This document provides technical specifications for processing financial transactions through Paysafe PaymentXP gateway. We have written this specifically for web designers and professionals who design, implement and support the intended systems. We use HTTPS POST to transmit and receive data.
Please explore our payment gateway through our demonstration account with given test credentials.
To verify your transactions processed successfully, log on to the Payment XP gateway at www.paymentxp.com. The credentials are below.
Disclaimer: If you process live activity with the gateway mode to ‘test’, everything will appear as normal however, none of the activity will be sent to the processor. Please be sure mode is updated to ‘LIVE’ when ready.
Notes: Activity will NOT reach the processor(s) in test mode or pre-production environments. Some functionality may be limited such as, but not limited to, credit transactions, real-time processor responses, etc.
Test values can be used with the pre-production demo account OR the merchant’s account in test mode.
Test transactions can be submitted with the following information:
A sale can be created in many ways: either by charging a credit card, or debiting from an account using the ACH System.
This operation will charge the credit card. This method performs both authorization and capture into one operation.
Credit Card Charge Example: (C#)
File: Default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <P> This sample code is designed to generate a post using PaymentXP's Web Host Interface. Response will be displayed on the screen after post method. </P> <br /> <h3>Response:</h3> <asp:Label ID="lblResponse" runat="server" Text=""></asp:Label> </div> </form> </body> </html>
File: Default.aspx.cs
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","CreditCardCharge"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("CardNumber","4111111111111111"); prms.Add("ExpirationDateMMYY","0115"); prms.Add("TransactionAmount", "19.99"); prms.Add("BillingNameFirst", "John"); prms.Add("BillingNameLast","Doe"); prms.Add("BillingFullName","John Doe"); prms.Add("BillingAddress","455 Abc Street"); prms.Add("BillingZipCode","92708"); prms.Add("BillingCity","Santa Ana"); prms.Add("BillingState","CA"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
Credit Card Charge Example: (Python)
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "CardNumber":'4111111111111111', "ExpirationDateMMYY":'0615', "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionAmount":'2.34', "TransactionType":'CreditCardCharge', "BillingFirstName":"john", #optional "BillingLastName":"smith", #optional "BillingFullName":"john smith", #optional "BillingZipCode":"90210", #optional }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
Credit Card Charge Example: (PHP)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "CreditCardCharge", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "CardNumber" => "4111111111111111", "ExpirationDateMMYY" => "0115", "TransactionAmount" => "19.99", "BillingNameFirst" => "John", "BillingNameLast" => "Doe", "BillingFullName" => "John Doe", "BillingAddress" => "455 Abc Street", "BillingZipCode" => "92708", "BillingCity" => "Santa Ana", "BillingState" => "CA", ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
Related Functions:
ACH Debit Example: (C#)
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","ACHDebit"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("RoutingNumber","123456780"); prms.Add("Amount", "19.99"); prms.Add("ProcessDate", "12152015"); prms.Add("Description", "Test Trans"); prms.Add("BankAccountType", "1"); prms.Add("ACHCheckType", "1"); prms.Add("AccountNumber", "123456"); prms.Add("AccountName", "John Smith"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
Ach Debit Example: (Python)
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "TransactionType":"ACHDebit", "MerchantID":"10012", "MerchantKey":"69711A34-5B4C-49E3-816D-F3840004F0D7", "RoutingNumber":"123456780", "Amount":"19.99", "ProcessDate":"12152015", "Description":"Test Trans", "BankAccountType":"1", "ACHCheckType":"1", "AccountNumber":"123456", "AccountName":"John Smith", }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['1']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "ACHDebit", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "RoutingNumber" => "123456780", "Amount" => "19.99", "ProcessDate" => "12152015", "Description" => "Test Trans", "BankAccountType" => "1", "ACHCheckType" => "1", "AccountNumber" => "123456", "AccountName" => "John Smith" ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
You can refund the entire amount of the original transaction, or a partial amount.
Credit Card Refund Example: (C#)
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card refund Hashtable prms = new Hashtable(); prms.Add("TransactionType","CreditCardCredit"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("ReferenceNumber","testref"); prms.Add("TransactionAmount", "19.99"); prms.Add("TransactionID","1000000"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
Credit Card Capture Example: (Python)
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "ReferenceNumber":'testref', "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionAmount":'19.99', "TransactionType":'CreditCardCredit', "TransactionID":"1000000", }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
Credit Card Capture Example: (PHP)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "ReferenceNumber" => "testref", "TransactionAmount" => "19.99", "TransactionID" => "1000000", "TransactionType" => "CreditCardSettle" ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
Creates a new customer in the Customer Vault.
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","AddCustomer"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("CardNumber","4111111111111111"); prms.Add("CardExpirationDate","0115"); prms.Add("AccountNumber","123456789"); prms.Add("CustomerName","Test Name"); prms.Add("RoutingNumber","123465780"); prms.Add("CustomerID","JaneSmith123"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "CardNumber":'4111111111111111', "ExpirationDateMMYY":'0615', "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionType":'AddCustomer', "CustomerName":'Kate Smith', "CustomerID":'KateSmith123', "AccountNumber":'123456', "RoutingNumber":'12346780', }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "AddCustomer", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "CardNumber" => "4111111111111111", "CardExpirationDate" => "0115", "RoutingNumber" => "123456780", "AccountNumber" => "123456", "CustomerID" => "Doe", "CustomerName" => "John Doe", ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
Create transactions from saved customers stored in the Customer Vault.
Charge Customer Credit Card Example: (C#)
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","AddCustomerCCCharge"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("TransactionAmount", "19.99"); prms.Add("CustomerID", "TestCustomer"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
Charge Customer Credit Card Example: (Python)
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionAmount":'2.34', "TransactionType":'AddCustomerCCCharge', "CustomerID":"TestCustomer", }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
Charge Customer Credit Card Example: (PHP)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "AddCustomerCCCharge", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "TransactionAmount" => "3.44", "CustomerID" => "TestCustomerID", ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
Create recurring transactions
Add Recurring Credit Card Charge: (C#)
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","CreditCardRecurringCharge"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("TransactionAmount", "19.99"); prms.Add("StartDate", "01012014"); prms.Add("WeekOption", "0"); prms.Add("WeekdayOption", "0"); prms.Add("OccurenceOption", "2"); prms.Add("MonthOfYearOption", "1"); prms.Add("MonthlyOption", "1"); prms.Add("DayOfMonthOption", "05"); prms.Add("CardNumber", "4111111111111111"); prms.Add("ExpirationDateMMYY", "1216"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
Add Recurring Credit Card Charge: (Python)
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # set parameters params = urllib.urlencode({ "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionAmount":'2.34', "TransactionType":'CreditCardRecurringCharge', "StartDate":"01012014", "WeekOption":"0", "WeekdayOption":"0", "OccurenceOption":"2", "MonthOfYearOption":"1", "MonthlyOption":"1", "DayOfMonthOption":"05", "CardNumber":"4111111111111111", "ExpirationDateMMYY":"1216", }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
Add Recurring Credit Card Charge: (PHP)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "CreditCardRecurringCharge", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "TransactionAmount" => "2.33", "StartDate" => "01012014", "WeekOption" => "0", "WeekdayOption" => "0", "OccurenceOption" => "2", "MonthOfYearOption" => "1", "MonthlyOption" => "1", "DayOfMonthOption" => "05", "CardNumber" => "4111111111111111", "ExpirationDateMMYY" => "1216", ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
You should use a token whenever you want to process a transaction, but don't want to handle the sensitive data on your servers.
You'll want to use a Token for all transactions if you want to remove yourself from PCI Scope.
Meritus.js is the jQuery library that sends the sensitive information to Paysafe, and returns back a single use Token for processing.
NOTE: The token will expire in 20 minutes after initialization.
Meritus.js is no longer supported by Paysafe. Although it is still functional, we recommend all new and existing customers use our PaysafePXP.js product.
PaysafePXP.js is the jQuery library that sends the sensitive information to Paysafe, and returns back a single use Token for processing.
Processing a Credit Card transaction with tokens requires the following steps:
Step 1) Collect sensitive information and use Meritus.js to convert that information into a Token (client side)
<!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8" /> <title>Meritus Credit Card Token sample</title> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script> <script type="text/javascript" src="https://webservice.paymentxp.com/js/Meritus.js"></script> <script type="text/javascript"> $(document).ready(function () { // attaches a function to the submit event on the form $("#form1").submit(function (event) { // disable button to prevent multiple clicks $('.submit-button').attr("disabled", "disabled"); // create token Meritus.createToken({ merchantid: $('.merchantid').val(), cardnumber: $('.cardnumber').val(), cvv2: $('.cvv2').val(), expmonth: $('.expmonth').val(), expyear: $('.expyear').val() }, meritusResponseHandler); // prevent default action. return false; }); // this is the callback function that Meritus.createToken() calls after creating the token function meritusResponseHandler(token, statusid) { if (statusid != "0") { // show the errors on the form alert("Error: StatusID: " + statusid); // enable button so you can process again. $(".submit-button").removeAttr("disabled"); } else { // locate our form var myform = $("#form1"); // insert our token into our form. we'll be using this to process the transaction myform.append("<input type='hidden' name='Token' value='" + token + "'/>"); // for debugging $("#mytoken").text(token); // submit the form myform.get(0).submit(); } } }); </script> </head> <body> <form id="form1" > <div> <div> <label>MerchantID</label> <!-- This is the merchantid issued to you from Meritus. Use 10012 for testing. --> <input type="text" class="merchantid" value="10012" /> </div> <div> <label>Card Number</label> <!-- notice that there are no "name" attributes. this ensures that these sensitive values are never communicated back to your server on postback --> <input type="text" size="20" autocomplete="off" value="4242424242424242" class="cardnumber" /> </div> <div> <label>CVV2</label> <input type="text" size="4" autocomplete="off" value="123" class="cvv2" /> </div> <div> <label>Expiration (MM/YY)</label> <input type="text" size="2" class="expmonth" value="01" /> <span>/ </span> <input type="text" size="4" class="expyear" value="15" /> </div> <button type="submit" class="submit-button"> Submit Payment </button> </div> <!-- for debugging --> <div id="mytoken"></div> </form> </body> </html>
Step 1) Collect sensitive information and use PaysafePXP.js to convert that information into a Token (client side)
<!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8" /> <title>Meritus Credit Card Token sample</title> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script> <script type="text/javascript" src="https://webservice.paymentxp.com/js/PaysafePXP.js"></script> <script type="text/javascript"> $(document).ready(function () { // attaches a function to the submit event on the form $("#form1").submit(function (event) { // disable button to prevent multiple clicks $('.submit-button').attr("disabled", "disabled"); // create token Paysafe.createToken({ merchantid: $('.merchantid').val(), cardnumber: $('.cardnumber').val(), cvv2: $('.cvv2').val(), expmonth: $('.expmonth').val(), expyear: $('.expyear').val() }, paysafePXPResponseHandler); // prevent default action. return false; }); // this is the callback function that Meritus.createToken() calls after creating the token function paysafePXPResponseHandler(token, statusid) { if (statusid != "0") { // show the errors on the form alert("Error: StatusID: " + statusid); // enable button so you can process again. $(".submit-button").removeAttr("disabled"); } else { // locate our form var myform = $("#form1"); // insert our token into our form. we'll be using this to process the transaction myform.append("<input type='hidden' name='Token' value='" + token + "'/>"); // for debugging $("#mytoken").text(token); // submit the form myform.get(0).submit(); } } }); </script> </head> <body> <form id="form1" > <div> <div> <label>MerchantID</label> <!-- This is the merchantid issued to you from Paysafe. Use 10012 for testing. --> <input type="text" class="merchantid" value="10012" /> </div> <div> <label>Card Number</label> <!-- notice that there are no "name" attributes. this ensures that these sensitive values are never communicated back to your server on postback --> <input type="text" size="20" autocomplete="off" value="4242424242424242" class="cardnumber" /> </div> <div> <label>CVV2</label> <input type="text" size="4" autocomplete="off" value="123" class="cvv2" /> </div> <div> <label>Expiration (MM/YY)</label> <input type="text" size="2" class="expmonth" value="01" /> <span>/ </span> <input type="text" size="4" class="expyear" value="15" /> </div> <button type="submit" class="submit-button"> Submit Payment </button> </div> <!-- for debugging --> <div id="mytoken"></div> </form> </body> </html>
Step 2) Use that token to process the transaction (server side)
Credit Card Charge Example: (.Net)
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Collections; using System.Net; using System.IO; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; string token = Request["Token"]; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType","CreditCardCharge"); prms.Add("MerchantID","10012"); prms.Add("MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("Token","token"); prms.Add("TransactionAmount", "19.99"); prms.Add("BillingNameFirst", "John"); prms.Add("BillingNameLast","Doe"); prms.Add("BillingFullName","John Doe"); prms.Add("BillingAddress","455 Abc Street"); prms.Add("BillingZipCode","92708"); prms.Add("BillingCity","Santa Ana"); prms.Add("BillingState","CA"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } }
import httplib import urllib import urlparse # establish connection conn = httplib.HTTPSConnection('webservice.paymentxp.com', 443) # NOTE: this all depends on your framework. token = request.POST.get['token'] # set parameters params = urllib.urlencode({ "Token":token, "MerchantID":'10012', "MerchantKey":'69711A34-5B4C-49E3-816D-F3840004F0D7', "TransactionAmount":'2.34', "TransactionType":'CreditCardCharge', "BillingFirstName":"john", #optional "BillingLastName":"smith", #optional "BillingFullName":"john smith", #optional "BillingZipCode":"90210", #optional }) # set headers headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", "Content-Length": "%d"%(len(params))} # post request conn.request("POST", '/wh/webhost.aspx', params, headers) # retrieve response resp = conn.getresponse() if resp.status == 200 and resp.reason == "OK": # parse return value into dictionary resp_dict = urlparse.parse_qs(resp.read(), True) if str(resp_dict["StatusID"]) == "['0']": print "good" # transaction good! else: print "bad" # invalid transaction, handle accordingly conn.close() else: # could not connect print "could not connect"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <?PHP // Post URL $postURL = "https://webservice.paymentxp.com/wh/webhost.aspx"; $token = $_REQUEST['token']; //Set Post Array $postArray = array ( //Post Parameters "TransactionType" => "CreditCardCharge", "MerchantID" => "10012", "MerchantKey" => "69711A34-5B4C-49E3-816D-F3840004F0D7", "Token" => $token, "TransactionAmount" => "19.99", "BillingNameFirst" => "John", "BillingNameLast" => "Doe", "BillingFullName" => "John Doe", "BillingAddress" => "455 Abc Street", "BillingZipCode" => "92708", "BillingCity" => "Santa Ana", "BillingState" => "CA", ); //Generate post String $postString = ""; foreach( $postArray as $key => $value ) { $postString .= "$key=" . urlencode( $value ) . "&"; } $postString = rtrim( $postString, "& " ); // This sample code uses the CURL library for php to establish an HTTP POST // To find out if Curl is enabled. Include code below on your page. Then searh for the word Curl. // <?php phpinfo(); ?> $request = curl_init($postURL); // Initiate curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $postString); //HTTP POST curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $post_response = curl_exec($request); // Execute curl_close ($request); // Close //Write reponse echo $post_response ?> </BODY> </HTML>
This document provides technical specifications for processing financial transactions through Paysafe PaymentXP Gateway Host by interfacing with the Gateway API.
The audiences of this document are for business analysts and software programmers who design, implement, and support the intended system.
Gateway API is a server side application that provides a direct link to the Paysafe PaymentXP Gateway Host. All communications between the client machines and the Gateway API takes place over a Hypertext Transfer Protocol (HTTP) over a 128-bit Secure Socket Layer (HTTPS) on the Internet. Any device or platform with the ability to originate an HTTPS connection can perform financial transactions through the Gateway API.
The request is constructed using name/value pairs as defined per transaction type. The response received would also be in name/value pairs as defined per transaction type.
Description: This method returns a Token that can be used to perform various credit card transactions through the functions below. The Token will replace the values passed in the GetToken method to be used with these functions.
Resource Url: https://webservice.paymentxp.com/wh/GetToken.aspx
Method: POST
Description: GetToken for ACH Transactions
Description: GetToken for Payment Hosted
Description: GetToken for Customer Hosted
Description: This method authorizes a credit card transaction by requesting an authorization number from the card issuer. An approved authorization means that the transaction dollar amount has been reserved for usage but not yet deducted from the cardholder’s account. Funds are not settled (transferred to the merchant) until the CreditCardSettle() method is called using the authorization number returned by this method.
Resource Url: https://webservice.paymentxp.com/wh/WebHost.aspx
Description: This method captures (transfers to the merchant) a transaction previously authorized with the Authorize() method. Captured transactions are scheduled for settlement at the determined batch time.
Description: This method performs both authorization and settlement into one operation.
Description: This method credits a credit card account with an originating Settle or Charge transaction. The credit is based on a prior transaction performed through either CreditCardSettle() or CreditCardCharge().
Description: This method cancels a previously completed Authorization or Charge transaction. A transaction that has already been settled using the CreditCardSettle() method cannot be voided, but instead do perform a Credit on the account.
Description: This method cancels a previously completed/authorized Credit transaction. A Credit transaction that has already been authorized for settlement using the CreditCardCredit() method but not yet submitted for settlement, cannot be voided but instead perform a CreditCardCreditReversal to reverse the amount.
Description: This method modifies the Transaction Amount of a previously processed CreditCardCharge(), CreditCardAuthorization(), or AddCustomerCCCharge(). This method can be used to modify the captured amount up to the original Transaction Amount. To Adjust over the original Transaction Amount, contact your Integration Specialist for more details.
Description: This method creates a credit card transaction for settlement by with an offline authorization number from the card issuer. An approved authorization through other means is required to be submitted.
Description: This method credits a credit card without the need of an originating Sales Transaction. Contact your Integration Specialist for more details.
Description: This method can only be used when the settlement time is set to MANUAL. This method will initiate a batch closure and schedule the batch for settlement. Contact your Integration Specialist for more details.
Description: This method creates a credit card charge transaction from a customer record.
Description: Use this method to let Paysafe perform collection of sensitive credit card information on our secure servers.
Resource Url: https://webservice.paymentxp.com/wh/EnterPayment.aspx
Description: Use this method to re-process a historical transaction.
Description: This method schedules a credit card charge via a recurring payment. In most cases, CreditCardRebill() Method is preferred.
Description: This method updates an existing recurring rule in the database.
Description: This method retrieves a credit card transaction record from the database.
To use this interface option, all transaction data must be correctly formatted and saved in a batch file. Batch files can be formatted as comma-delimited. Our program polls the FTP directories every fifteen minutes to look for files that have been uploaded for processing.
FTP
Upon request, we will issue you a test account for development and testing. Once you’ve been certified, a production account will be created for you. The certification process includes the following steps:
All files sent to us via SFTP shall be encrypted using PGP. Please contact us to obtain a free version of the PGP software and our public PGP key.
Credit Card File Specification (Comma-Delimited)
The following guidelines shall be used for formatting transaction data sent in a comma-delimited batch file.
Note: Transaction data included in the batch file must be in comma-delimited format with quoted text
File Naming Convention - The batch file should be saved with an .ccb file extension using the following naming convention.
YY = Year, MM = Month, DD = Day & NN = Batch No
Example: 04111401.ccb Year=2004, Month=11, Day=14 & Batch Number=01
Note: The batch number is required. This is used to differentiate between batch files when a merchant sends more than one batch on the same day. If only one batch file is sent for a particular date, the batch number will always be entered as 01.
Response files are generated once a day, typically from 11:30 to 3 PM PST. Response file format is the same for both comma-delimited and NACHA batch file format.
File Naming Convention - The response file will have an .rsp file extension using the following naming convention.
Example: 10111401.rsp Year=2010, Month=11, Day=14 & Batch Number=01
This section describes integration requirements for invoking the HTTPS Post interface with an XML response. Transactions processed using this interface require the user to collect ACH information and sending the transaction data securely (via HTTPS) to our ACH gateway for processing. Through this interface, you can process ACH debits or credits. To use this interface please contact Paysafe for a MerchantID and MerchantKey.
Description: Use these functions to create new ACH transactions. Below are the parameters for this method.
Description: Use the function to issue refunds to your customers. Below are the parameters for this method.
Description: Use this function to void open. Below are the parameters for this method. Method will return a TransID, which is the identified for the ACH transaction.
Description: This method creates an ACH debit transaction from a customer record.
Description: This method creates an ACH credit transaction from a customer record.
Description: This method retrieves an ACH transaction record from the database.
Description: This method creates a recurring ACH debit transaction rule.
Description: This method updates a recurring ACH debit transaction rule.
To use this interface option, all transaction data must be correctly formatted and saved in a batch file. Batch files can be formatted as either comma-delimited or NACHA (fixed width). Our program polls the FTP directories every fifteen minutes to look for files that have been uploaded for processing.
Note: Transaction data included in the batch file must be in comma-delimited format with quoted text, as follows. Please remove any spaces before and after the comma delimiter.
File Naming Convention - The batch file should be saved with an .ach file extension using the following naming convention.
Example: 04111401.ach Year=2004, Month=11, Day=14 & Batch Number=01
The following guidelines shall be used for formatting transaction data sent in a NACHA formatted batch file.
Sample NACHA File:
File Naming Convention - The batch file should be saved with a .nac file extension using the following naming convention.
File Naming Convention - The return file will have an .rtn file extension using the following naming convention.
Description: Use this function to add a new customer record. Below are the parameters for this method.
Description: Use this function to update a new customer record. Below are the parameters for this method. Pass only the parameters you wish to update.
Description: Use this method to retrieve a Customer record from the Customer Vault Database.
Description: Use this method to let Paysafe perform collection of Customer Vault information on our secure servers. This page can be displayed as a standalone page, or be displayed in an iFrame. You can specify a style sheet (in parameter "CSSUrl") for a customized look-and-feel.
Resource Url: https://webservice.paymentxp.com/wh/EnterCustomer.aspx
Description: Use this method to Update an existing customer's credit card related information in the customer vault. This method was designed to be called within an iFrame. The individual components of this form can be customized to match your website's branding requirements. In addition, you can also specify a style sheet (in parameter "CSSUrl") for a customized look-and-feel.
Resource Url: https://webservice.paymentxp.com/wh/EnterCardNumber.aspx
1 PM PST
Paysafe provides 2 batch file formats (comma-delimited and NACHA). Please contact Paysafe for details.
Upon request, a merchant can be setup to receive a response file daily on the Paysafe FTP server.
Upon request, a merchant can be setup to receive a return file daily on the Paysafe FTP server.
File: Sample.asp
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Web Host Sample </TITLE> </HEAD> <BODY> <P> This sample code is designed to connect to PaymentXP using the Web Host Interface. Response will be displayed on the screen after post method. </P> <HR /> <% 'Set URL Dim postURL postURL = "https://webservice.paymentxp.com/wh/webhost.aspx" Dim postArray Set postArray = CreateObject("Scripting.Dictionary") postArray.CompareMode = vbTextCompare 'Set Post Array postArray.Add "TransactionType", "CreditCardCharge" postArray.Add "MerchantID", "10012" postArray.Add "MerchantKey","69711A34-5B4C-49E3-816D-F3840004F0D7" postArray.Add "CardNumber", "4111111111111111" postArray.Add "ExpirationDateMMYY", "0115" postArray.Add "TransactionAmount","19.99" postArray.Add "BillingNameFirst","John" postArray.Add "BillingNameLast", "Doe" postArray.Add "BillingFullName", "John Doe" postArray.Add "BillingAddress","455 Abc Street" postArray.Add "BillingZipCode", "92708" postArray.Add "BillingCity", "Santa Ana" postArray.Add "BillingState", "CA" 'Generate post string Dim postString postString = "" For Each Key In postArray postString=postString & Key & "=" & Server.URLEncode(postArray(Key)) & "&" Next postString = Left(postString,Len(postString)-1) 'Use xmlHTTP to perform and HTTP POST Dim objRequest, postReponse Set objRequest = Server.CreateObject("Microsoft.XMLHTTP") objRequest.open "POST", postURL & "?" & postString & "" , false objRequest.send postReponse = objRequest.responseText Set objRequest = nothing 'Write response Response.Write(postReponse) %> </BODY> </HTML>
File: Sample.php
Copy the HTML code below and create a file call sample.html. Open the file and click the submit button to post your transaction to our secure hosted page.
File: Sample.html
<HTML> <HEAD> <TITLE> Hosted Payment Page Test </TITLE> <META NAME="Generator" CONTENT="Meritus"> <META NAME="Author" CONTENT=""> <META NAME="Keywords" CONTENT=""> <META NAME="Description" CONTENT=""> </HEAD> <BODY> <form action="https://webservice.paymentxp.com/wh/EnterPayment.aspx" method="post"> <table border="1"> <tr><th colspan="2"> CreditCardHosted </th></tr> <tr><td>TransactionType</td><td><input type="text" name="TransactionType" value="CreditCardHosted" /></td></tr> <tr><td>MerchantID</td><td><input type="text" name="MerchantID" value="10012" /></td></tr> <tr><td>MerchantKey</td><td><input type="text" name="MerchantKey" value="69711A34-5B4C-49E3-816D-F3840004F0D7" /></td></tr> <tr><td>TransactionAmount</td><td><input type="text" name="TransactionAmount" value="1.00" /></td></tr> <tr><td>BillingFirstName</td><td><input type="text" name="BillingNameFirst" value="John" /></td></tr> <tr><td>BillingLastName</td><td><input type="text" name="BillingNameLast" value="Doe" /></td></tr> <tr><td>BillingFullName</td><td><input type="text" name="BillingFullName" value="John Doe" /></td></tr> <tr><td>BillingZipCode</td><td><input type="text" name="BillingZipCode" value="92705" /></td></tr> <tr><td>BillingCity</td><td><input type="text" name="BillingCity" value="Santa Ana" /></td></tr> <tr><td>BillingState</td><td><input type="text" name="BillingState" value="CA" /></td></tr> <tr><td>BillingEmail</td><td><input type="text" name="EmailAddress" value="test@test.com" /></td></tr> <tr><td>BillingPhone</td><td><input type="text" name="PhoneNumber" value="123-456-7899" /></td></tr> <tr><td>ShippingAddress1</td><td><input type="text" name="ShippingAddress1" value="" /></td></tr> <tr><td>ShippingAddress2</td><td><input type="text" name="ShippingAddress2" value="" /></td></tr> <tr><td>ShippingCity</td><td><input type="text" name="ShippingCity" value="" /></td></tr> <tr><td>ShippingState</td><td><input type="text" name="ShippingState" value="" /></td></tr> <tr><td>ShippingZip</td><td><input type="text" name="ShippingZipCode" value="" /></td></tr> <tr><td>ShippingCountry</td><td><input type="text" name="ShippingCountry" value="" /></td></tr> <tr><td>ClientIPAddress</td><td><input type="text" name="ClientIPAddress" value="" /></td></tr> <tr><td>ClerkID</td><td><input type="text" name="ClerkID" value="clerk123" /></td></tr> <tr><td>ReferenceNumber</td><td><input type="text" name="ReferenceNumber" value="123456" /></td></tr> <tr><td>CustomInfo1</td><td><input type="text" name="CustomInfo1" value="" /></td></tr> <tr><td>CustomInfo2</td><td><input type="text" name="CustomInfo2" value="" /></td></tr> <tr><td>CustomInfo3</td><td><input type="text" name="CustomInfo3" value="" /></td></tr> <tr><td>PaymentMemo</td><td><input type="text" name="PaymentMemo" value="" /></td></tr> <tr><td>PostBackURL</td><td><input type="text" name="PostBackURL" value="https://webservice.paymentxp.com/wh/EnterPayment_Test.aspx" /></td></tr> </table> <input type="submit" value="Submit" /> </form> </BODY> </HTML>
Performing a CreditCardCHarge() with GetTOken(), C# Sample
File: CreditCardForm.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="CreditCardForm.aspx.cs" Inherits="CreditCardForm" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head id="Head1" runat="server"> <title></title> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script> <script type="text/javascript" src="https://webservice.paymentxp.com/js/Meritus.js"></script> <script type="text/javascript"> $(document).ready(function () { $("#<%= form1.ClientID %>").submit(function (event) { // disable the submit button to prevent repeated clicks $('.submit-button').attr("disabled", "disabled"); Meritus.createToken({ merchantid: $('.merchantid').val(), cardnumber: $('.cardnumber').val(), cvv2: $('.cvv2').val(), expmonth: $('.expmonth').val(), expyear: $('.expyear').val() }, meritusResponseHandler); // prevent the form from submitting with the default action return false; }); function meritusResponseHandler(token, statusid) { if (statusid != "0") { // show the errors on the form alert("Error: StatusID: " + statusid); $(".submit-button").removeAttr("disabled"); } else { var form$ = $("#<%= form1.ClientID %>"); // insert the token into the form so it gets submitted to the server form$.append("<input type='hidden' name='Token' value='" + token + "'/>"); // and submit form$.get(0).submit(); } } }); </script> </head> <body> <form id="form1" runat="server"> <div> <div class="form-row"> <label>MerchantID</label> <input type="text" class="merchantid" value="10012" /> </div> <div class="form-row"> <label>Card Number</label> <input type="text" size="20" autocomplete="off" value="4242424242424242" class="cardnumber" /> </div> <div class="form-row"> <label>CVV2</label> <input type="text" size="4" autocomplete="off" value="123" class="cvv2" /> </div> <div class="form-row"> <label>Expiration (MM/YY)</label> <input type="text" size="2" class="expmonth" value="01" /> <span>/ </span> <input type="text" size="4" class="expyear" value="15" /> </div> <button type="submit" class="submit-button">Submit Payment</button> </div> <asp:Label runat="server" ID="lblResponse"></asp:Label> </form> </body> </html>
File: CreditCardForm.aspx.cs
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Text; using System.Collections; using System.Net; using System.IO; public partial class CreditCardForm : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (Page.IsPostBack) { string token = Request["Token"]; string url = "https://webservice.paymentxp.com/wh/webhost.aspx"; //Sample credit card charge Hashtable prms = new Hashtable(); prms.Add("TransactionType", "CreditCardCharge"); prms.Add("MerchantID", "10012"); prms.Add("MerchantKey", "69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("Token", token); prms.Add("TransactionAmount", "19.99"); prms.Add("BillingNameFirst", "John"); prms.Add("BillingNameLast", "Doe"); prms.Add("BillingFullName", "John Doe"); prms.Add("BillingAddress", "455 Abc Street"); prms.Add("BillingZipCode", "92708"); prms.Add("BillingCity", "Santa Ana"); prms.Add("BillingState", "CA"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } lblResponse.Text = post_response; } } }
This sample is the "Code Behind" of a C# page.
We call the GetToken() function first to retrieve out token. Once we successfully have the token, we redirect to the Hosted Payment page with the Token as a url parameter.
protected void Page_Load(object sender, EventArgs e) { string token = GetToken(); string url = "https://webservice.paymentxp.com/wh/EnterPayment.aspx"; if (token != "") { Response.Redirect(string.Format("{0}?Token={1}&MerchantID={2}", url, token, "10012")); } } protected string GetToken() { string Token = ""; string url = "https://webservice.paymentxp.com/wh/GetToken.aspx"; Hashtable prms = new Hashtable(); prms.Add("MerchantID", "10012"); prms.Add("MerchantKey", "69711A34-5B4C-49E3-816D-F3840004F0D7"); prms.Add("TransactionAmount", "19.99"); String postdata = string.Empty; foreach (DictionaryEntry prm in prms) { postdata += prm.Key + "=" + prm.Value + "&"; } postdata = postdata.TrimEnd('&'); //Create Request Object HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Method = "POST"; request.ContentLength = postdata.Length; request.ContentType = "application/x-www-form-urlencoded"; //Post Data StreamWriter sw = null; sw = new StreamWriter(request.GetRequestStream()); sw.Write(postdata); sw.Close(); //Get response String post_response; HttpWebResponse objResponse = (HttpWebResponse)request.GetResponse(); using (StreamReader responseStream = new StreamReader(objResponse.GetResponseStream())) { post_response = responseStream.ReadToEnd(); responseStream.Close(); } // NOTE: for the sake of simplicity, we are assuming the response is valid, and therefore not performing error checking. // in your production code, you should check for errors during parsing. string[] arrResp = post_response.Split(new char[] { '&' }); string StatusID = arrResp[1].Split(new char[] { '=' })[1]; string Message = arrResp[2].Split(new char[] { '=' })[1]; if (StatusID == "0") { Token = arrResp[0].Split(new char[] { '=' })[1]; } return Token; }
Credentials-on-File allows the billing party to store consumer card information for future use. The API user must do this compliantly by following the steps outlined for COF.
Cardholder must give permission to store card for future use.
The stored credential is only stored through an initial successful transaction, where the InitialTransactionID should be stored by the user.
The InitialTransactionID must referenced when StoredCredentialIndicator is ‘Used’.
Customer initiated - Customer is actively engaged in the order process and can controls the specific scheduled charge.
Merchant initiated - Customer isn’t actively engaged but has agreed with the merchant to be charged at a future date, where the merchant controls the schedule of charges.
Considered 'stored' when processing the initial transaction in which you are storing a customer's payment details (customer credentials) in the Customer Vault or other third-party payment storage system.
Considered 'used' when processing a subsequent or follow-up transaction using the customer payment details (customer credentials) you have already stored to the Customer Vault or third-party payment storage method.
Straight Sale/One Time Sale, Unscheduled.
Recurring.
Free Trial.
COF Fields in API methods are highlighted by double asterisk, **.
COF fields are optional however, if submitting as credentials-on-file, ALL COF related fields must be sent with valid values. If COF fields are missing or do not contain the correct value combination, the transaction request will be submitted as a regular, non-credential-on-file transaction.
COF is supported on Ecommerce or MOTO at this time.
Examples provided are the most common credential on file scenarios supported. This does not cover ALL possible scenarios.
