Payment through API
Nordea Connect supports payment through API for card payments and Swish. This documentation contains information about how to initiate card/Swish payments. If you are looking for documentation regarding managing transactions, Billing plans or other transaction data trough API, please check our Management API documentation.
Please note that you need to be PCI DSS compliant to initiate card payments through API, if you directly collect and transmit card data from your backend to Nordea Connect.
Authentication
Nordea Connect API calls are made via our REST endpoints and the user is identified using Basic Auth. The user name is your Merchant ID and the password can be set in the Nordea Connect Merchant Portal: https://access.nordeaconnect.com/en/settings
HTTP Response Codes
The HTTP answer of a successful call is always HTTP 200 and contains the same JSON as with a GET call. A bad call will return HTTP 40x with a JSON error response.
Object Graph
In many cases the response does not contain full object graph but just a simple object like ..”customer”:{“id”:1}..
In this case you can extend the object using Extendability.
Default parameters
Please consult the relevant section for additional mandatory parameters depending on the type of transaction and payment method.
| amount | decimal The transaction amount e.g. 12.00, NOTE: must always include two decimals and a dot |
| currency | string Payment currency (sek, cad, cny, cop, czk, dkk, hkd, huf, isk, inr, ils, jpy, kes, krw, kwd, lvl, myr, mxn, mad, omr, nzd, nok, pab, qar, rub, sar, sgd, zar, chf, thb, ttd, aed, gbp, usd, twd, vef, ron, try, eur, uah, pln, brl) |
| payment_ref | string A unique order ID from the merchant internal order/payment data (length 1-12) |
| hash | string Hash recipe: MD5(merchant_id + payment_ref + customer_ref + amount + currency + test + secret). More details can be found in the Nordea Connect Merchant Portal under the Integration tab. |
| test | boolean Parameter which decides whether the transaction is in test or production. With test = true, the transaction will run in test, with test = false, the transaction will be live. |
Payment using card details
To create a transaction using card details you need to do a POST with the default params and the additional mandatory params below to https://api.nordeaconnect.com/v1/transactions
| card_holder | stringThe name on the charged credit card. Not required if process = false. |
| card_cvv | stringCVV code. Not required if process = false. |
| card_expiry | stringExpiration date of the credit card in the format MMYY. Not required if process = false. |
| card_number | stringThe card number. |
| card_type | stringVISA, MASTERCARD etc. |
EXAMPLE REQUEST
curl -X POST --data "card_number=4111111111111111&card_expiry=0116&card_holder=name%20name&card_type=visa&amount=5.00&payment_ref=53dfaa67&card_cvv=200¤cy=sek&hash=6bd88f621553edcf0c553f91bf6fb797" --user exampleuser:Pa55w0rd 'https://api.nordeaconnect.com/v1/transactions'
EXAMPLE RESPONSE
{
"amount" : "5.0",
"vat_amount": "0.2",
"card_holder" : "name name",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"authorize": false,
"href": "https://pay.nordeaconnect.com/v1/form/Av6lK7OItURlSvYZ6pQ",
"created_at" : "2018-08-04T15:45:11Z",
"currency" : "sek",
"customer" : null,
"error" : null,
"success_url": "",
"error_url": "",
"id" : 7510,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "53dfaa67",
"ref" : null,
"refunds" : [ ],
"status" : "approved",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 123,
"test" : true,
"transaction_type" : "credit_card",
"webhooks" : [],
"items": [],
"client_info": {
"raw_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36",
"browser": "Chrome",
"version": "60.0.3112.113",
"platform": "Macintosh",
"ip": "59.21.2.160",
"accept_language": "en-GB,en;q=0.8,en-US;q=0.6,sv;q=0.4"
},
"response_hash": "6b5f0b8687dbbc25ff1e579ac10a0d48",
"request_hash": "f42e350aca7a37600973b2b3143e2917",
"payment_details": {
"id": 1,
"card_number": "411111******1111",
"card_holder": "name name",
"card_type": "MASTERCARD",
"customer_number": null,
"personal_number": null,
"first_name": null,
"last_name": null,
"zip": null,
"country_code": null,
"country": null,
"address": null,
"city": null,
"bank_name": null,
"bank_acc_lastdigits": null,
"phone": null,
"ssn": null,
"card_issuer": "WESTPAC BANKING CORPORATION",
"credit_or_debit": "debit",
"card_country_code": "AU",
"campaign": null,
"segmentation": "b2c",
"address_1": null,
"address_2": null,
"swish_number": null,
"email": null
}
}<pre><code class="language-ruby"># EXAMPLE REQUEST
attributes = {
amount: '725.00',
currency: 'sek',
payment_ref: 'order-1146',
hash: '6bd88f621553edcf0c553f91bf6fb797',
card_holder: 'Test User',
card_number: '4111 1111 1111 1111',
card_expiry: '1016',
card_cvv: '200',
card_type: 'visa',
}
transaction = NordeaConnect::CreditCard::Transaction.create(attributes)
# EXAMPLE RESPONSE
[{"title"=>"T-shirt"}, {"title"=>"Shoes"}]},
@validation_context=nil,
@hash="7234484a4ca9ea19f594b7fda7268562",
@id=8176,
@created_at="2018-08-07T13:38:37Z",
@merchant_id=10,
@test=false,
@status="approved",
@transaction_type="credit_card",
@cost={"percentual_fee"=>"0.025", "fixed_fee"=>"2.5", "percentual_exchange_fee"=>"0.035", "total"=>"46.0"},
@stored_card=nil,
@customer={"id"=>3052},
@subscription=ni>l
</code></pre><pre><code class="language-php">EXAMPLE REQUEST
$payment = array(
"card_number" => "4111111111111111",
"card_holder" => "php sdk",
"card_expiry" => "0116",
"card_cvv" => "200",
"card_type" => "VISA",
"amount" => "10.00",
"payment_ref" => $ref,
"currency" => "eur",
"test" => "true",
"hash" => md5(configuration::$app_settings['username'].$ref."10.00".configuration::$app_settings['secret'])
);
$transaction = nordeaconnect\api\transaction::create($payment);
EXAMPLE RESPONSE
Array
(
[id] => 7543
[created_at] => 2018-08-04T20:02:32Z
[merchant_id] => 3
[amount] => 10.0
[payment_ref] => 99485
[ref] =>
[card_holder] => php sdk
[card_number] => 411111******1111
[test] => 1
[metadata] =>
[currency] => eur
[status] => approved
[card_type] => VISA
[transaction_type] => credit_card
[template_id] =>
[error] =>
[cost] => Array
(
[percentual_fee] => 0.025
[fixed_fee] => 2.5
[percentual_exchange_fee] => 0.035
[total] => 3.1
)
[success_url] =>
[error_url] =>
[stored_card] =>
[customer] =>
[subscription] =>
[refunds] => Array
(
)
[webhooks] => Array
(
)
)
</code></pre><pre><code class="language-c">EXAMPLE REQUEST
var payment_ref = DateTimeOffset.Now.Ticks.ToString();
var postData = new List();
var encryptedCard = "4111111111111111".RSAEncrypt();
postData.Add(new KeyValuePair("amount", "10.00"));
postData.Add(new KeyValuePair("payment_ref", payment_ref));
postData.Add(new KeyValuePair("card_expiry", "0116"));
postData.Add(new KeyValuePair("card_holder", ".net sdk"));
postData.Add(new KeyValuePair("card_cvv", "200"));
postData.Add(new KeyValuePair("card_number", encryptedCard));
postData.Add(new KeyValuePair("card_type", "VISA"));
postData.Add(new KeyValuePair("currency", "sek"));
postData.Add(new KeyValuePair("hash", (Settings.ApiUsername + payment_ref + "10.00" + "sek" + Settings.ApiSecret).ToMD5()));
postData.Add(new KeyValuePair("encrypted", "card_number"));
var transaction = Transaction.Create(postData);
EXAMPLE RESPONSE
{
"amount" : "10.00",
"card_cvv" : "200",
"card_holder" : ".net sdk",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"created_at" : "2018-08-06T17:41:50.8261719Z",
"currency" : "sek",
"customer" : null,
"encrypted" : "card_number",
"error" : null,
"error_url" : null,
"id" : 1,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "635429509106230469",
"payment_request" : null,
"refund" : null,
"status" : "complete",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 1,
"test" : true,
"transcation_type" : null,
"webhooks" : null
}</code></pre>Payment using tokenized card
To create a transaction using tokenized card you need to do a POST with the default params and the additional mandatory params below to https://api.nordeaconnect.com/v1/transactions
Additional mandatory parameters
| card_number | stringThe token for the card is sent in using the card_number param |
| card_type | stringSend in value stored_card |
EXAMPLE REQUEST
curl -X POST --data "card_number=cc583309-0fe2-417d-a7e9-84da476a6596&card_type=stored_card&amount=5.00&payment_ref=53dfaa67¤cy=sek&hash=6bd88f621553edcf0c553f91bf6fb797" --user exampleuser:Pa55w0rd 'https://api.nordeaconnect.com/v1/transactions'
EXAMPLE RESPONSE
{
"amount" : "5.0",
"vat_amount": "0.2",
"card_holder" : "name name",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"authorize": false,
"href": "https://pay.nordeaconnect.com/v1/form/Av6lK7OItURlSvYZ6pQ",
"created_at" : "2018-08-04T15:45:11Z",
"currency" : "sek",
"customer" : null,
"error" : null,
"success_url": "",
"error_url": "",
"id" : 7510,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "53dfaa67",
"ref" : null,
"refunds" : [ ],
"status" : "approved",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 123,
"test" : true,
"transaction_type" : "credit_card",
"webhooks" : [],
"items": [],
"client_info": {
"raw_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36",
"browser": "Chrome",
"version": "60.0.3112.113",
"platform": "Macintosh",
"ip": "59.21.2.160",
"accept_language": "en-GB,en;q=0.8,en-US;q=0.6,sv;q=0.4"
},
"response_hash": "6b5f0b8687dbbc25ff1e579ac10a0d48",
"request_hash": "f42e350aca7a37600973b2b3143e2917",
"payment_details": {
"id": 1,
"card_number": "411111******1111",
"card_holder": "name name",
"card_type": "MASTERCARD",
"customer_number": null,
"personal_number": null,
"first_name": null,
"last_name": null,
"zip": null,
"country_code": null,
"country": null,
"address": null,
"city": null,
"bank_name": null,
"bank_acc_lastdigits": null,
"phone": null,
"ssn": null,
"card_issuer": "WESTPAC BANKING CORPORATION",
"credit_or_debit": "debit",
"card_country_code": "AU",
"campaign": null,
"segmentation": "b2c",
"address_1": null,
"address_2": null,
"swish_number": null,
"email": null
}
}<pre><code class="language-ruby"># EXAMPLE REQUEST
attributes = {
amount: '725.00',
currency: 'sek',
payment_ref: 'order-1146',
hash: '6bd88f621553edcf0c553f91bf6fb797',
card_number: 'cc583309-0fe2-417d-a7e9-84da476a6596',
card_type: 'stored_card',
}
transaction = NordeaConnect::CreditCard::Transaction.create(attributes)
# EXAMPLE RESPONSE
[{"title"=>"T-shirt"}, {"title"=>"Shoes"}]},
@validation_context=nil,
@hash="7234484a4ca9ea19f594b7fda7268562",
@id=8176,
@created_at="2018-08-07T13:38:37Z",
@merchant_id=10,
@test=false,
@status="approved",
@transaction_type="credit_card",
@cost={"percentual_fee"=>"0.025", "fixed_fee"=>"2.5", "percentual_exchange_fee"=>"0.035", "total"=>"46.0"},
@stored_card=nil,
@customer={"id"=>3052},
@subscription=ni>l
</code></pre><pre><code class="language-php">EXAMPLE REQUEST
$payment = array(
"card_number" => "cc583309-0fe2-417d-a7e9-84da476a6596",
"card_type" => "stored_card",
"amount" => "10.00",
"payment_ref" => $ref,
"currency" => "eur",
"test" => "true",
"hash" => md5(configuration::$app_settings['username'].$ref."10.00".configuration::$app_settings['secret'])
);
$transaction = nordeaconnect\api\transaction::create($payment);
EXAMPLE RESPONSE
Array
(
[id] => 7543
[created_at] => 2018-08-04T20:02:32Z
[merchant_id] => 3
[amount] => 10.0
[payment_ref] => 99485
[ref] =>
[card_holder] => php sdk
[card_number] => 411111******1111
[test] => 1
[metadata] =>
[currency] => eur
[status] => approved
[card_type] => VISA
[transaction_type] => credit_card
[template_id] =>
[error] =>
[cost] => Array
(
[percentual_fee] => 0.025
[fixed_fee] => 2.5
[percentual_exchange_fee] => 0.035
[total] => 3.1
)
[success_url] =>
[error_url] =>
[stored_card] =>
[customer] =>
[subscription] =>
[refunds] => Array
(
)
[webhooks] => Array
(
)
)
</code></pre><pre><code class="language-c">EXAMPLE REQUEST
var payment_ref = DateTimeOffset.Now.Ticks.ToString();
var postData = new List();
var encryptedCard = "4111111111111111".RSAEncrypt();
postData.Add(new KeyValuePair("amount", "10.00"));
postData.Add(new KeyValuePair("payment_ref", payment_ref));
postData.Add(new KeyValuePair("card_number", cc583309-0fe2-417d-a7e9-84da476a6596));
postData.Add(new KeyValuePair("card_type", "stored_card"));
postData.Add(new KeyValuePair("currency", "sek"));
postData.Add(new KeyValuePair("hash", (Settings.ApiUsername + payment_ref + "10.00" + "sek" + Settings.ApiSecret).ToMD5()));
postData.Add(new KeyValuePair("encrypted", "card_number"));
var transaction = Transaction.Create(postData);
EXAMPLE RESPONSE
{
"amount" : "10.00",
"card_cvv" : "200",
"card_holder" : ".net sdk",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"created_at" : "2018-08-06T17:41:50.8261719Z",
"currency" : "sek",
"customer" : null,
"encrypted" : "card_number",
"error" : null,
"error_url" : null,
"id" : 1,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "635429509106230469",
"payment_request" : null,
"refund" : null,
"status" : "complete",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 1,
"test" : true,
"transcation_type" : null,
"webhooks" : null
}</code></pre>Swish payment
To create a Swish payment you need to do a POST with the default params and the additional mandatory params below to https://api.nordeaconnect.com/v1/transactions
Transaction
Optional parameters to send
| merchant_id | string Your unique Merchant ID, which can be found in the Nordea Connect Merchant Portal in the Integration tab. |
| vat_amount | decimalThe vat amount for the transaction ex. 3.00 |
| test | booleanWhether the transaction is a test transaction. Defaults false |
| success_url | string A URL to the page where the Consumer is redirected after a successful transaction. Can contain Liquid. |
| error_url | string A URL to the page where the Consumer is redirected after a unsuccessful transaction. Can contain Liquid. |
| metadata | objectMerchant custom Metadata |
| store_card | booleantrue/false if you want to store the card |
| plan_id | intThe ID of the subscription plan. |
| start_date | dateThe first date of a new subscription. Ex: 2020-01-01 (YYYY-MM-DD) |
| customer_ref | stringThe Merchant specific user/customer ID |
| webhook | objectYou can specify a custom Webhook for a transaction. For example sending e-mail or POST to your backend. |
| encrypted | stringA comma separated string containing the params you have encrypted. Ex: “card_number,card_holder,card_cvv” |
| process | booleanShould be false if you want to process the payment at a later stage. You will not need to send in card data (card_number, card_cvv, card_holder, card_expiry) in this case. |
| template_id | int Hosted Page template ID |
| authorize | booleanauthorize = true, means that the transaction should be reserved (Authorized). |
| items | Array of items objectsitems |
| payment_details | objectpayment_details |
| payment_method | stringCan be any of the following: credit_card, recurring, stored, invoice, swish, paypal, bank |
Hash calculation
Nordea Connect uses a hash string to identify the merchant and validate the API call.
The hash recipe is:
MD5(merchant_id + payment_ref + customer_ref + amount + currency + test + secret)
The ingredients of the hash recipe are:
merchant_id (integer): Your merchant id (this can be found in the Integration tab in the Nordea Connect Merchant Portal)
payment_ref (string): A generated unique order id from your web shop
customer_ref (string): A unique id for your customer – ignore if you are not sending in a customer ref
amount (string): Must include two digits, example 10.00
currency (string): An ISO 4214 currency code, must be in lower case (ex. eur)
test (string): “test” if transaction is in test mode, otherwise empty string “”
secret (string): Unique merchant specific string
Let’s assume we have the following data for our hash recipe:
merchant_id (integer): 09024
payment_ref (string): 12345678
customer_ref (string): 891
amount (string): 10.00
currency (string): dkk
test (string): test
secret (string): $2a/sdf0W556fDi3wr320FUASng.
The example hash string would in this case look like this:
090241234567889110.00dkktest$2a/sdf0W556fDi3wr320FUASng.
In this case, the MD5 hash you get should be:
1c6332f03717fdf960078b32c45a5771
Please note especially the following:
- In the above example, we are initiating a test transaction. If this transaction would have been a live transaction, the has string would look like this: 090241234567889110.00dkk$2a/sdf0W556fDi3wr320FUASng.
- Sometimes, the secret might end with a special character, as in the example above. Please make sure you copy the entire string.
Important when storing a card/subscribing to a plan
In some cases the card can not be stored, but we will still try to charge it. This means that the transaction might be successful even though the card can not be stored.
Always check the response to see if there is a stored_card (or subscription), which will be missing if the card could not be stored.
Create a Transaction with a stored card
In a Stored Card payment you need to have the
tokenas card_number andSTORED_CARDas card_type. The response will have a Stored Card object with the ID of the card used.
EXAMPLE REQUEST
curl -X POST --data "card_number=31407340575815445&card_type=STORED_CARD&amount=5.00&payment_ref=53e479ea&card_cvv=000¤cy=sek&hash=e914a186f79333a9f4166b17c6dc791d&test=true" --user 3:password 'https://api.nordeaconnect.com/v1/transactions'
EXAMPLE RESPONSE
{
"amount" : "5.0",
"card_holder" : "635429445753750000",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"created_at" : "2018-08-08T07:20:01Z",
"currency" : "sek",
"customer" : { "id" : 3026 },
"error" : null,
"error_url" : null,
"id" : 8237,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "53e479ea",
"ref" : null,
"refunds" : [ ],
"status" : "approved",
"stored_card" : { "id" : 1055 },
"subscription" : null,
"success_url" : null,
"template_id" : null,
"test" : true,
"transaction_type" : "stored_card",
"webhooks" : [ ]
}file to be uploadedEXAMPLE REQUEST
$payment = array(
"card_number" => "31407340575815445",
"card_cvv" => "000",
"card_type" => "STORED_CARD",
"amount" => "10.00",
"payment_ref" => "123",
"currency" => "eur",
"test" => "true",
"hash" => md5(configuration::$app_settings['username'].$ref."10.00".configuration::$app_settings['secret'])
);
$transaction = nordeaconnect\api\transaction::create($payment);
EXAMPLE RESPONSE
Array
(
[id] => 7543
[created_at] => 2018-08-04T20:02:32Z
[merchant_id] => 3
[amount] => 10.0
[payment_ref] => 99485
[ref] =>
[card_holder] => php sdk
[card_number] => 411111******1111
[test] => 1
[metadata] =>
[currency] => eur
[status] => approved
[card_type] => VISA
[transaction_type] => credit_card
[template_id] =>
[error] =>
[cost] => Array
(
[percentual_fee] => 0.025
[fixed_fee] => 2.5
[percentual_exchange_fee] => 0.035
[total] => 3.1
)
[success_url] =>
[error_url] =>
[stored_card] =>
(
[id] => 1055
)
[customer] =>
[subscription] =>
[refunds] => Array
(
)
[webhooks] => Array
(
)
)
EXAMPLE REQUEST
var payment_ref = DateTimeOffset.Now.Ticks.ToString();
var postData = new List();
postData.Add(new KeyValuePair("amount", "10.00"));
postData.Add(new KeyValuePair("payment_ref", payment_ref));
postData.Add(new KeyValuePair("test", "true"));
postData.Add(new KeyValuePair("card_cvv", "000"));
postData.Add(new KeyValuePair("card_number", "31407340575815445"));
postData.Add(new KeyValuePair("card_type", "STORED_CARD"));
postData.Add(new KeyValuePair("currency", "sek"));
postData.Add(new KeyValuePair("locale", "en"));
postData.Add(new KeyValuePair("hash", (Settings.ApiUsername + payment_ref + "10.00" + "sek" + Settings.ApiSecret).ToMD5()));
var transaction = Transaction.Create(postData);
EXAMPLE RESPONSE
{
"amount" : "5.0",
"card_holder" : "635429445753750000",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"created_at" : "2018-08-08T07:20:01Z",
"currency" : "sek",
"customer" : { "id" : 3026 },
"error" : null,
"error_url" : null,
"id" : 8237,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "53e479ea",
"ref" : null,
"refunds" : [ ],
"status" : "approved",
"stored_card" : { "id" : 1055 },
"subscription" : null,
"success_url" : null,
"template_id" : null,
"test" : true,
"transaction_type" : "stored_card",
"webhooks" : [ ]
}Update Transaction
To update a transaction with card details using the API, you need to PUT data to https://api.nordeaconnect.com/v1/transactions/1
You can update a transaction when it has previously been created and is not in approved status. For example, you can create a transaction and send in process = false to prepare but not process the actual payment. The next step would be to either pass the href link to the customer to proceed the payment in a payment window, or to make an API payment using this update call.
The parameters you can send to update a transaction:
| card_holder | stringThe name on the charged credit card |
| card_number | stringA card number ex. 41111111111111 |
| card_cvv | stringCVV code |
| card_expiry | stringExpiration date of the credit card in the format MMYY |
| currency | stringThe currency (SEK, CAD, CNY, COP, CZK, DKK, HKD, HUF, ISK, INR, ILS, JPY, KES, KRW, KWD, LVL, MYR, MXN, MAD, OMR, NZD, NOK, PAB, QAR, RUB, SAR, SGD, ZAR, CHF, THB, TTD, AED, GBP, USD, TWD, VEF, RON, TRY, EUR, UAH, PLN, BRL) |
| card_type | stringVISA, MASTERCARD, STORED_CARD (if the transaction is done using a stored card), etc |
| encrypted | stringA comma separated string for the params that you send encrypted. Ex. “card_number,card_cvv” |
| items | Array of items objectsitems |
| metadata | objectMetadata |
| amount | decimalThe transaction amount ex. 12.00 |
| vat_amount | decimalThe VAT amount for the transaction ex. 3.00 |
| customer_ref | stringThe Merchant specific user/customer ID |
| process | booleanShould be false if you want to process the payment at a later stage. You will not need to send in card data (card_number, card_cvv, card_holder, card_expiry) in this case. |
You can update the
Metadataproperty of an already processed transaction by passing metadata and process = false.The submitted data will be merged with existing Metadata for that transaction.
By sending, for example:
{"shop_order": {"id": "123123"}}as Metadata to the update method, you can connect your internal shop order ID to the Nordea Connect admin view.
Transaction object
A transaction contains JSON with the following data:
| id | integerId of the transaction |
| created_at | datetimeEx. 2018-04-25T10:20:48Z (UTC) |
| merchant_id | stringID of Merchant |
| amount | decimalThe transaction amount ex. 12.00 |
| vat_amount | decimalThe vat amount for the transaction ex. 3.00 |
| payment_ref | stringThe Merchant order/payment ID |
| card_holder | stringThe name on the charged credit card |
| card_number | stringA masked card number ex. 411111****1111 |
| card_expiry | stringMMYY ex. 0120 |
| test | booleanWhether the transaction is a test transaction. |
| currency | stringThe currency (SEK, CAD, CNY, COP, CZK, DKK, HKD, HUF, ISK, INR, ILS, JPY, KES, KRW, KWD, LVL, MYR, MXN, MAD, OMR, NZD, NOK, PAB, QAR, RUB, SAR, SGD, ZAR, CHF, THB, TTD, AED, GBP, USD, TWD, VEF, RON, TRY, EUR, UAH, PLN, BRL) |
| status | stringStatus of the api transaction.
|
| card_type | stringVISA, MASTERCARD, etc. (STORED_CARD if the transaction is done with stored card) |
| payment_request | objectThe payment request from the Merchant |
| template_id | intHosted Page template ID |
| error | objectFor example: |
| cost | objectThe cost of transaction |
| success_url | stringURL after successful transaction. Can contain Liquid. |
| error_url | stringURL after unsuccessful transaction. Can contain Liquid. |
| metadata | objectMerchant specific Metadata |
| refund | arrayAn array with refunds objects where the token value is used for making transactions with the stored card |
| stored_card | objectIf the transaction has a stored card connected it will have a token value that is used for making transactions with the stored card |
| customer | objectCustomer that owns the transaction |
| transaction_type | stringcredit_card/stored_card/recurring |
| subscription | objectThe connected subscription |
| webhooks | arrayA list of Webhooks related to the transaction |
| href | stringA HTTP link to a payment page where the customer can finish a payment. Ex. https://pay.nordeaconnect.com/v1/form/hrr5sEwz0y-XgcYOyNXhew |
| Items | Array of items objectsitems |
| payment_details | objectpayment_details |
| payment_method | stringCan be any of the following: credit_card, recurring, stored, invoice, swish, paypal, bank |
| processed_at | datetimeThe exact time when the payment was confirmed. Ex. 2018-04-25T10:20:48Z (UTC) |
Encryption
Transaction data can be encrypted with a public RSA key for better security. The public RSA key can be found in the Nordea Connect Merchant Portal’s Integration tab. The parameter “encrypted” must also be sent and contain the names of the encrypted parameters such as “card_number,card_cvv,card_holder,card_expiry,card_type”. You would also need to base64 encode the string both before and after encryption, i.e. base64_encode( encrypt( base64_encode( actual_value ) ) ).
Transaction statuses
Nordea Connect supports the following transaction statuses:
- Pending
A transaction always starts as a Pending transaction and will only alter after a customer has attempted to pay. If successful, it will be approved (or authorised). The transaction will stay as pending if the customer cancels the payment in Payment Window/Nordea Connect Checkout. It will change to failed/declined if the customer attempts to pay and is unsuccessful. By default, a consumer will be taken back to the Payment Window/Nordea Connect Checkout if the attempt is unsuccessful. This flow can also be changed on request, to take the customer directly back to your webshop if a payment attempt fails. - 3DS pending
The customer has been redirected to the 3DS server to authorise their card payment. - Approved
Money has been drawn from the customer and the transaction is processed. - Authorised
A cover reservation has been made on the customer’s card. You need to capture the transaction through API or in the Nordea Connect Merchant Portal in order to process the transaction. - Failed/Declined
A pending transaction might become failed/declined depending on the payment method used. This usually indicates that the customer has either cancelled the payment or it has been denied by the payment method provider.
Nordea Connect does not have a cancelled transaction status.
- Transactions cancelled by a customer will either be displayed as pending, failed or declined.
- If a customer cancels at the Payment Window stage, the transaction will be displayed as pending.
- If the customer cancels the payment at a later stage, the payment will be displayed as failed/declined depending on the payment method provider.
Please note, that once a transaction is approved (paid) its status will no longer change. All other transaction statuses might update depending on the customer’s behaviour.
The diagram below outlines the transaction flow.
Pagination
While doing API calls you can use pagination to fetch parts of your data using limit, offset and start_id.
Pagination Example:
https://api.nordeaconnect.com/v1/transactions?limit=2&offset=20
ID range Example:
https://api.nordeaconnect.com/v1/transactions?start_id=1051&limit=15
Pagination information
Pagination of partial data can be achieved using the Content-Range header. The Content-Range show what part of the data-set that is being returned.
Content-Range:items 16-20/173
Order
You can order your resource list by using the order_by query parameter.
Order example
https://api.nordeaconnect.com/v1/transactions?order_by=amount
Descending order example
https://api.nordeaconnect.com/v1/transactions?order_by=amount:desc
Filtering
Filter
If you know what you are looking for, you can filter your result with the filter query parameter.
Strings and Booleans support equal and wildcard matches, e.g.:
- filter[status]=approved
- filter[card_number]=411*
- filter[test]=true
Integers, Decimals and Dates supports equal matches, as well as up to, from, and ranges, e.g.:
- filter[amount]=..1000 will fetch resources where amount is less than or equal to 1000
- filter[amount]=100.. will fetch resources where amount is greater than or equal to 100
- filter[created_at]=20180101..20180131 will fetch resources created in January 2018 (from the first up until the 31st)
- filter[created_at]=20180930T084821 will fetch resources with exact date and time value
Metadata filters
- filter[metadata.customer.name]=anna will fetch resources where metadata contains a customer which have a name that is anna
- filter[metadata.customer]=* will fetch resources where metadata have a customer object
- filter[metadata.products.0.name]=* will fetch the first resources from the products array
Filter example:
https://api.nordeaconnect.com/v1/transactions?filter[test]=false&filter[amount]100..&filter[created_at]=20180101..20181231
Subscription payment
Get started
Nordea Connect supports recurring payments for cards. As a merchant, you have two options:
1. Set up a Billing Plan either in the Nordea Connect Merchant Portal or through API, where Nordea Connect will execute the recurring payments on your behalf
2. Utilize our tokenized card functionality and build your own subscription engine allowing you to control the recurring payment schedule
If you are looking to create a payment using the Nordea Connect subscription engine, you will need to send all the params required for either initiating a payment using card details or through tokenized card. In addition, you will also need the param plan_id, which is the ID of your Billing plan. It is visible in the Merchant Portal in the tab “Billing plans”.
Unless a free trial period is setup, the first subscription fee is debited at the same time as the transaction is processed. Please see the example below.
Example
EXAMPLE REQUEST
curl -X POST --data "card_number=4111111111111111&card_expiry=0116&card_holder=name%20name&card_type=visa&amount=5.00&payment_ref=53dfaa67&card_cvv=200¤cy=sek&hash=6bd88f621553edcf0c553f91bf6fb797&plan_id=561" --user exampleuser:Pa55w0rd 'https://api.nordeaconnect.com/v1/transactions'
EXAMPLE RESPONSE
{
"amount" : "5.0",
"vat_amount": "0.2",
"card_holder" : "name name",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"authorize": false,
"href": "https://pay.nordeaconnect.com/v1/form/Av6lK7OItURlSvYZ6pQ",
"created_at" : "2018-08-04T15:45:11Z",
"currency" : "sek",
"customer" : null,
"error" : null,
"success_url": "",
"error_url": "",
"id" : 7510,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "53dfaa67",
"ref" : null,
"refunds" : [ ],
"status" : "approved",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 123,
"test" : true,
"transaction_type" : "credit_card",
"webhooks" : [],
"items": [],
"client_info": {
"raw_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36",
"browser": "Chrome",
"version": "60.0.3112.113",
"platform": "Macintosh",
"ip": "59.21.2.160",
"accept_language": "en-GB,en;q=0.8,en-US;q=0.6,sv;q=0.4"
},
"response_hash": "6b5f0b8687dbbc25ff1e579ac10a0d48",
"request_hash": "f42e350aca7a37600973b2b3143e2917",
"payment_details": {
"id": 1,
"card_number": "411111******1111",
"card_holder": "name name",
"card_type": "MASTERCARD",
"customer_number": null,
"personal_number": null,
"first_name": null,
"last_name": null,
"zip": null,
"country_code": null,
"country": null,
"address": null,
"city": null,
"bank_name": null,
"bank_acc_lastdigits": null,
"phone": null,
"ssn": null,
"card_issuer": "WESTPAC BANKING CORPORATION",
"credit_or_debit": "debit",
"card_country_code": "AU",
"campaign": null,
"segmentation": "b2c",
"address_1": null,
"address_2": null,
"swish_number": null,
"email": null
}
}<pre><code class="language-ruby"># EXAMPLE REQUEST
attributes = {
amount: '725.00',
currency: 'sek',
payment_ref: 'order-1146',
hash: '6bd88f621553edcf0c553f91bf6fb797',
card_holder: 'Test User',
card_number: '4111 1111 1111 1111',
card_expiry: '1016',
card_cvv: '200',
card_type: 'visa',
plan_id: '651',
}
transaction = NordeaConnect::CreditCard::Transaction.create(attributes)
# EXAMPLE RESPONSE
[{"title"=>"T-shirt"}, {"title"=>"Shoes"}]},
@validation_context=nil,
@hash="7234484a4ca9ea19f594b7fda7268562",
@id=8176,
@created_at="2018-08-07T13:38:37Z",
@merchant_id=10,
@test=false,
@status="approved",
@transaction_type="credit_card",
@cost={"percentual_fee"=>"0.025", "fixed_fee"=>"2.5", "percentual_exchange_fee"=>"0.035", "total"=>"46.0"},
@stored_card=nil,
@customer={"id"=>3052},
@subscription=ni>l
</code></pre><pre><code class="language-php">EXAMPLE REQUEST
$payment = array(
"card_number" => "4111111111111111",
"card_holder" => "php sdk",
"card_expiry" => "0116",
"card_cvv" => "200",
"card_type" => "VISA",
"plan_id" => "651",
"amount" => "10.00",
"payment_ref" => $ref,
"currency" => "eur",
"test" => "true",
"hash" => md5(configuration::$app_settings['username'].$ref."10.00".configuration::$app_settings['secret'])
);
$transaction = nordeaconnect\api\transaction::create($payment);
EXAMPLE RESPONSE
Array
(
[id] => 7543
[created_at] => 2018-08-04T20:02:32Z
[merchant_id] => 3
[amount] => 10.0
[payment_ref] => 99485
[ref] =>
[card_holder] => php sdk
[card_number] => 411111******1111
[test] => 1
[metadata] =>
[currency] => eur
[status] => approved
[card_type] => VISA
[transaction_type] => credit_card
[template_id] =>
[error] =>
[cost] => Array
(
[percentual_fee] => 0.025
[fixed_fee] => 2.5
[percentual_exchange_fee] => 0.035
[total] => 3.1
)
[success_url] =>
[error_url] =>
[stored_card] =>
[customer] =>
[subscription] =>
[refunds] => Array
(
)
[webhooks] => Array
(
)
)
</code></pre><pre><code class="language-c">EXAMPLE REQUEST
var payment_ref = DateTimeOffset.Now.Ticks.ToString();
var postData = new List();
var encryptedCard = "4111111111111111".RSAEncrypt();
postData.Add(new KeyValuePair("amount", "10.00"));
postData.Add(new KeyValuePair("payment_ref", payment_ref));
postData.Add(new KeyValuePair("card_expiry", "0116"));
postData.Add(new KeyValuePair("card_holder", ".net sdk"));
postData.Add(new KeyValuePair("card_cvv", "200"));
postData.Add(new KeyValuePair("card_number", encryptedCard));
postData.Add(new KeyValuePair("card_type", "VISA"));
postData.Add(new KeyValuePair("currency", "sek"));
postData.Add(new KeyValuePair("hash", (Settings.ApiUsername + payment_ref + "10.00" + "sek" + Settings.ApiSecret).ToMD5()));
postData.Add(new KeyValuePair("encrypted", "card_number"));
postData.Add(new KeyValuePair("encrypted", "plan_id"));
var transaction = Transaction.Create(postData);
EXAMPLE RESPONSE
{
"amount" : "10.00",
"card_cvv" : "200",
"card_holder" : ".net sdk",
"card_number" : "411111******1111",
"card_type" : "VISA",
"cost" : {
"fixed_fee" : "2.5",
"percentual_exchange_fee" : "0.035",
"percentual_fee" : "0.025",
"total" : "2.8"
},
"created_at" : "2018-08-06T17:41:50.8261719Z",
"currency" : "sek",
"customer" : null,
"encrypted" : "card_number",
"error" : null,
"error_url" : null,
"id" : 1,
"merchant_id" : 3,
"metadata" : null,
"payment_ref" : "635429509106230469",
"payment_request" : null,
"refund" : null,
"status" : "complete",
"stored_card" : null,
"subscription" : null,
"success_url" : null,
"template_id" : 1,
"test" : true,
"transcation_type" : null,
"webhooks" : null
}</code></pre>Metadata
Metadata is custom schemaless information that you can choose to send in to Nordea Connect. It can be information about the customer, the product or about campaigns or offers.
The metadata can be used to customize your hosted payment window or sending personalized receipts to your customers in a webhook.
Example of metadata:
{
"products":[
{
"id":"1",
"name":"Nice Shoe",
"price":"100.00",
"qty":"1",
"url":"http://mysite.com/product/1"
}
],
"user":{
"email":"jd@email.com"
}
}The values like products, 1, name, are optional and can be named freely by the Merchant. These will be shown in the transaction lists so you can analyze transactions based on metadata and get a comprehensive understanding of your sales.
Why Metadata?
One of the most important benefits of using Nordea Connect is the power of the data that you can send with the payment. The more data you send in the more parameters you have to create custom payment flows and analyze transaction data to see what are your best selling items, services and products.
Popular parameters are:
- Order information (price, vat, categories, materials, tags)
- Platform specs (iPhone/Android, OS version, screen size, locale)
- Application specs (version number, tokens, sessions)
- Customer information (location, language)
All sent in data can be visualized in your dashboard in graphs or charts so that you easy can follow up and analyze your sales. Nordea Connect understands that making relevant and important business decisions starts with knowing your customers habits, likes and preferences. Incorporating metadata into the payment gives you the best chance to optimize your checkout, A/B test and bring intelligence into your business.
Updating the transaction with shop order ID
By using the API, you can update the
Metadataproperty of an already processed transaction by passing metadata and process = false.The submitted data will be merged with existing Metadata for that transaction.
By sending, for example:
{"shop_order": {"id": "123123"}}as Metadata to the update method, you can connect your internal shop order ID to the Nordea Connect admin view.
Liquid and Metadata
Liquid is an open-source, Ruby-based template language created by Shopify. It is a well-known framework and is used to load dynamic content on storefronts.
Liquid uses a combination of tags, objects, and filters to load dynamic content. They are used inside the Nordea Connect Payment Window payment form to display information from the payment data and make the template dynamic for each customer, product or transaction.
The official documentation can be found here: https://github.com/Shopify/liquid/wiki/Liquid-for-Designers
You can output information in your metadata to your Payment Window Form or in a Receipt Webhook using Liquid syntax. Using the example above, this is the way to output it:
Product name: {{ transaction.metadata['products'].first.name }}
Product quantity: {{ transaction.metadata['products'].first.qty }}To loop all products:
{%for item in transaction.metadata['products']%}
<li>
Name: {{ item['name'] }},
Price: {{ item['price'] }} {{transaction.amount | upcase }},
Quantity {{ item['qty'] }}
</li>
{% endfor %}Liquid syntax is used within webhooks and Payment Windows. Please go to Payment Window to see the full white list of liquid elements
Webhooks
A webhook is a messaging service that is executed before or after a transaction. You can add one or more webhooks in the Admin console or specify a custom webhook for a transaction. The data that sent varies depending on the context, read more under triggers to see what data to expect.
| id | intWebhook ID |
| created_at | datetimeEx. 2018-04-25T10:36:33Z (UTC) |
| type | stringWebhook type, ex: CustomHttp |
| response | objectThe http response, ex: { "code":"400", "body":"Bad request (GET and HEAD requests may not contain a request body)", "message":"Bad Request", "error":"Net::HTTPBadRequest" } |
| http_method | stringWhich method that were used, ex. POST, GET |
| stringSender address in a e-mail Webhook | |
| url | stringURL in a Custom Http Webhook |
| trigger | stringWhat event to trigger Webhook, ex. payment_error |
| data_format | stringJSON, form_data or XML |
Show Webhooks
To show a webhook with ID 1 you need to GET the following url https://api.nordeaconnect.com/v1/webhooks/1
List Webhooks
To show a list of webhooks you need to GET the following url https://api.nordeaconnect.com/v1/webhooks
Creating Webhooks in a transaction
Webhooks can either be created from a template in the Admin console, or custom attached to each transaction call from the Merchant shop. When creating custom Webhooks you define it using JSON described in the examples below:
Sending E-mail:
{"trigger":"payment_success","email":"myname@domain.com"}Custom HTTP:
{"url":"https://mybackend.com/confirmOrderFromNordeaConnect","trigger":"payment_success","http_method":"post","data_format":"form_data"}Or as an Array:
[{"trigger":"payment_success","email":"myname@domain.com"},{"url":"https://mybackend.com/confirmOrderFromNordeaConnect","trigger":"payment_success","http_method":"post","data_format":"form_data"}]trigger can be:
- payment_success – (after a successful transaction, data sent: a transaction object)
- payment_error – (after a failed transaction, data sent: a transaction object)
- payment_form – (when an hosted window is loaded, data sent: a transaction object)
- payment – (after any transaction regardless of status, data sent: a transaction object)
- refund – (after a refund, data sent: a transaction object)
- subscription_started – (when a new subscription is created, data sent: a subscription object)
- card_stored – (when a new card is stored, data sent: a stored_card object)
- card_updated – (when a card is updated, data sent: a stored_card object)
- webhook_exhausted – (when a Webhook didn’t reach it’s destination after retries, data sent: a webhook object)
- change_address – (after a shipping address is changed, data sent: a transaction object)
- none – (manual execution in the Nordea Connect Rule Engine)
http_method can be:
- post
- get
- put
- patch
- delete
data_format can be:
- json
- xml
- form_data
Important
Custom http webhooks will not follow redirects. Make sure to point them directly at your endpoint.
If you are using the https protocol, your SSL certificate must be valid for the webhook to work.
If the webhook encounters a “500 error” from your endpoint it will retry 20 times for approximately 2 days. If it doesn’t succeed during this timeframe you will receive a warning in the dashboard. Any other error will create a notification in the dashboard immediately.
NOTE: When notifications are created in the dashboard you will also be receiving an alert email. Opt-out is possible by unchecking “Get Email Alerts” in Settings > Administrators.
file to be uploaded//Fetching the incoming transaction data
$transaction = webhook::get($path);// Fetches and parses the incoming transaction.
// This example is coming from a WebAPI Post action and uses the ControllerContext for data
var transaction = Webhook.GetWebhook(this.ControllerContext.Request);Automatic job retry
Webhooks will retry failures up to 20 times, with an exponential backoff using the formula (retry_count ** 4) + 15 + (rand(30) * (retry_count + 1)) (i.e. 15, 16, 31, 96, 271, … seconds + a random amount of time).
It will perform 20 retries over approximately 3 days. Assuming you deploy a bug fix within that time, the job will get retried and successfully processed. After 20 times, Webhooks will move that job to the Dead Job queue, and create a notification on the Merchant dashboard.
Liquid and Receipt Webhooks
Liquid is an open-source, Ruby-based template language created by Shopify. It is a well-known framework and is used to load dynamic content on storefronts.
Liquid uses a combination of tags, objects, and filters to load dynamic content. They are used inside the Nordea Connect Payment Window payment form to display information from the payment data and make the template dynamic for each customer, product or transaction.
The official documentation can be found here: https://github.com/Shopify/liquid/wiki/Liquid-for-Designers
You can output information in your receipt Webhook using Liquid syntax. Using the example above, this is the way to output it:
Product name: {{ transaction.metadata['products'].first.name }}
Product quantity: {{ transaction.metadata['products'].first.qty }} %p To loop all products:{%for item in transaction.metadata['products']%}
<li>
Name: {{ item['name'] }},
Price: {{ item['price'] }} {{transaction.amount | upcase }},
Quantity {{ item['qty'] }}
</li>
{% endfor %} %strong For RefundsYou can send a refund confirmation using the After Refund event with the Receipt webhook. There you can output the refunded amount like this:
Hi, here is your refund confirmation for order:
{{ transaction.payment_ref }}
Amount:
{{ transaction.refunds.last.amount }}
Reason:
{{ transaction.refunds.last.reason }}
Items
Items makes it possible to send product info about the items into a payment. This items array is required for invoice payments and can also be used in subscriptions to add additional product charges intop of the Plan amount.
This data is required if the transaction is of type invoice
| artno | string (maxlength 50) *required Article number |
| description | string (maxlength 150) *required Description about the item |
| amount | integer *required The total price of all the items |
| qty | string *required The item quantity |
| vat | string *required VAT rate, ex 25 (No verification or or calculation is made) |
| discount | stringDiscount of the products (No verification or or calculation is made) |
Example
[{"artno": "001", "amount": 1, "description": "user license2", "qty": 1, "vat": 25, "discount": 0}]Testing cards & Swish
Card payments and Swish payments feature a mock flow, where you either land on the success url or error url, depending on e.g. the CVC code used for card payments. Please note that the card payments flow does not include the 3DS step, which is present in production.
For Swish, you can enter any 10-digit number starting with 07 to simulate a successful transaction.
All accounts registered through nordeaconnect.com feature card payments and Swish by default.
To create test transactions you need to send in a test card number, and also a CVV code that can simulate different responses.
Test card numbers:
| VISA | 4111111111111111 |
| VISA | 4012888888881881 |
| VISA | 4222222222222 |
| MASTERCARD | 5555555555554444 |
| MASTERCARD | 5105105105105100 |
| DINERS | 30569309025904 |
| AMEX | 378282246310005 |
Test CVV codes:
When in test mode (test=true) you can use CVV codes to simulate different responses. Anything else will lead to Approved.
| 200 | ACCEPTED |
| 201 | DECLINED |
| 202 | CVV INVALID |
| 203 | EXPIRED |
Test expiry dates:
When in test mode (test=true) you can use specific expiry dates to simulate failed recurring card payments.
| 0137 | errors.payment.declined |
| 0237 | errors.card.expired |
More information
TLS
TLS 1.0 was released in 1999, making it a nearly two-decade-old protocol. It has been known to be vulnerable to attacks—such as BEAST and POODLE—for years, in addition to supporting weak cryptography, which doesn’t keep modern-day connections sufficiently secure. TLS 1.0 and SSL are deprecated since June 30 2018.
Examples:
- .NET:
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; - PHP:
curl_setopt ($setuploginurl, CURLOPT_SSLVERSION, 6); - Ruby:
ctx.ssl_version = :TLSv1_2 - Curl:
curl --tlsv1.2 https://api.nordeaconnect.com/v1/transactions - JS:
secureProtocol: "TLSv1_2_method"
3D-Secure
Nordea Connect understands the need to incorporate best business practices in security. That’s why we’ve made it easy for Merchants to implement 3D Secure or “3 Domain Secure” as the industry standard identity check solution to minimize chargebacks from fraudulent credit cards, all included in our simple pricing. 3D-Secure refers to second authentication factor products such as Verified by Visa, MastercardⓇSecureCode™ and American Express SafekeyⓇ.
NOTE: While you can create your own payment experience, We strongly recommend using our Payment Window solution to save time in implementing 3D-Secure and client side encryption to your checkout procedure.
Important note on API Card Payments
In order to process card payments either by storing or transfer without storing, you would need full PCI DSS compliance.
Please make use of the stored cards functionality to facilitate API based card payments.
Supported card types
Where are they used?
You need to POST the card type name as
card_typeparameterDefault card types that you will have access to are VISA and Mastercard, but the other such as AMEX, JCB and Diners are on separate contracts. Contact support for more information about card types.
| visa | Visa |
| mastercard | MasterCard |
| maestro | Maestro |
| electron | Electron |
| debit_mastercard | Debit MasterCard |
| visa_debit | Visa Debit |
| amex | American Express |
| diners | Diners |
| uk_maestro | UK Maestro |
| stored_card | Stored Card |
| paypal | PayPal |
| swish | Swish |
Accepted currencies
| sek | Swedish Krona |
| cad | Canadian Dollar |
| cny | Chinese Yuan |
| cop | Colombian Peso |
| czk | Czech Republic Koruna |
| dkk | Danish Krone |
| hkd | Hong Kong Dollar |
| huf | Hungarian Forint |
| isk | Icelandic Króna |
| inr | Indian Rupee |
| ils | Israeli New Sheqel |
| jpy | Japanese Yen |
| kes | Kenyan Shilling |
| krw | South Korean Won |
| kwd | Kuwaiti Dinar |
| lvl | Latvian Lats |
| myr | Malaysian Ringgit |
| mxn | Mexican Peso |
| mad | Moroccan Dirham |
| omr | Omani Rial |
| nzd | New Zealand Dollar |
| nok | Norwegian Krone |
| pab | Panamanian Balboa |
| qar | Qatari Rial |
| rub | Russian Ruble |
| sar | Saudi Riyal |
| sgd | Singapore Dollar |
| zar | South African Rand |
| chf | Swiss Franc |
| thb | Thai Baht |
| ttd | Trinidad and Tobago Dollar |
| aed | United Arab Emirates Dirham |
| gbp | British Pound Sterling |
| usd | US Dollar |
| twd | New Taiwan Dollar |
| vef | Venezuelan Bolívar |
| ron | Romanian Leu |
| try | Turkish Lira |
| eur | Euro |
| uah | Ukrainian Hryvnia |
| pln | Polish Zloty |
| brl | Brazilian Real |
Error messages
We aim to send as many insightful and helpful error messages to you as possible, both in numeric, data and human readable.
{
name: 'errors.card_number.missing',
code: 118,
description: 'Card number is missing'
}Simulate errors:
To simulate error messages send this json in your metadata. Use one of the following formats:
{
"nordeaconnect_instructions": {
"fail_as_code":"errors.invoice.address_not_found"
}
}
{
"nordeaconnect_instructions": {
"fail_as_message":"do not honour"
}
}List of error messages:
| Error Code | Technical Error Code | Description |
|---|---|---|
| 1 | errors.credit_card.missing | Credit card is missing |
| 2 | errors.credit_card_details.missing | Credit card details are missing |
| 3 | errors.terminal_id.invalid | Terminal ID is invalid |
| 4 | errors.provider_ref.processed | Provider reference processed |
| 209 | errors.ssn_or_country.missing | The country is missing |
| 211 | errors.missing_or_invalid.ssn | SSN error – missing SSN or invalid format |
| 212 | errors.missing_or_too_long.first_name | First Name error – missing first name or first name too long |
| 213 | errors.missing_or_too_long.last_name | Last Name error – missing last name or last name too long |
| 214 | errors.invalid.email | E-mail error – invalid e-mail format |
| 215 | errors.missing_or_invalid.phone_number | Cell phone number error – cell phone number missing or invalid characters |
| 216 | errors.missing_or_too_long.address_1 | Address line 1 error – missing address or address line 1 too long |
| 217 | errors.missing.address_2 | Address line 2 error – address line 2 too long |
| 218 | errors.missing_or_too_long.city | City error – city is missing or value too long |
| 219 | errors.missing_or_too_long.zip_code | Zip code error – zip code missing or value too long |
| 220 | errors.missing_or_invalid.country_code | Country code error – missing or invalid country code |
| 221 | errors.missing_or_invalid.amount_error | Amount error – missing amount or invalid value |
| 222 | errors.too_long.transaction_id | Transaction id error – value is too long |
| 223 | errors.must_be_submitted.ssn | SSN must be submitted |
| 224 | errors.invoice.credit_approval_failed | Credit approval failed |
| 225 | errors.invoice.credit_check | Credit check (SSN not found) |
| 226 | errors.invoice.credit_not_approved | Credit not approved |
| 227 | errors.invoice.amount.requested.lower_than_minimum_purchase_amount | Amount requested is lower than minimum purchase amount |
| 228 | errors.invoice.amount.requested.higher_than_maximum_purchase_amount | Amount requested is higher than maximum purchase amount |
| 229 | errors.invoice.amount.maximal_decimal | Amount value can have maximal {0} decimal places |
| 230 | errors.invoice.item.maximal_decimal | Item amount value can have maximal {0} decimal places |
| 231 | errors.item.total_amount_error | Total amount error – the total amount of items must be higher than zero |
| 232 | errors.item.notes_to_long | Notes error – notes for an item is too long |
| 233 | errors.missing_or_too_long.order_reference | Order reference error – missing order reference or it is too long |
| 234 | errors.invoice.account_error | Account class error – missing account class or invalid account class value |
| 235 | errors.invoice.account_class_error | Account Class error – specified AccountNumber has a different AccountClas / Account class error – missing account class or invalid account class value / Account class error – specified account class does not exist |
| 236 | errors.order.reference.error | Order reference error – missing order reference or it is too long |
| 237 | errors.invoice.credit_decision_process_failed | Credit decision process failed |
| 238 | errors.helper.ssn.invalid_format | SSN error – invalid format |
| 239 | errors.helper.ssn.must_be_submitted | SSN must be submitted |
| 240 | errors.helper.ssn.for_sweden_must_be_12_digits | SSN for Sweden must be 12 digits |
| 241 | errors.helper.ssn.address_is_available | Not available – SSN is valid but no address is available |
| 242 | errors.helper.ssn.have_a_value | Account number or SSN must have a value |
| 243 | errors.service_not_available | Service not available for the specified country |
| 244 | errors.invoice.no_account_exists | No account exists – use Approve Invoice/Loan first |
| 245 | errors.invoice.purchase_for_different_country | You are trying to make a purchase for different country, than what is assigned to branch market |
| 246 | errors.invoice.payment_terms_error | Payment terms error – specified payment terms code does not exist |
| 247 | errors.invoice.account_number_error | Account number error – invalid value |
| 248 | errors.invoice.account_was_overdrawn | Max. amount for the account was overdrawn |
| 249 | errors.invoice.execute.against.this.account | Cannot execute return against this account |
| 250 | errors.password_length | Password length must be at least 6 characters |
| 251 | errors.customer_not_found | Customer not found! Probably due to customer with SSN = {0} is not client of {1} |
| 252 | errors.request.json_error | API request error |
| 253 | errors.request.bad_format | Bad format of request data. For example, the data is not in valid JSON format. |
| 254 | errors.items.not_array | Items is not an array |
| 255 | errors.items.description_missing | Item description is missing |
| 256 | errors.items.notes_missing | Items notes is missing |
| 257 | errors.items.amount_missing | Amount is missing |
| 258 | errors.items.description_too_long | Items description is too long |
| 259 | errors.items.amount_not_valid | Items amount is not valid |
| 260 | errors.items.transaction_amount_mismatch | Items total amounts does not match transaction amount |
| 261 | errors.rules_parser.declined | Declined by rule engine. For example, if you have implemented a specific rule to accept e.g. only debit cards, the rule engine will decline all credit cards with this error code |
| 262 | errors.request.json_errors | Something is wrong with the JSON object |
| 263 | errors.invoice.denied_to_purchase | Customers are blocked for purchases by collector, please contact collector for more information. |
| 264 | errors.invoice.credit_check_denied | The credit check is not approved |
| 265 | errors.invoice.address_not_found | Address cannot be found for the specified customer |
| 266 | errors.invoice.reservation_not_approved | Reservation is not approved |
| 267 | errors.invoice.invalid_registration_number | Registration number is not in a correct format |
| 268 | errors.invoice.agreement_rules_validation_failed | Something with the use of the API is against the agreement with collector, please contact collector for information. |
| 269 | errors.invoice.unhandled_exception | If an unhandled error occurs, an unhandled exception will be thrown. In cases of these errors contact collector for help |
| 270 | errors.invoice.purchase_amount_greater_than_max_credit_amount | The total amount of an invoice or reservation cannot be greater than your maximum credit limit or the maximum credit limit for the country the purchase is made in |
| 271 | errors.invoice.activation_of_invoice_denied | Activation of an invoice is denied |
| 274 | errors.invoice.article_not_found | An article cannot be found. Both article id and description specified must be the same that was used during AddInvoice. If more than one article with the same article id but different unit price is added to the invoice, the unit price of the article must be specified. |
| 275 | errors.invoice.article_not_found_based_on_unitprice | Cannot locate the specified article based on the specified unit price. Make sure an article with the specified unit price exists |
| 276 | errors.invoice.authorization_failed | Could not authorize the request, check your login credentials. Please contact the collector for more help |
| 277 | errors.invoice.countrycode_mismatch_with_customer_address | The specified country code for the customer’s address doesn’t match the country code specified in the (base) request |
| 278 | errors.invoice.countrycode_mismatch_with_delivery_address | The specified country code for the customer’s delivery address doesn’t match the country code specified in the (base) request |
| 279 | errors.invoice.countrycode_mismatch_with_invoice_address | The specified country code for the customer’s invoice address doesn’t match the country code specified in the (base) request |
| 282 | errors.invoice.email_is_missing | The delivery method was set to email but the email field was not present in the request |
| 283 | errors.invoice.invalid_countrycode | Can be thrown when you try to request an address from another country than the one you are registered in |
| 284 | errors.invoice.invalid_credit_time_usage | Credit time cannot be used for the specific invoice type |
| 285 | errors.invoice.invalid_currency_code | The specified currency cannot be used. This exception can be thrown if you are registered in a country where the specified currency is not allowed to be used |
| 286 | errors.invoice.invalid_delivery_address_usage | Private customers aren’t allowed to have different invoice addresses and deliver addresses, they must be the same |
| 287 | errors.invoice.invalid_invoice_status | A pending invoice cannot be cancelled based on the stage it is in |
| 288 | errors.invoice.invalid_product_code | The product code cannot be found or the product is inactive |
| 289 | errors.invoice.invalid_quantity | The quantity of an article is too low or too high compared to the quantity or quantity left on the article |
| 291 | errors.invoice.invalid_transaction_amount | The amount may exceeds the total invoice amount, or the number of decimals has more than two digits after decimal (Can only have two digits after decimal) |
| 292 | errors.invoice.invoice_duedate_already_extended | The due date of the invoice has already been extended |
| 293 | errors.invoice.invoice_exceeds_available_reservation | The purchase sum of the invoice exceeds the available reservation amount |
| 294 | errors.invoice.invoice_extended_date_in_past | Attempting to extend due date by specifying a date in the past |
| 295 | errors.invoice.invoice_invalid_type | Invoice may be of the wrong type, some actions are not allowed to be performed on specific invoices. For example, you cannot extend the due date on an invoice that is not a direct invoice (delivered in the package) |
| 296 | errors.invoice.invoice_not_found | When the specified invoice number cannot be found. When trying to credit an invoice the invoice is already credited or not activated |
| 297 | errors.invoice.invoice_type_is_not_allowed_to_be_used | You aren’t allowed to use the specified invoice type |
| 298 | errors.invoice.mixed_currency | The article’s currency doesn’t match the currency on the invoice |
| 299 | errors.invoice.mobile_phone_is_missing | The mobile phone is missing, which is needed because of the chosen notification type |
| 300 | errors.invoice.not_allowed_to_send_notification_by_email | You aren’t allowed to send the specific invoice type by email |
| 301 | errors.invoice.not_allowed_to_send_notification_by_mail | You aren’t allowed to send the specific invoice type by postal mail |
| 303 | errors.invoice.purchase_not_found | An invoice cannot be found |
| 305 | errors.invoice.reservation_not_found | There was no reservation for the specified customer |
| 306 | errors.invoice.total_amount_must_be_positive | The amount of an invoice must be positive |
| 308 | errors.invoice.unique_article_not_found | When an article with the same article id is found several times but has different unit prices. The unit price must be specified also to locate the specific article |
| 309 | errors.invoice.validation_activation_option_value | The Activation Option field was not one of its allowed values |
| 310 | errors.invoice.validation_address1_length | The Address 1 field was too long |
| 311 | errors.invoice.validation_address2_length | The Address 2 field was too long |
| 312 | errors.invoice.validation_amount_parsing | The unit price or other kinds of amount fields could not be parsed. Make sure the amount is a decimal value and the number of decimals do not have more than two digits after decimal (Can only have two digits after decimal) |
| 313 | errors.invoice.validation_amount_range | The amount field was not within its allowed range |
| 314 | errors.invoice.validation_amount_required | The amount field was not present in the request |
| 315 | errors.invoice.validation_article_id_length | The ArticleId field was too long |
| 316 | errors.invoice.validation_article_id_required | An article is missing the ArticleId |
| 317 | errors.invoice.validation_article_list_required | The ArticleList field was not present in the request |
| 318 | errors.invoice.validation_cell_phone_number_length | The CellPhoneNumber field was too long |
| 319 | errors.invoice.validation_city_length | The City field was too long |
| 320 | errors.invoice.validation_city_required | The City field was not present in the request |
| 321 | errors.invoice.validation_client_ip_address_length | The ClientIpAddress field was too long |
| 322 | errors.invoice.validation_client_ip_address_required | The ClientIpAddress field was not present in the request |
| 323 | errors.invoice.validation_coaddress_length | The CoAddress field was too long |
| 324 | errors.invoice.validation_company_name_length | The CompanyName field was too long |
| 325 | errors.invoice.validation_cost_center_length | The CostCenter field was too long |
| 326 | errors.invoice.validation_country_code_length | The CountryCode field was too long |
| 327 | errors.invoice.validation_country_code_required | The CountryCode field was not present in the request |
| 328 | errors.invoice.validation_credit_date_required | The CreditDate field was not present in the request |
| 329 | errors.invoice.validation_credit_time_out_of_range | Credit time is out of range, can only be between 0 and 99 |
| 330 | errors.invoice.validation_currency_length | The Currency field was too long |
| 331 | errors.invoice.validation_currency_invalid | The specified currency may not be supported or is of an incorrect format (ISO 4217). Currency need to be at least three characters long and follow ISO 4217, e.g.SEK, DKK, NOK and EUR etc |
| 332 | errors.invoice.validation_currency_required | The Currency field was not present in the request |
| 333 | errors.invoice.validation_customer_number_length | The CustomerNumber field was too long |
| 334 | errors.invoice.validation_delivery_address_required | The DeliveryAddress field was not present in the request |
| 335 | errors.invoice.validation_description_length | The Description field was too long |
| 336 | errors.invoice.validation_email_invalid | The e-mail address is not a valid e-mail address |
| 337 | errors.invoice.validation_email_length | The Email field was too long. Can only be a maximum of 256 characters |
| 338 | errors.invoice.validation_error | Input data is not correct |
| 339 | errors.invoice.validation_first_name_length | The FirstName field was too long |
| 340 | errors.invoice.validation_gender_value | The Gender field was not one of its allowed values |
| 341 | errors.invoice.validation_invoice_address_required | The InvoiceAddress field was not present in the request |
| 342 | errors.invoice.validation_invoice_delivery_method_value | The InvoiceDeliveryMethod field was not one of its allowed values |
| 343 | errors.invoice.validation_invoice_number_length | The InvoiceNo field was too long |
| 344 | errors.invoice.validation_invoice_number_required | The InvoiceNo field was not present in the request |
| 345 | errors.invoice.validation_invoice_type_value | The InvoiceType field was not one of its allowed values |
| 346 | errors.invoice.validation_last_name_length | The LastName field was too long |
| 347 | errors.invoice.validation_order_date_required | The OrderDate field was not present in the request |
| 348 | errors.invoice.validation_order_number_length | The OrderNo field was too long |
| 349 | errors.invoice.validation_password_required | The Password field was not present in the request. |
| 350 | errors.invoice.validation_phone_number_length | The PhoneNumber field was too long |
| 351 | errors.invoice.validation_postal_code_length | The PostalCode field was too long |
| 352 | errors.invoice.validation_postal_code_required | The PostalCode field was not present in the request |
| 353 | errors.invoice.validation_quantity_range | The Quantity field was not within its allowed range |
| 354 | errors.invoice.validation_quantity_required | An article is missing its Quantity |
| 355 | errors.invoice.validation_reference_length | The Reference field was too long |
| 356 | errors.invoice.validation_registration_number_length | The RegNo field was too long |
| 357 | errors.invoice.validation_registration_number_required | The RegNo field was not present in the request |
| 358 | errors.invoice.validation_reserved_amount_parsing | The ReservedAmount field could not be parsed |
| 359 | errors.invoice.validation_reserved_amount_range | The ReservedAmount field was not within its allowed range |
| 360 | errors.invoice.validation_reserved_amount_required | The ReservedAmount field was not present in the request |
| 361 | errors.invoice.validation_unit_price_parsing | The UnitPrice field could not be parsed |
| 362 | errors.invoice.validation_unit_price_range | The UnitPrice field was not within its allowed range |
| 363 | errors.invoice.validation_username_required | The Username field was not present in the request |
| 364 | errors.invoice.validation_vat_parsing | The Vat field could not be parsed |
| 365 | errors.invoice.validation_vat_range | The Vat field was not within its allowed range |
| 366 | errors.invoice.validation_vat_required | The Vat field was not present in the request |
| 367 | errors.invoice.article_exists_but_other_information | Article can’t be added because an existing article exists but with another VAT |
| 368 | errors.invoice.customer_purchase_progress | A simultaneous purchase is already being processed for the customer |
| 400 | errors.stored_card.expires.missing | Stored card expiration date missing |
| 2084 | errors.trustly.message_id_duplicate | Message id duplicate |
| 2085 | errors.trustly.invalid_credentials | Credentials are invalid |
| 2086 | errors.trustly.malformed_notificationurl | The NotificationURL sent in the request is malformed. It must be a valid http(s) address |
| 2087 | errors.trustly.invalid_ip | The IP attribute sent is invalid. Only one IP address can be sent |
| 2088 | errors.trustly.insufficient_funds | The merchant does not have enough balance on his/her Trustly account to execute the refund |
| 2089 | errors.trustly.disabled_user | The user account is disabled |
| 2090 | errors.ssn_token.failed | SSN token failed |
| 2091 | errors.metadata.invalid | Metadata is invalid |
| 2301 | errors.item.missing_or_too_long.description | Description error – the description of an item is missing or is too long |
| 2502 | errors.items.vat_missing | Item vat is missing or not valid |
| 2503 | errors.items.artno_missing | Item artno is missing |
| 2511 | errors.items.qty_missing | Item quantity is missing or not valid |
| 2512 | errors.items.notes_too_long | Items notes are too long |
| 2610 | errors.rules_parser.skip_webhook | Rule parsers are skipped |
| 4001 | errors.stored_card.store.declined | Card could not be stored |
| 4002 | errors.stored_card.token.invalid | Stored card token is invalid |
Language
The API supports responses in Swedish and English so if you specify locale=sv or locale=en either as a parameter that you send in or int the query you will receive error messages in the desired language.
FAQ
Looking for an answer to your question?
Head over to our Help Centre for more detailed frequently asked questions.