Server to Server (v2)
The Transactions API allows you create and manage payments on your integration
- Encrypt your Card (Card Number, Expiry Date, CVV and PIN) with
- Pass your secret key as the Bearer token in Authorization Header.
- Encrypt the whole payout using your pub_key and Pass your HMAC Signature as Encryption Header. (Required only in Payout and Bills Payment)
Card Encryption (v2)
Card Encryption: perform aes-256-cbc encryption on your card payload using your pub_key and reference
To generate a test card encryption, kindly use our test encryption endpoint below
Endpoint: /test/encryption
Method: POST
Header
Param | Type | Required? | Decription |
---|---|---|---|
authorization | string | Yes | Set value to Bearer SECRET_KEY |
content-type | string | Yes | Set value to application/json |
Card Encryption Payload
{
"data" :{
"number": "5123450000000008",
"expiryMonth": "10",
"expiryYear": "22",
"cvv" : "100",
"pin" : "1234" // (optional - only required for local cards)
},
"reference": "1253627873656276350"
}
Card Encryption Output
{
"card" :"83fa6763bb31bae36a74f787ab814514aeede91fcdb311fd67609b414c5e5ea2751a47870c8717e71bcbc9c33287a3d6af9ffae8e2edbf2de1e2694384d699b020d31492637eef60d7a63f303798363a"
}
Initialize Transaction (S2S v2)
Initialize a transaction from your backend.
You are required to parse your card encryption output as card parameter in your Transaction Initialize payload.
You are expected to perform HMAC-SHA-512 encryption on your Transaction Initialize payload using your secret_key and parse it as Encryption in your Header. The parameters of this payload to encrypt must be in Alphabetical order.
Endpoint: /transaction/initialize
Method: POST
Header
Param | Type | Required? | Decription |
---|---|---|---|
authorization | string | Yes | Set value to Bearer SECRET_KEY |
encryption | string | Yes | Set value to your Signature_HMAC-SHA-512 output |
content-type | string | Yes | Set value to application/json |
Sample Post
curl https://api.budpay.com/api/s2s/v2/transaction/initialize
-H "Authorization: Bearer YOUR_SECRET_KEY"
-H "Encryption: Signature_HMAC-SHA-512"
-H "Content-Type: application/json"
-d '{ "amount": "100", "card" :"83fa6763bb31bae36a74f787ab814514aeede91fcdb311fd67609b414c5e5ea2751a47870c8717e71bcbc9c33287a3d6af9ffae8e2edbf2de1e2694384d699b020d31492637eef60d7a63f303798363a", "currency": "USD", "email": "test@email.com", "reference": "1253627873656276350" }'
-X POST
3DS2 Sample Response
{
"status": true,
"message": "Proceed authentication 3DS2",
"data": "<div id=\"initiate3dsSimpleRedirect\" xmlns=\"http://www.w3.org/1999/html\"> <iframe id=\"methodFrame\" name=\"methodFrame\" height=\"100\" width=\"200\" > </iframe> <form id =\"initiate3dsSimpleRedirectForm\" method=\"POST\" action=\"https://secure-acs2ui-b1.wibmo.com/v1/acs/services/threeDSMethod/8528?cardType=M\" target=\"methodFrame\"> <input type=\"hidden\" name=\"threeDSMethodData\" value=\"eyJ0aHJlZURTTWV0aG9kTm90aWZpY2F0aW9uVVJMIjoiaHR0cHM6Ly9ldS5nYXRld2F5Lm1hc3RlcmNhcmQuY29tL2NhbGxiYWNrSW50ZXJmYWNlL2dhdGV3YXkvOGFkZGRiNzE1MTQwMjk2OWMxMmI1Y2QzNjBhOTdmYTdiZTE1ZWU1NWZiZDEwZTE5MmI3ZDIwNDcxNmQxYTVlNSIsInRocmVlRFNTZXJ2ZXJUcmFuc0lEIjoiZjgxNGM3YWMtMmRiOS00Nzg1LThhMjYtYjA2NjZlYTBjMGVkIn0=\" /> </form> <script id=\"initiate-authentication-script\"> var e=document.getElementById(\"initiate3dsSimpleRedirectForm\"); if (e) { e.submit(); if (e.parentNode !== null) { e.parentNode.removeChild(e); } } </script> </div>",
"_links": {
"url": "http://api.budpay.com/api/mastercard-payment/3ds2auth",
"method": "POST",
"payload": [
"ref"
]
}
}
You are required to open the 3DS2 Response data html in a hidden page to run in background for 20 seconds and then hit the _links endpoint in the response to proceed. After that you will get the Final Response.
Note: You will receive 3DS2 response for cards that support 3DS2. If not, you will get the Final Response instead.
Final Sample Response
{
"status": true,
"message": "Proceed authentication",
"data": "<div id=\"redirectTo3ds1AcsSimple\" xmlns=\"http://www.w3.org/1999/html\"> <iframe id=\"redirectTo3ds1Frame\" name=\"redirectTo3ds1Frame\" height=\"100%\" width=\"100%\" > </iframe> <form id =\"redirectTo3ds1Form\" method=\"POST\" action=\"https://secure-acs2ui-b1-indblr-blrtdc.wibmo.com/v1/acs/legacy/live/8528/M.C/uid=b2d1cd56-78c7-4b8f-856b-f752jQ2qO5yI\" target=\"redirectTo3ds1Frame\"> <input type=\"hidden\" name=\"PaReq\" value=\"eAFVUV1vgkAQfDfxPxDS13rHIYpmOaMlptZqtWqb9A3hijSAeIDKv++en+3bzuzt3Ows9I5JrO2FzKNt6uhGg+qaSP1tEKWho6+Ww0db7/F6DZYbKYS7EH4pBYeJyHMvFFoUODqjlBq0YzBqtW2dw6z/LnYcLpocJRsMyBXiqPQ3Xlpw8PzdYDTllmm07BaQC4REyJHLPyf9wcpFZSBnAlIvERw5IKcK/G2ZFrLiVguHrwBKGfNNUWR5l5DD4dBYl0HmVY00JEBUD8jdwKxUVnLc5xgFfPrRlKMyeMm879f18Gv8EsbZeB3vp8XcAaJeQOAVgjPKGG2xtkY7XZN1LRPIiQcvUY74auFqD7g1xZXODGTqo/4ZGKrxlwCMVGLmFbeb2LohEMdsmwpUxPhuNZC766dnFaJfYFxXU7RjMovZ7Q77mbPdm1WNVLCnJ0ovwrwYM/CbCwCiRMjlZpjN6a7I/Lt3vfYLDsmx0Q==\" /> <input type=\"hidden\" name=\"TermUrl\" value=\"https://eu.gateway.mastercard.com/callbackInterface/gateway/e0eed619be91003a184d32d0002f4e54aea31c7c70651fa110c7f1417668622c\" /> <input type=\"hidden\" name=\"MD\" value=\"\" /> </form> <script id=\"authenticate-payer-script\"> var e=document.getElementById(\"redirectTo3ds1Form\"); if (e) { e.submit(); if (e.parentNode !== null) { e.parentNode.removeChild(e); } } </script> </div>",
"alt": "https://api.budpay.com/mastercard-payment/authpayer/1253627873656276350"
}
Parameters
Param | Type | Required? | Decription |
---|---|---|---|
string | Yes | Customer email address | |
amount | string | Yes | Amount you are debiting customer. Do not pass this if creating subscriptions. |
card | string | Yes | Encrypted Card output from card encryption. |
currency | string | no | Currency charge should be performed in. Allowed values are: NGN, USD or GBP It defaults to your integration currency. Default currency set to NGN when currency parameter is not set |
reference | string | Yes | Unique case sensitive transaction reference. Only -,_,., =and alphanumeric characters allowed. |
3DS2 Flow Diagram
