Pay API

What is Pay API?

Pay API allows you to include card details directly in payment API requests, bypassing the need for pay sessions or tokens. While we recommend using Prahsys sessions and tokenization to avoid handling sensitive card information on your servers, Pay API gives you complete control over the payment flow when your application requires it. All you need to do is pass the card details directly in the request body under the payment.billing.card field. Doing so let's you process a payment in a single API call.

❗️

Using Pay API means customer card information passes through your servers, which increases your PCI Compliants requirements and security responsibilities.

Alternatives

Prahsys offers several ways to process payments without you ever needing to touch sensitive customer information. If you still want the control and flexibility that comes with using the API transactions but without collecting card details directly, then consider using Pay Session. Prahsys can collect the sensitive data via iframes in your front-end and store it securely. Then when you're ready to make an API request via your back-end, you can just reference the session id without providing any card info directly. For repeat transactions, you can have Prahsys tokenize the card details which were used in a session. We'll store the sensitive data and you only need to save the token (learn more about Tokenization). If you want a turn-key solution requiring the least amount of effort to implement, check out our Pay Portal.

Billing

You can provide card info to the Prahsys API by including it under the "card" attribute of a "billing" object. For all requests besides tokenization, billing info is provided under the "payment" field of the request body.

payment: {
  billing: {
    card: {
      number: "4111111111111111",
      expiry: {
        month: "12",
        year: "25",
      },
      securityCode: "123",
    },
  },
}

Use Test Payment Cards for testing Pay API operations when testing in the SANDBOX environment.