REST API enables you to process and manage payments using a variety of payment methods. The API accepts and returns JSON in the HTTP body and returns standard HTTP response codes. The API is built based on REST principles, ensuring that it is a well defined, easy to understand and predictable API. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
Security
REST API is maximally secure while being easy to implement. API is not duplicating equivalent safety measures and not sending sensitive information when it’s not required. End-to-end safety on the transport level is guaranteed by the HTTPS-requirement, so there is no need to encrypt the data itself again. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
REST API only supports TLS 1.2 (or higher). Connection is not possible when using a lower version. HTTPS mitigates packet sniffing and timing & replay attacks. Thanks to HTTPS, data exchanged is protected and guaranteed to be authentic. HTTPS implements hashed signatures, nonces and other tried and tested cryptographic safeties. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
When using
payment forms, all sensitive payment information is entered into our PCI DSS certified platform. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
Authentication
REST API offers two ways of Authentication Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
HTTP Basic Authentication
REST API uses HTTP Basic Authentication as authentication method. Your merchantId serves as "username" and your API key as "password". Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
Both values will be shared with you during your merchant account creation. Your system sends HTTP requests with the authorization header that contains the word Basic followed by a space and a base64-encoded string username:password.
Request
Code Block |
---|
curl --request POST \ --url https://test.computop-paygate.com/gateway/v1/payments \ --header 'authorization: Basic base64-encoded string username:password' \ --header 'content-type: application/json' |
Parameters
Parameter Name | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|
username | Your | ||||||||
password | Your |
OAuth2
REST API supports the Client Credentials Flow, which involves an application exchanging its application credentials, such as client ID (your merchantId) and client secret (your API key), for an access token. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
Tokens are requested towards Token URL: https://test.computop-paygate.com/auth/oauth/token using standardized framework: https://auth0.com/docs/get-started/authentication-and-authorization-flow/call-your-api-using-the-client-credentials-flow
Sequence Diagram
Multiexcerpt | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
|
Request
Code Block | ||
---|---|---|
| ||
curl --request POST \ --url 'https://test.computop-paygate.com/auth/oauth/token' \ --header 'content-type: application/x-www-form-urlencoded' \ --data grant_type=client_credentials \ --data client_id=YOUR_merchantId \ --data client_secret=YOUR_API_key |
Parameters
Parameter Name | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|
grant_type | Set this to "client_credentials". | ||||||||
client_id | Your | ||||||||
client_secret | Your |
Response
Code Block | ||
---|---|---|
| ||
{ "access_token":"eyJz93a...k4laUWw", "token_type":"Bearer", "expires_in":3599 } |
Calling REST API
To call
REST API, your application must pass the retrieved access token as a Bearer token in the Authorization header of your HTTP request. Multiexcerpt include SpaceWithExcerpt EN MultiExcerptName Platform-Kurz PageWithExcerpt Wording
Code Block |
---|
curl --request POST \ --url https://test.computop-paygate.com/gateway/v1/payments \ --header 'authorization: Bearer ACCESS_TOKEN' \ --header 'content-type: application/json' |
Swagger
You can find our Open API specification here: https://app.swaggerhub.com/apis-docs/Computop/Paygate_REST_API/0.3#