Note: REST API /v1 implementation. The implementation is supported for existing merchants only.

Please integrate REST API /v2

Paygate REST API enables you to process and manage payments using a variety of payment methods. The API accepts and returns JSON in the HTTP body and returns standard HTTP response codes. The API is built based on REST principles, ensuring that it is a well defined, easy to understand and predictable API.

Introduction

Depending on the platform on which your Computop MerchantID is located and configured, it is possible to process payments via our productive Computop Paygate using URL https://www.computop-paygate.com/ or to use our dedicated test system. Computop Sales will be happy to enable these functions for you when necessary.

In contrast to the productive environment, the Computop Paygate test system can be accessed via its own test URL https://test.computop-paygate.com/.

The Computop Paygate test system is a dedicated environment with its own server infrastructure. This means that payments are processed outside the productive Computop environment on a separate platform.
Merchants can thus ensure that payments are processed on a dedicated IT instance for testing purposes.

Security

Paygate REST API is maximally secure while being easy to implement. API is not duplicating equivalent safety measures and not sending sensitive information when it’s not required. End-to-end safety on the transport level is guaranteed by the HTTPS-requirement, so there is no need to encrypt the data itself again.

Paygate REST API only supports TLS 1.2 (or higher). Connection is not possible when using a lower version. HTTPS mitigates packet sniffing and timing & replay attacks. Thanks to HTTPS, data exchanged is protected and guaranteed to be authentic. HTTPS implements hashed signatures, nonces and other tried and tested cryptographic safeties.

When using Paygate payment forms, all sensitive payment information is entered into our PCI DSS certified platform.

Authentication

Paygate REST API offers two ways of Authentication.

HTTP Basic Authentication

Paygate REST API uses HTTP Basic Authentication as authentication method. Your merchantId serves as "username" and your API key as "password".

Both values will be shared with you during your merchant account creation. Your system sends HTTP requests with the authorization header that contains the word Basic followed by a space and a base64-encoded string username:password.

Request

curl --request POST \
  --url https://test.computop-paygate.com/api/v1/payments \
  --header 'authorization: Basic base64-encoded string username:password' \
  --header 'content-type: application/json'

Parameters

OAuth 2

Paygate REST API supports the Client Credentials Flow, which involves an application exchanging its application credentials, such as client ID (your merchantId) and client secret (your API key), for an access token.

Tokens are requested towards Token URL: https://www.computop-paygate.com/authorization/oauth/token using standardized framework: https://auth0.com/docs/get-started/authentication-and-authorization-flow/call-your-api-using-the-client-credentials-flow

Sequence Diagram

Request

curl --request POST \
  --url 'https://www.computop-paygate.com/authorization/oauth/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id=YOUR_merchantId \
  --data client_secret=YOUR_API_key

Parameters

Response

{
  "access_token":"eyJz93a...k4laUWw",
  "token_type":"Bearer",
  "expires_in":3599
}

Calling REST API

To call Paygate REST API, your application must pass the retrieved access token as a Bearer token in the Authorization header of your HTTP request.

curl --request POST \
  --url https://test.computop-paygate.com/api/v1/payments \
  --header 'authorization: Bearer ACCESS_TOKEN' \
  --header 'content-type: application/json'

Open API specification

You can find our Open API specification here: https://app.swaggerhub.com/apis-docs/Computop/Paygate_REST_API