Payout API
This document provides a comprehensive guide to integrating with the Card Payout API. This API enables businesses to transfer funds directly to recipients' credit and debit cards. It covers endpoint details, request/response formats, authentication, and best practices for secure and efficient card disbursements.
API Endpoint
Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
wallet_id | String | Wallet ID of the user | Yes |
first_name | String | First name of the cardholder | Yes |
last_name | String | Last name of the cardholder | Yes |
email | String | Email address of the user | Yes |
address | String | Billing address | Yes |
country | String | Country code (ISO 3166-1 alpha-3 format) | Yes |
city | String | City of the cardholder | Yes |
state | String | State of the cardholder | Yes |
zip | String | ZIP or postal code | Yes |
ip_address | String | IP address of the user | Yes |
phone_number | String | Phone number of the cardholder | Yes |
amount | Number | Transaction amount in smallest currency unit | Yes |
currency | String | Currency code (ISO 4217 format) | Yes |
card_number | String | Credit/Debit card number | Yes |
card_expiry_month | String | Expiry month of the card (MM format) | Yes |
card_expiry_year | String | Expiry year of the card (YYYY format) | Yes |
webhook_url | String | URL for server-to-server webhook notifications | NO |
order_id | String | Unique order from merchant side | NO |
terminal_id | String | Connector unique terminal_id (It's usefull when you want to process transaction on specific connector) | NO |
Payload
The payload should be sent in JSON format. Below is the structure of the payload:
Test Cards
For testing your integration, you can use the following test cards:
Success Test Cards
These cards will always result in successful payout transactions:
- 4222222222222222
- 5111222233334444
Failed Test Cards
These cards will always result in failed payout transactions:
- 4333333333333333
- 5222333344445555
Transaction Limits
Please note that any transaction with an amount greater than 1000 will be automatically declined due to insufficient funds. This limit is in place for testing purposes to help you validate your error handling logic.
Example Responses
Success Response
Error Response
Redirect URL Handling
In certain scenarios, the API response may include a redirect_url field. This occurs in specific cases where additional information or verification is required to complete the payout transaction. When present, your application should redirect the user to this URL to provide the necessary additional data.
{
"status": "PENDING",
"message": "Additional verification required",
"redirect_url": "https://backend.pay.agency/api/v1/test/payout/verification/FS0186280974141637",
"data": {
// transaction details
}
}This is a rare occurrence and typically happens when the payment processor requires extra verification steps for certain transactions or in specific regions.
Integration Examples
The API uses AES-256-CBC encryption to ensure secure transmission of sensitive data. Before sending the payload, you need to encrypt it using your encryption key and a dynamically generated initialization vector (IV). The encrypted payload and the IV must be sent to the API for proper decryption on the server side. This ensures that sensitive details, such as card information, remain secure during transit.
Each integration example demonstrates:
- How to encrypt the payload using AES-256-CBC.
- How to generate a random IV.
- How to include both the encrypted data and the IV in the API request.
Encryption Key in Settings
The encryption key, used for securing sensitive data, can be found on the Settings page. This key is essential for encryption and decryption processes, ensuring data confidentiality. Make sure to store it securely and avoid sharing it with unauthorized users.