Skip to content
Guides
API Only (Server to Server)

API Only (Server to Server)

With API Only, platforms/merchants can access the Unipaas Pay-in functionalities to enable single payments, create tokens, create 3DS payments, recurring payments, and more. All these calls require the caller to have a secret key (Private_Key).

You can find instructions on how to get the private key here.

Use this API to build your own payment form and have complete control over your checkout page’s look and feel.

To create a simple payment you need the card and the shopper’s information (email and country). After the shopper submits their payment details on your checkout page, you need to make a payment request to Unipaas.

From your server make an POST /pay-ins request specifying:

Parameter name

Required

Description

Type

amount

Yes

The value of the payment

Number

currency

Yes

The currency of the payment

String

orderId

Yes

Your unique reference for this payment

String

paymentOption

Yes

Buyer’s payment option details (Object)

Object

consumer.email

Yes

Buyer’s email address

String

consumer.country

Yes

Buyer’s country code, ISO 2 letters

String

transactionType

No

Values: Auth or Sale. The default is Sale. Use Auth in cases where you want to separate between the Authorization step and capture (read more here)

String

curl --location --request POST 'https://sandbox.unipaas.com/platform/pay-ins' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer --YOUR_PRIVATE_KEY--' \
--data-raw '{
"amount": 50,
"currency": "EUR",
"platformOrderId": "13323",
"paymentOption": {
"paymentOptionType": "Card",
"cardAccount": {
"nameOnCard": "test shopper",
"expYear": "23",
"expMonth": "10",
"number": "4000023104662535",
"securityCode": "132",
"externalMpi": {
"eci": "2",
"cavv": "ejJRWG9SWWRpU2I1M21DelozSXU="
}
}
},
"consumer": {
"email": "david@unipaas.com",
"country": "GB"
},
"metadata": {
"CustomerID": "457349"
}
}'

The following example shows the POST /pay-ins response:

{
"status": "Approved",
"authorizationId": "608682347e445aaa7ccd7a61",
"authorizationStatus": "Captured",
"transactionId": "608682347e445aaa7ccd7a64",
"paymentOption": {
"paymentOptionId": "608682367e445aaa7ccd7a65",
"bin": "400002",
"brand": "VISA",
"last4digits": "2535",
"cardType": "Credit",
"expMonth": "10",
"expYear": "23"
},
"sellerIdentity": "6076ebff0f11f7d98514c4da",
"currency": "EUR",
"transactionAmount": 50,
"declineCode": "0",
"threeD": {
"result": "",
"challengePreferenceReason": "12",
"whiteListStatus": "",
"threeDreasonId": "",
"eci": "2",
"xid": ""
},
"processor": {
"processorAuthCode": "111216",
"processorTransactionId": "1110000000013512555",
"processorErrorCode": 0
},
"items": [],
"orderId": "13323",
"metadata": {
"CustomerID": "457349"
}
}

Parameter name

Description

authorizationStatus

The status of the Authorization.
Learn more about Authorization Object

authorizationId

The Authorization ID

transactionId

The Transaction ID

paymentOption

Payment option Object (which contain mask card data)

sellerIdentity

The Vendor ID

orderId

Your Reference ID

amount

The amount of the payment

currency

The currency of the payment

processor

The processor Object. This Object contains the information from the acquirer for the specific payment

You can use this functionality when you want to store the shopper’s card details for future use or as part of a Recurring Payment flow.

Card schemes often insist on sending a zero-authorization transaction (amount=0) before allowing card credentials to be stored for future use.

In Europe the card schemes require the completion of Strong Authentication Validation (3D SECURE 2) for each zero-authorization request. As 3D secure flow implementation involves both client, and server side, we thoroughly recommend you to use our Web SDK Store Card flow Store Card instead of implementing it on your own.

If you still want to use the API Only flow, you should follow the 3D Secure guide with the following changes in the request:

Field

Value

Type

amount

0

Number

currency

EUR

String

transactionType

Auth

String

The response includes the PaymentOptionId field - this is the token of the card and you should keep it for future use.

As described in the previous section, the paymentOptionId is the token of the card. You should send it instead of the paymentOption object.

Parameter name

Required

Description

Type

amount

Yes

The value of the payment

Number

currency

Yes

The currency of the payment

String

orderId

Yes

Your unique reference for this payment

String

paymentOptionId

Yes

The token of the card

String

consumer.email

Yes

The shopper email address

String

consumer.country

Yes

The shopper’s country code. ISO 2 letters

String

transactionType

No

Values: Auth or Sale. The default is Sale. Use Auth in cases where you want to separate between the Authorization step and capture (read more here)

String

To take in-person, card-present payments through a Unipaas POS terminal, see Terminal Payments.