Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 27 Current »

To be granted access to this API, you will be required to be PCI-DSS certified. For further inquiries, please reach out to integrations@monnify.com

Charge Cards

Monnify allows you to charge your customers who make one-time payments through the use of their cards. To charge a card you will need to make a request to the endpoint below:

This endpoint is protected with OAuth 2.0 Bearer token. To find out more about authorization for Monnify endpoints, check Here

Endpoint URL: {{base_url}}/api/v1/merchant/cards/charge

HTTP Method: POST

The {{base_url}} for test is https://sandbox.monnify.com but when you go live, it changes to the live url

Sample Request Body

{
    "transactionReference": "MNFY|20190514172736|000001",
    "collectionChannel": "API_NOTIFICATION",
    "card": {
        "number": "4111111111111111",
        "expiryMonth": "10",
        "expiryYear": "2022",
        "pin": "1234",
        "cvv": "122"
    },
    "deviceInformation": {
        "httpBrowserLanguage":"en-US",
        "httpBrowserJavaEnabled":false,
        "httpBrowserJavaScriptEnabled":true,
        "httpBrowserColorDepth":24,
       "httpBrowserScreenHeight":1203,
       "httpBrowserScreenWidth":2138,
      "httpBrowserTimeDifference":"",
      "userAgentBrowserValue":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)     Chrome/105.0.0.0 Safari/537.36"
   }
}

The response that will be gotten depends on the kind of card used for the transaction. There are cards charged with the use of an OTP, without an OTP, and also with 3DS Secure Authentication. See sample response for each scenario. An extra mandatory object parameter(deviceInformation) is required to capture the user’s device information.


Sample Response (with no OTP)

{
    "requestSuccessful": true,
    "responseMessage": "success",
    "responseCode": "0",
    "responseBody": {
        "status": "SUCCESS",
        "message": "Transaction Successful",
        "transactionReference": "MNFY|54|20210429142557|000206",
        "paymentReference": "1619702756719",
        "authorizedAmount": 2000.00
    }
}

Sample Response (with OTP)

{
    "requestSuccessful": true,
    "responseMessage": "success",
    "responseCode": "0",
    "responseBody": {
        "status": "OTP_AUTHORIZATION_REQUIRED",
        "message": "OTP Authorization required",
        "otpData": {
            "id": "2000.00-e944ba213f0acbc90a16b292ba353b2f",
            "message": "Please enter OTP. Use 123456 as token"
        },
        "transactionReference": "MNFY|54|20210429142945|000208",
        "paymentReference": "1619702984105",
        "authorizedAmount": 1000
    }
}

Sample Response (For 3DS Secure Authentication)

{
    "requestSuccessful": true,
    "responseMessage": "success",
    "responseCode": "0",
    "responseBody": {
        "status": "BANK_AUTHORIZATION_REQUIRED",
        "secure3dData": {
            "id": "929852951",
            "redirectUrl": "https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp",
            "callBackUrl": "https://webpay.interswitchng.com/collections/api/v1/pay/cardinalCallBack",
            "eciFlag": "07",
            "termUrl": "https://webpay.interswitchng.com/collections/api/v1/pay/cardinalCallBack",
            "acsUrl": "https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp",
            "transactionId": "AUABZBg92SV1NvdaJH40",
            "paymentId": "929852951",
            "method": "POST",
            "jwt": "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIxZDQwYjdlYi1kZTI4LTQzMmQtYTUyOS0zMmQxMWYwNjY5YmUiLCJpYXQiOjE2NzAzMDY5MzQsImlzcyI6IjYyZGI3ZTdkMDFjYWU2MzcxOWM2ZGEwYiIsIk9yZ1VuaXRJZCI6IjVkYzJhN2Q2NjY1NmMyMDU0MDllOTc4MiIsIlJldHVyblVybCI6Imh0dHBzOi8vd2VicGF5LmludGVyc3dpdGNobmcuY29tL2NvbGxlY3Rpb25zL2FwaS92MS9wYXkvY2FyZGluYWxDYWxsQmFjayIsIlJlZmVyZW5jZUlkIjoiTU5GWXw4MXwyMDIyMTIwNjA3MDgyOXwwNzg1NTciLCJQYXlsb2FkIjp7IkFDU1VybCI6Imh0dHBzOi8vYXV0aGVudGljYXRpb24uY2FyZGluYWxjb21tZXJjZS5jb20vVGhyZWVEU2VjdXJlL1YyXzFfMC9DUmVxIiwiUGF5bG9hZCI6ImV5SnRaWE56WVdkbFZIbHdaU0k2SWtOU1pYRWlMQ0p0WlhOellXZGxWbVZ5YzJsdmJpSTZJakl1TVM0d0lpd2lkR2h5WldWRVUxTmxjblpsY2xSeVlXNXpTVVFpT2lJMU9UQTFOemd4TmkwNU5qa3hMVFExTURNdE9EWXdOeTA1TURBNVl6YzNabVpoTkRFaUxDSmhZM05VY21GdWMwbEVJam9pTldKbE9HSTVNVFV0T1RWbFpTMDBPREU0TFdJd01tVXROVEF4TTJFMVlURmpZelkxSWl3aVkyaGhiR3hsYm1kbFYybHVaRzkzVTJsNlpTSTZJakF5SW4wIiwiVHJhbnNhY3Rpb25JZCI6IkFVQUJaQmc5MlNWMU52ZGFKSDQwIn0sIk9iamVjdGlmeVBheWxvYWQiOnRydWV9.P4Tw91_mzfwFtHnYZYjFT564j-K7E4iJVPUhaICFx3I",
            "md": "929852951"
        },
        "transactionReference": "MNFY|20190514172736|000001",
        "paymentReference": "uk--p9lloo99-jj00000000",
        "authorizedAmount": 20.0
    }
}

From the above response, the redirectUrl similar to the ascUrl is the url that takes the user to the VISA card website that has an input form to enter OTP sent to the user's phone number.

For those using the API method, the backend sends the ascUrl, TermUrl,md and the jwt response parameters to the frontend which runs an onload html form that redirects the user to VISA website.

<body onload ='form1.submit()'>
    <form id="form1" action=ACSUrl method="post">
      <input name="TermUrl" value={TermUrl}>
      <input name="MD" value={MD}>
      <input name="JWT" value={jwt}>
    </form>
</body>

Frontend posts an Html form that redirects to the VISA card website to collect OTP sent to the user’s phone. After the OTP verification is completed on the VISA card endpoint, it makes a post request to the callback URL, which is similar to what is given in the TermUrl(It’s also possible to replace the TermUrl with your own URL so as to know when OTP verification process ends).

Finally, to authorize the charge on the user’s card, you make an authenticated post request (containing your transaction reference, collection channel, api key, and card details) to the authorized endpoint. Check 3DS Secure Authentication on how to authorize the charge.


Field Parameters

Field

Description

transactionReference

Unique reference generated for the transaction by Monnify

collectionChannel

"API_NOTIFICATION" only enabled merchants can access resource

card

Object containing card information

number

Card number

expiryMonth

Card expiration month

expiryYear

Card expiration year

pin

Card pin from card owner

cvv

Security code behind card

tokenId

Token id from the request response (otpData.id)

token

OTP from card owner (use 12345 for test card)

  • No labels