Skip to main content
POST
/
tokens
/
{id}
/
payment-data
curl --request POST \
  --url https://sandbox.hellgate.io/tokens/{id}/payment-data \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "amount": 10000,
  "currency_code": "EUR",
  "reference": "1234567890"
}
'
{
  "id": "00000000-0000-0000-0000-000000000000",
  "amount": 10000,
  "currency_code": "EUR",
  "created_at": "2023-10-01T00:00:00Z",
  "encrypted_authentication_data": "eyJhbGc...",
  "merchant_id": "00000000-0000-0000-0000-000000000000",
  "reference": "1234567890",
  "success": true,
  "token_id": "00000000-0000-0000-0000-000000000000"
}
Gated Feature

Authorizations

X-API-Key
string
header
required

Path Parameters

id
string<uuid>
required

The ID of the Commerce token

Body

application/json
amount
integer
required

The amount given in minor units (e.g. use 700 for 7€). Some currencies do not support minor units (e.g. Japanese Yen). In this case send in the full value, .i.e. 100 for 100 JPY.

Required range: x >= 0
currency_code
string
required

The three letter currency code. See: ISO-4217

reference
string
required

A reference to the payment

merchant_id
string<uuid>

The ID of the merchant for whom the authentication is requested.

Only required when the account operates an ecoystem or platform. The value will default to the primary merchant of an account in other cases.

Response

Success response

id
string<uuid>
required

The id of the requested payment data

amount
integer
required

The amount given in minor units (e.g. use 700 for 7€). Some currencies do not support minor units (e.g. Japanese Yen). In this case send in the full value, .i.e. 100 for 100 JPY.

Required range: x >= 0
currency_code
string
required

The three letter currency code. See: ISO-4217

merchant_id
string<uuid>
required

The ID of the merchant for whom the authentication is requested

reference
string
required

Reference in calling system

success
boolean
required

The result of the processing of the request. If true, the processing was successfully completed. In case it is false, the processing failed and the failure_details field contains more information about the failure.

token_id
string<uuid>
required

The ID of the token on Commerce

created_at
string<date-time>

The date-time the payment-data was created (following ISO 8601)

encrypted_authentication_data
string

JWE encrypted JSON string containing authentication data.

Encrypted in a symmetric way with the shared encryption key using "alg"=A256GCMKW and "enc"="A256GCM". For decryption make sure the shared secret is hashed with a sha256 digest.

The decrypted JSON has the following format:

{
    network_token: {
      token: "token_value",
      expiry_year: 2023,
      expiry_month: 12
    },
    cryptogram: "cryptogram_value",
    eci: "eci_value"
}

  • The field network_token contains the value of the token, the year of expiry and the month of expiry of the token and is always included.

  • The field cryptogram contains the value of the cryptogram and is always included.

  • The field eci can instead have a value if there was an Electronic Commerce Indicator assigned, or it can be null if no information was provided.

failure_details
object[]

The reasons why the processing failed. There are two categories of errors that can happen in this context (the source field indicates the category):

  1. Scheme errors: errors that are returned by the scheme.
  2. Configuration errors: errors that are caused by the configuration with respect to the scheme.