ACI Payments API (1.0.0)

Download OpenAPI specification:

API for processing payments, fraud checks, transaction queries and reporting.

All request bodies are JSON. Amounts use a dot as decimal separator and are sent as strings.

Payments

Payment processing operations.

Create Payment

Initiates a payment transaction (PA, DB, CD, CP, RV or RF).

Authorizations:
bearerAuth
query Parameters
entityId
required
string <= 32 characters

The channel (or merchant, if channel dispatching is active) entity identifier authorising the request.

Request Body schema: application/json
required
amount
required
string

Indicates the amount of the payment request. The dot is used as decimal separator. The amount is the only amount value which is processing relevant. All other amount declarations like taxAmount or shipping.cost are already included. Format: N10.N2

taxAmount
string

Indicates the tax amount of the payment request. The dot is used as decimal separator. Format: N10.N2

discountAmount
string

L3 Card data invoice level discount amount Format: N10.N2

currency
required
string <= 3 characters

The currency code of the payment request's amount (ISO 4217). Format: A3

paymentBrand
string <= 32 characters

The brand specifies the method of payment for the request. This is optional if you want to use brand detection for credit cards, if not then it is mandatory. Format: AN32

paymentType
required
string <= 2 characters

The payment type for the request. You can send payment requests with one of the following types:

  • PA, Preauthorization: A stand-alone authorisation that will also trigger optional risk management and validation. A Capture (CP) with reference to the Preauthorisation (PA) will confirm the payment..
  • DB, Debit: Debits the account of the end customer and credits the merchant account.
  • CD, Credit: Credits the account of the end customer and debits the merchant account.
  • CP, Capture: Captures a preauthorized (PA) amount.
  • RV, Reversal: Reverses an already processed Preauthorization (PA), Debit (DB) or Credit (CD) transaction. As a consequence, the end customer will never see any booking on his statement. A Reversal is only possible until a connector specific cut-off time. Some connectors don't support Reversals.
  • RF, Refund: Credits the account of the end customer with a reference to a prior Debit (DB) or Credit (CD) transaction. The end customer will always see two bookings on his statement. Some connectors do not support Refunds. Format: A2
integrity
boolean

If true, the SRI hash of the payment script will be calculated and returned in the response. This is needed to allow the browser to check the integrity of the script in accordance with PCI requirements. For more information refer to Scripts compliance page Format: A5

object

Override the payment type for specific brands, e.g. overridePaymentType[KLARNA_INVOICE]=PA. Only accepted during checkout creation.

descriptor
string <= 127 characters

Can be used to populate all or part of the Merchant Name descriptor, which often appears on the first line of the shopper's statement. The full use of this field depends on the Merchant Account configuration. NOTE: merchant.name can override any data sent in this field. Format: AN127

merchantTransactionId
string <= 255 characters

Merchant-provided reference number, should be unique for your transactions. Some receivers require this ID. This identifier is often used for reconciliation. Format: AN255

merchantInvoiceId
string <= 255 characters

Merchant-provided invoice number, should be unique for your transactions. This identifier is not sent onwards. Format: AN255

merchantMemo
string <= 255 characters

Merchant-provided additional information. The information provided is not transaction processing relevant. It will appear in reporting only. Format: AN255

transactionCategory
string <= 32 characters

The category of the transaction, possible values are:

  • EC - eCommerce
  • MO - Mail order
  • TO - Telephone order
  • PO - pos
  • PM - mpos
  • MOTO - Mail order Telephone order Format: AN32
sequence
string

Additional field sent by Merchant to indicate last transaction for CP, RV, RF etc. sequence=FINAL indicates this is the last transaction.

numberOfCaptures
integer

Sets the maximum number of possible partial Captures. The numberOfCaptures parameter is supported only when the Preauthorization (PA) request creates a new registration. If a PA request references an existing registration, the numberOfCaptures parameter is not supported and the request will be rejected. Format: N2

promotionCode
string <= 15 characters

Discount code applied at the Order level. There will be 1 Promotion Code per order. Format: AN15

locale
string <= 10 characters

Sets the language/country. Examples : "de-AT", "en-US". etc Note: Check the requirements of the connector you are integrating in your shop to understand which language/country that connector supports. Format: AN10

transactionPurposeCode
string <= 12 characters

Visa AFT and Visa OCT transactions destined for recipients in the countries Argentina, Bangladesh, Chile, Colombia, Egypt, and India, must include this field. Purpose of payment codes can be entered according to the regulatory or country requirements of the recipient issuer. Format: AN12

integrationType
string <= 10 characters

Integration Type Format: AN10

transactionBai
string <= 2 characters

Used for Visa Direct (AFT and OCT) Business Application ID Format: AN2

transactionTti
string <= 3 characters

Used for Mastercard Send (Funding and Payment) Transaction Type Identifier Format: AN3

transactionProcessingCode
string

Used to flag the type of transaction. PURCHASE - default value, used for regular purchase transactions. FUNDING - used for Visa AFT or Mastercard funding transactions. PAYMENT - used for Visa OCT or Mastercard payment transactions. PURCHASE| FUNDING| PAYMENT

lifecycleId
string <= 35 characters

Lifecycle Id Used by Mastercard to enable consistent linking of the original authorization with subsequent lifecycle related transactions through the Transaction Link Identifier (TLID) (for example, incremental authorizations, reversals, and captures). Format: AN35

referenceUuid
string <= 32 characters

The referenceUuid parameter provides a parameterized alternative for referencing an existing transaction by its UUID within a payment request on /v1/payments, instead of using the endpoint‑based reference /v1/payments/{UUID}. When provided, the platform validates the UUID and links the new request to the original payment authorization; if no matching transaction is found, the request fails with a validation error. This parameter is used for REAUTHORIZATION and INCREMENTAL_AUTH. Format: AN32

transactionDueDate
string <date>

The due date of the transaction of the direct debit. AN10 {19|20)([0-9]{2})-(0[1-9]|1[0-2])-(0[1-9]|1[0-9]|2[0-9]|3[0-1]}

createRegistration
boolean

If true, the payment details will be stored with the request. As part of the response, you will receive the parameter registration.id which you can use to reference the registration for later payments. Format: A5

overrideHolder
boolean

If true, it allows to send in the card.holder or bankAccount.holder to override the empty holder from the registration/tokenization transaction. It applies only to that particular payment and does not change the holder value of the registration transaction. For one-click payment, the edit box appears as the replacement over the empty label to allow the user to input the new value for the holder. This parameter is available on prepare (and update) checkout step of as well as when sending the payment over registration one-click payment Server-to-Server. Format: A5

shopperResultUrl
string <= 2048 characters

This URL will receive the result of an asynchronous payment. It is used to redirect the shopper to the merchant’s website or application. Must be sent URL encoded and only absolute URLs are supported. Format: AN2048

notificationUrl
string <= 2048 characters

Deprecated. Please follow webhooks configuration and don’t use the request parameter “notificationUrl”. Due to the huge variety of payment workflows and checkout options, the notificationUrl parameter is not fully compatible with all activities. Please use webhook notifications instead. This URL will receive the asynchronous notification where applicable. It is used to receive the transaction status update on asynchronous payments. Must be sent URL encoded. . Format: AN2048

chargebackResultCode
string

The chargeback reason code for the chargeback as received separately from the acquirer. See the chargeback result codes for more detailed information.

object (Forex)
object (Card)
object (BankAccount)
object (VirtualAccount)
object (TokenAccount)
object (ApplePay)
object (GooglePay)
object (SamsungPay)
object (Customer)
object (BillingAddress)
object (ShippingAddress)
object (Merchant)
object (Corporate)
object (Sender)
object (Recipient)
object (Cart)
object (MarketPlace)
object (Airline)
object (ThreeDSecure)
object (RecurringMigration)
object (Risk)
object (POS)
object (GiftCard)
object (Scheduling)
object (StandingInstruction)
object (Tokenization)
object

Custom unspecified key-value fields echoed back in the response.

Responses

Callbacks

Request samples

Content type
application/json
{
  • "amount": "string",
  • "taxAmount": "string",
  • "discountAmount": "string",
  • "currency": "str",
  • "paymentBrand": "string",
  • "paymentType": "st",
  • "integrity": true,
  • "overridePaymentType": {
    },
  • "descriptor": "string",
  • "merchantTransactionId": "string",
  • "merchantInvoiceId": "string",
  • "merchantMemo": "string",
  • "transactionCategory": "string",
  • "sequence": "string",
  • "numberOfCaptures": 0,
  • "promotionCode": "string",
  • "locale": "string",
  • "transactionPurposeCode": "string",
  • "integrationType": "string",
  • "transactionBai": "st",
  • "transactionTti": "str",
  • "transactionProcessingCode": "string",
  • "lifecycleId": "string",
  • "referenceUuid": "string",
  • "transactionDueDate": "2019-08-24",
  • "createRegistration": true,
  • "overrideHolder": true,
  • "shopperResultUrl": "string",
  • "notificationUrl": "string",
  • "chargebackResultCode": "string",
  • "forex": {
    },
  • "card": {
    },
  • "bankAccount": {
    },
  • "virtualAccount": {
    },
  • "tokenAccount": {
    },
  • "applePay": {
    },
  • "googlePay": {
    },
  • "samsungPay": {
    },
  • "customer": {
    },
  • "billing": {
    },
  • "shipping": {
    },
  • "merchant": {
    },
  • "corporate": {
    },
  • "sender": {
    },
  • "recipient": {
    },
  • "cart": {
    },
  • "marketPlace": {
    },
  • "airline": {
    },
  • "threeDSecure": {
    },
  • "recurringMigration": {
    },
  • "risk": {
    },
  • "pos": {
    },
  • "giftCard": {
    },
  • "job": {
    },
  • "standingInstruction": {
    },
  • "tokenization": {
    },
  • "customParameters": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "referencedId": "string",
  • "paymentBrand": "string",
  • "amount": "string",
  • "currency": "str",
  • "descriptor": "string",
  • "result": {
    },
  • "resultDetails": {
    },
  • "card": {
    },
  • "merchant": {
    },
  • "risk": {
    },
  • "Other": "string",
  • "buildNumber": "string",
  • "timestamp": "2019-08-24T14:15:22Z",
  • "ndc": "string",
  • "brandResult": "string",
  • "redirect": {
    }
}

Callback payload samples

Callback
POST: Webhook notification
Content type
application/json
{
  • "type": "string",
  • "action": "string",
  • "payload": "string",
  • "presentationAmount": "string",
  • "presentationCurrency": "str"
}

Fraud

Fraud and risk analysis.

Fraud Check

Sends transaction data for stand-alone fraud / risk analysis.

Authorizations:
bearerAuth
Request Body schema: application/json
required
entityId
required
string <= 32 characters

The unique identifier for the entity making the request. This is an API-level field used for authentication. Format: AN32

merchantTransactionId
string <= 40 characters

The transaction ID assigned by the merchant for this transaction. Format: AN40

schemeTransactionId
string <= 60 characters

The transaction ID assigned by the scheme for this transaction. Format: AN60

required
object (Risk)
object (Card)
binData
object

Extended issuer information derived from BIN data (e.g., issuer name and country). Object

object (BankAccount)
object (VirtualAccount)
object (ThreeDSecure)
object (Merchant)
object (Customer)
object (ShippingAddress)
object (BillingAddress)
object (Corporate)
payment
object

Additional payment details for bank-to-bank transactions (e.g., payment reference, destination account). Object

transactionCategory
required
string

The transaction category. Allowed values: ACH, BPY, EC, IN, MO, RP, TO, PO, PM, MOTO, VN String (enum)

category
string <= 32 characters

A more descriptive, human‑readable category (e.g., akin to an MCC). Format: AN32

paymentType
required
string

The payment type for the request. Allowed values: AV, CD, CP, DB, PA, PY, RF, RV, TR String (enum)

amount
string

The transaction amount as a string. amountString

currency
required
string

ISO 4217 alphabetic currency code. currencyCodeAlpha

authorizationDateTime
string <date-time>

The date and time the transaction was authorized (RFC 3339), expected UTC. date-time (RFC 3339)

authorizationResponseCode
string <= 2 characters

Response code from the card authorizer (typically 2 characters). Format: AN2

paymentBrand
string <= 32 characters

Brand of the payment card (e.g., Visa, Mastercard, Amex). Format: AN32

object (GiftCard)
object (Cart)
object (Airline)

Responses

Request samples

Content type
application/json
{
  • "entityId": "string",
  • "merchantTransactionId": "string",
  • "schemeTransactionId": "string",
  • "risk": {
    },
  • "card": {
    },
  • "binData": { },
  • "bankAccount": {
    },
  • "virtualAccount": {
    },
  • "threeDSecure": {
    },
  • "merchant": {
    },
  • "customer": {
    },
  • "shipping": {
    },
  • "billing": {
    },
  • "corporate": {
    },
  • "payment": { },
  • "transactionCategory": "string",
  • "category": "string",
  • "paymentType": "string",
  • "amount": "string",
  • "currency": "string",
  • "authorizationDateTime": "2019-08-24T14:15:22Z",
  • "authorizationResponseCode": "st",
  • "paymentBrand": "string",
  • "giftCard": {
    },
  • "cart": {
    },
  • "airline": {
    }
}

Response samples

Content type
application/json
{
  • "result": {
    },
  • "risk": {
    }
}

Reporting

Query and reconciliation reporting.

Query Transactions

Query previously processed transactions (OPP query requests).

Authorizations:
bearerAuth
query Parameters
entityId
required
string <= 32 characters
merchantTransactionId
string <= 255 characters

The merchant reference sent in the request. Normally used to identify an order in the order management system and used as end-to-end identifier for reconciliation. It cannot be used when query for a time frame using date.from/date.to parameters Format: AN255

limit
integer

The maximum number of transactions to be returned in query response. Numeric values between 100 and 500. If the value is not set explicitly, the system will use 100 as default value.

date.from
string <date>

The start timestamp from which transactions should be queried. Should be used together with the end of interval date.to. yyyy-MM-dd HH:mm:ss

date.to
string <date>

The end timestamp before which transactions should be queried. Should be used together with the start of interval date.from. yyyy-MM-dd HH:mm:ss

paymentTypes
string

Indicates payment types by which transactions should be filtered. Possible values are: CB,CD,CR,DB,CP,IV,PA,RB,RC,RF,RL,RV,AD,IN,FI,CL,CF,DR,RG,RR,TE,CT,DS, RS,SD,AC,MD,EA,RI,3D,SA,EN,ID,IC,DP,CG,TG,SF,IS,VD,DV,AF,GK,RD,TM,FT, KT,AR,AL,PL,FN,FZ,RE,RX,FO,CS,EX,SE,AU,TK,TF,ER Comma separated list of payment types paymentTypes=PA,DB

paymentMethods
string

Indicates payment methods by which transactions should be filtered. Possibile values are: DD,CT,CC,WA,VA,UA,OT,DC,ET,NT,IV,PP,OD,RM Comma separated list of payment methods paymentMethods=CC,RM

includeLinkedTransactions
boolean

Indicates whether all transactions linked with one provided in query request should be returned in a response.

shortId
string <= 14 characters

Indicates the shortId by which the transactions should be filtered Format: AN14

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "referencedId": "string",
  • "paymentBrand": "string",
  • "amount": "string",
  • "currency": "str",
  • "descriptor": "string",
  • "result": {
    },
  • "resultDetails": {
    },
  • "card": {
    },
  • "merchant": {
    },
  • "risk": {
    },
  • "Other": "string",
  • "buildNumber": "string",
  • "timestamp": "2019-08-24T14:15:22Z",
  • "ndc": "string",
  • "brandResult": "string",
  • "redirect": {
    }
}

Reporting

Retrieve reconciliation / reporting data.

Authorizations:
bearerAuth
query Parameters
entityId
required
string <= 32 characters
date.from
required
string <date>

The date from which the report data should start AN10 {19|20)([0-9]{2})-(0[1-9]|1[0-2])-(0[1-9]|1[0-9]|2[0-9]|3[0-1]}

date.to
required
string <date>

The date on which the report data should end AN10 {19|20)([0-9]{2})-(0[1-9]|1[0-2])-(0[1-9]|1[0-9]|2[0-9]|3[0-1]}

sortValue
string

The value based on which Detail Level settlement report is sorted SettlementTxDate

sortOrder
string
Enum: "ASC" "DESC" "asc" "desc"

The order in which Detail Level settlement report output is sorted

Responses

Response samples

Content type
application/json
[
  • {
    }
]