVZK9zB7T6wBoKguuPTyVbV4yvTeJL6ReZ788SpctR9zJVhZ-TyMOIdxMQPRklEn9bKBJOtDJiKpPjykOOTnvNE70A38kzRnZUtRNLQ2s9BxecNfetGt_b59Lr3DtyJHFzr_BCY6Xo14t-S3IoPAoO3ult9xZ71E7kNvof0nMBXaLlJYdVVlRU3lnNy0Kx3_4DioxhM7KffHyXATH54hcVcpD2mf37484fhdjeifkVBNGH3TnJs3Z2sAggwgL2eM8gJUO-qatJjOQMORFjMgx-Dm4tFCJoNV3sUKF7y9nl_5a2GbhlyL-Uhr9Cr_OgltywbxAAtHoytvpt_absPIFdMwmDf0yDgy2RnktgPw8Um3o8pl-tmIEdqObjXNnchyNCaWffN95AeSRp7r1oS3y876y9Q_0XZPgu3bs1datZWKdAfjGgK_b1FR8MIlEuOb-eWQFYb76wdSVhdGuxWZ9WUMYS5fBGYipmaZqV-4o6e1j5h7s37HzUqd3E7pBMBp3fX0ISeh3uyazuiC_lTIamk7C4XwjwLaaQX1XpwF9vzkQe8fbfWTIeaJD8-bt2v3gEZDXaThi3IYoORwOF__rpmxnZXRkvD6l6L_I1iU8yGp1jyMS78OfclZYfLxMBHODYxEM2M6BiKeLW0a44jSeFVvO1qXoeVEGBgJ3dYcUi1UTkPVHWhFw_DPmHlywoev9muYXdiJgdqU1n24412345ty890qpert23iopaERfg6jklz-asBKtqzmSYkKXLNmn9dQfkPtBXP8mI0iawLemqePF68mFt6d8WTr0rrwzWs-IAQbUHEvkrRjJmQD0gnLVivBzSQg.dVaScnGeg9S2Y9x9-ru456",
  "refreshToken": "20fjaWQiOiJSJDOEIG10ZkZtN0Q5NkJ5fhue45dHYlFzNVk3OGRLYzkzcmFGMFJNeXRFPSIsImFsZySDFlJTMjU2In0.eyJzdWIiOiJjNTE2ODlhMi1jY2M1LTRhNDYtYjZmYy0yNTkyYWVkZDM3M2QiLCJldmVudF9pZCI6ImQ3ZGQwODY1LTRjZDYtMTFlOS04ZjY5LTNmYjhhNmNmNGUzMCIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiYXdzLmNvZ25pdG8uc2lnbmluLnVzZXIuYWRtaW4iLCJhdXRoX3RpbWUiOjE1NTMyODIxMjQsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xXzg1d3c0aVhYUiIsImV4cCI6MTU1MzI4NTcyNCwiaWF0IjoxNTUzMjgyMTI0LCJqdGkiOiJjZDJeplf2Ni0wM2RmLTQyNWQtOTEwMy03OGI2NWIzOTdmMDQiLCJjbGllbnRfaWQiOiIyaXNxbzcxbmswanR1bWdsajJzbTE3M21zMyIsInsjdiEElp%lIjoibHJvYmxlZG9AY21zb25saW5lLmNvbSJ9.S4tPwXF0lZjv1FmKvKPKhtex-9GDLN68cOkZYMJAq1nAnHytu3GZRdFJFJepti58SDR22NHoeNc4mDPI8Or27_u8HKZtQh8wPEGsxczTlVyY5-I6_xE-mzT9HaXRYwp5y--FNJyFJELP70ARA2TmzUEG10UB8zC_8gk6TI2zReiCkSwB7egS5uryfhdubuJ1pUmSOLx6q0DIUkviTB0febQ9kO9PnGJNTXjhdD5kn67I2OX0LBt4NM-GApDOPg0q2hgS2i5XH_dbaB12eOydiBvgLR38C-rk8dL-bqFsgrqQ-Aud-vX5NPlnXRXlax5ggAW5qQugSr3zdc5oNu--ag",
  "expiresIn": 3600
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Refresh

Example request

curl -X post https://api.nexiopaysandbox.com/user/v3/account/refresh \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "refreshToken": "jdoe@yourwebsite.com"
}'

POST /user/v3/account/refresh

Refreshes your credentials.

Parameters

Name Type Description
refreshToken
Required
string Your refresh token from the Login endpoint

Example responses

200 Response

{
  "idToken": "erpdjuwicndjCZVRUUDB3OW4zR0tUWDHDPeuifjorZHNXOGltT01lUzllT0x0Z1dNeWNjPSIsImFsZyI6SJpeuNDJ890.eyJzdWIiOiJjNTE2ODlhMi1jY2M1LTRhNDYtYjZmYy0yNTkyYWVkZDM3M2QiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfODV3dzRpWFhSIiwiY3VzdG9tOmFjY291bnRJZCI6Ijc2ZmFjMWZlLTQ3N2EtNDE5NS1iNjgyLWI4NDU3NmQ0NmIwMSIsImNvZ25pdG86dXNlcm5hbWUiOiJscm9ibGVkb0BjbXNvbmxpbmUuY29tIiwiYXVkIjoiMmlzcW83MW5rMGp0dW1nbGoyc20xNzNtczMiLCJldmVudF9pZCI6ImQ3ZGQwODY1LTRjZDYtMTFlOS04ZjY5LTdj83jfkimNGUzMCIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTUzMjgyMTI0LCJleHAiOj29djf8RH5uMjQsImN1c3RvbTphY2Nlc3NSaWdodHMiOiJ7XCJtZXJjaGFudElkc1wiOntcIjEwMDAzOVwiOlwiQVwifSxcInJvbGVcIjpcIkFcIn0iLCJpYXQiOjE1NTMyODIxMjQsImVtYWlsIjoibHJvYmxlZG9AY21zb25saW5lLmNvbSJ9.mTDBJTsUySj3TRaIaSoAoYVdCKXRfP4bUOkBHD4TZEI7XUlTnkw5hQH2CMIBPokk9fPW3r6LBg8uKlh8O82-sKLSCVmu5q8Fk2xHq2M66ARO5sWdgtEU6z612UdBlkMaxHRgld-iJqZi4YNW2fjeudisjeusP8_Cea45ET82JVOE0JyE5C1_iJX9pYpYHuHonwkojGxYWDzXdi-aieub0Jx1G7UM3k_DPE78-jQ5h63rVwSasdflkje93fj8347fn-j7DHeu7GOtNSX58GwIBUfgRfIVs8fs722KxSt0mGuCF_EpM--1Z31sUY4l2NLoNZ9_PcZicn5fQ",
  "accessToken": "209FJnubdIOiJKV1Qi120fjeuFBnNMPjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.c4z5ndXlUX9_ppRPqsADGJc0MUYIiQeap9eAdsmsUB06zw-4h9FfCQ3V3zKm5R6_itkm4eOp9B39GH-mEqtLDnMgT8ahBzYOrqZVkaKT27uv_daWdHOx_5edfFSMlW0ZKkCA-ushxGJ3IkUkDjNs7NJoxet-PZTCj_dAPksLLpF0NS49CsiMTdcKq5lV8KcmiYndIjD53326CuRYSjY6T8BcotvTQeFnIatga9xmnjnycJ-5agSy644md0LDazYuzSNWc-XFe8H2h0rteB88PALSoAkbUcLt0Zha99lzvM8Lt_gEVpC63-d4E57wNzGsfKkHgXPxJMOXC7G0-uUOig.91rZTJodVCsbYQSD.VR48mAibpb5zpeYWCsQzA0atP9Bg-pux6qSG8_U0tMOb6McUPyFW-jaRE7GqWlfrd2dSf32E2cigXB4wxQ3wXsT_CXwEj3ZwnvGlRCb6zN_CGKngMqzQKhK2TqBWQmAB_UJfVLIzRtkGM4cQJ81qE3RadfbPNtakyEizjvUyGfZofH5qrhZnFKZN0-bBKxGDj-0qcBHLNx3zx3BiH7xO97_LK5ILKj1uIyOmlaG4u8Wc3tNynBqunry07KzQ07XwCURnGU2ClFcgxQqi9-Mb0Rh97Bfh26-jD_YDCsxn7us-WK2OaYXzEp3-nwDGzQgeYJjZKq1mt9gbutnrcql3HsJ6PqbmAxSgkVkcYMGSx1IwVZWEE3mS-uQ_YkVxGiNNdGCrQgGu8ZFnhzeqAoZUOQYva1j6SsluRLJ_mfXngSJrAFc2vx1YWuHskbe4UCAjxP9BInqSe4Z0pOI4rxlMxHowop9HeINK1RDxjXWDVZK9zB7T6wBoKguuPTyVbV4yvTeJL6ReZ788SpctR9zJVhZ-TyMOIdxMQPRklEn9bKBJOtDJiKpPjykOOTnvNE70A38kzRnZUtRNLQ2s9BxecNfetGt_b59Lr3DtyJHFzr_BCY6Xo14t-S3IoPAoO3ult9xZ71E7kNvof0nMBXaLlJYdVVlRU3lnNy0Kx3_4DioxhM7KffHyXATH54hcVcpD2mf37484fhdjeifkVBNGH3TnJs3Z2sAggwgL2eM8gJUO-qatJjOQMORFjMgx-Dm4tFCJoNV3sUKF7y9nl_5a2GbhlyL-Uhr9Cr_OgltywbxAAtHoytvpt_absPIFdMwmDf0yDgy2RnktgPw8Um3o8pl-tmIEdqObjXNnchyNCaWffN95AeSRp7r1oS3y876y9Q_0XZPgu3bs1datZWKdAfjGgK_b1FR8MIlEuOb-eWQFYb76wdSVhdGuxWZ9WUMYS5fBGYipmaZqV-4o6e1j5h7s37HzUqd3E7pBMBp3fX0ISeh3uyazuiC_lTIamk7C4XwjwLaaQX1XpwF9vzkQe8fbfWTIeaJD8-bt2v3gEZDXaThi3IYoORwOF__rpmxnZXRkvD6l6L_I1iU8yGp1jyMS78OfclZYfLxMBHODYxEM2M6BiKeLW0a44jSeFVvO1qXoeVEGBgJ3dYcUi1UTkPVHWhFw_DPmHlywoev9muYXdiJgdqU1n24412345ty890qpert23iopaERfg6jklz-asBKtqzmSYkKXLNmn9dQfkPtBXP8mI0iawLemqePF68mFt6d8WTr0rrwzWs-IAQbUHEvkrRjJmQD0gnLVivBzSQg.dVaScnGeg9S2Y9x9-ru456",
  "refreshToken": "20fjaWQiOiJSJDOEIG10ZkZtN0Q5NkJ5fhue45dHYlFzNVk3OGRLYzkzcmFGMFJNeXRFPSIsImFsZySDFlJTMjU2In0.eyJzdWIiOiJjNTE2ODlhMi1jY2M1LTRhNDYtYjZmYy0yNTkyYWVkZDM3M2QiLCJldmVudF9pZCI6ImQ3ZGQwODY1LTRjZDYtMTFlOS04ZjY5LTNmYjhhNmNmNGUzMCIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiYXdzLmNvZ25pdG8uc2lnbmluLnVzZXIuYWRtaW4iLCJhdXRoX3RpbWUiOjE1NTMyODIxMjQsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xXzg1d3c0aVhYUiIsImV4cCI6MTU1MzI4NTcyNCwiaWF0IjoxNTUzMjgyMTI0LCJqdGkiOiJjZDJeplf2Ni0wM2RmLTQyNWQtOTEwMy03OGI2NWIzOTdmMDQiLCJjbGllbnRfaWQiOiIyaXNxbzcxbmswanR1bWdsajJzbTE3M21zMyIsInsjdiEElp%lIjoibHJvYmxlZG9AY21zb25saW5lLmNvbSJ9.S4tPwXF0lZjv1FmKvKPKhtex-9GDLN68cOkZYMJAq1nAnHytu3GZRdFJFJepti58SDR22NHoeNc4mDPI8Or27_u8HKZtQh8wPEGsxczTlVyY5-I6_xE-mzT9HaXRYwp5y--FNJyFJELP70ARA2TmzUEG10UB8zC_8gk6TI2zReiCkSwB7egS5uryfhdubuJ1pUmSOLx6q0DIUkviTB0febQ9kO9PnGJNTXjhdD5kn67I2OX0LBt4NM-GApDOPg0q2hgS2i5XH_dbaB12eOydiBvgLR38C-rk8dL-bqFsgrqQ-Aud-vX5NPlnXRXlax5ggAW5qQugSr3zdc5oNu--ag",
  "expiresIn": 3600
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Merchant Service

Merchants By ID

Example request

curl -X get https://api.nexiopaysandbox.com/merchant/v3 \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /merchant/v3

Returns an array of merchants and their details. If no merchant IDs are provided a full merchant list will be returned.

Parameters

Name Type Description
merchantIds string The merchant IDs

Example responses

200 Response

{
  "merchantId": "100039",
  "name": "John Doe LLC",
  "currencyId": "840",
  "kountMerc": "717000",
  "isPaymentConfigured": true,
  "createdAt": "2018-05-16T16:33:22.000Z",
  "updatedAt": "2019-03-06T15:18:21.000Z",
  "processor": {}
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized



Was this section helpful?

Dev Tools API Reference

Webhook Service

Merchant Configuration

Example request

curl -X get https://api.nexiopaysandbox.com/webhook/v3/config/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /webhook/v3/config/{id}

Returns a merchant's webhook configuration.

Parameters

Name Type Description
id
Required
string The merchant ID

Example responses

200 Response

{
  "dateCreated": "2019-03-22T16:58:51.957Z",
  "webhooks": {
    "TRANSACTION_AUTHORIZED": {
      "url": "https://your-company-webhook-url-here.com"
    },
    "TRANSACTION_CAPTURED": {
      "url": "https://your-company-webhook-url-here.com"
    }
  },
  "merchantName": "My Company",
  "dateLastModified": "2019-04-04T18:54:58.011Z",
  "merchantId": "100039"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
dateCreated string The date and time the configuration was created
webhooks object none
merchantName string The merchant's name
dateLastModified string The date and time the configuration was last modified
merchantId string The merchant ID



Was this section helpful?

Configure Merchant

Example request

curl -X post https://api.nexiopaysandbox.com/webhook/v3/config \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "merchantId": "100039",
  "webhooks": {
    "TRANSACTION_AUTHORIZED": {
      "url": "https://your-company-webhook-url-here.com"
    }
  }
}'

POST /webhook/v3/config

Configures URLs for a merchant's webhooks to be sent.

Parameters

Name Type Description
merchantId
Required
string The merchant ID to configure the webhook service
webhooks
Required
object none

Example responses

200 Response

{
  "merchantId": "100039",
  "webhooks": {
    "TRANSACTION_AUTHORIZED": {
      "url": "https://your-company-webhook-url-here.com"
    },
    "TRANSACTION_CAPTURED": {
      "url": "https://your-company-webhook-url-here.com"
    }
  },
  "dateLastModified": "2019-04-04T18:54:58.011Z",
  "dateCreated": "2019-03-22T16:58:51.957Z"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
merchantId string The merchant ID
webhooks object none
dateLastModified string The date and time the configuration was last modified
dateCreated string The date and time the configuration was created



Was this section helpful?

Merchant Secret

Example request

curl -X get https://api.nexiopaysandbox.com/webhook/v3/secret/{id} \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'

GET /webhook/v3/secret/{id}

Returns the merchant secret to be used in webhooks.

Parameters

Name Type Description
id
Required
string The merchant ID

Example responses

200 Response

{
  "secret": "446946d5-bdd9-48c7-9504-0459d19c08e5"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
secret string The merchant secret to be used in verifying the webhook's signature



Was this section helpful?

Create Merchant Secret

Example request

curl -X post https://api.nexiopaysandbox.com/webhook/v3/secret \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Basic <Your Basic Auth>'
  -d '{
  "merchantId": "100039"
}'

POST /webhook/v3/secret

Creates a merchant secret to be used in webhooks.

Parameters

Name Type Description
merchantId
Required
string The merchant ID to configure the webhook service

Example responses

200 Response

{
  "secret": "446946d5-bdd9-48c7-9504-0459d19c08e5"
}

Responses

Status Meaning Description
200 OK Success
401 Unauthorized Unauthorized

Response Schema

Status Code 200

Name Type Description
secret string The merchant secret to be used in verifying the webhook's signature



Was this section helpful?