Want to become an integrator? Contact us at [email protected]. We are excited to get you up and running.
In order to begin using ClientPay API, you need:
integratorKey - Key unique to you, the integrator.
accountKey - Key unique to the shared customer between us. (Specifically, this key ties to that customer's merchant account. If a customer has more than one merchant account, they could have more than one account Key.)
accountPin - Additional security for the accountKey
You will use those 3 pieces of data to acquire an accessId. Access IDs do not expire and are required in order to make any ClientPay API call.
Some API calls require a requestId, which is a unique identifier for each request, in addition to an accessId. You will need to get a new request ID for each call in order to ensure you're not making duplicate requests.
Here’s a walkthrough of how to Authenticate via ClientPay.
- POST New Access ID will generate an accessId with your integratorKey, accountKey, and accountPin. This will also expire your current accessId if you already have one and issue a new one.
- POST Current Access ID will return your current accessId if you forget it.
- POST Validate Access ID will return if your accessId is expired, or not.
- POST Expire Access ID will expire your accessId.
- POST Generate Request ID will accept an AccessId and return a requestId. Many calls will require a requestId in addition to an accessId.
All URLs referenced in this documentation will have the following base:
If you are looking to test in our sandbox environment, the base URL will be https://api.sandbox.clientpay.com
Please note that, starting with version 2.0, the version number will be part of the path. (So all v2.0 API endpoints will have a base URL of https://api.clientpay.com/v2.
For simplicity's sake, the ClientPay API supports just one type of method:
Create new resources with a POST request. For instance, make a POST request to populate an invoice payment page with transaction data.
In order to test the Invoice or Payment API call, here are some test cards to use:
All API methods have a valid certificate. Make sure your connection library supports HTTPS.
Anyone involved with the processing, transmission, or storage of credit card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). ClientPay is Level 1 PCI Compliant.
Make sure to serve your payment pages using Transport Layer Security (TLS) so that they take advantage of HTTPS.
If you'd like to test our API calls in a Sandbox environment, become an integrator and we'll set you up!
We enjoy connecting with our customers so we do not publish our terms/agreements. Instead, we engage them with a tailored contract to suit their needs.
Updated almost 2 years ago