API ​
Introduction ​
To offer an easy-to-use experience, we offer libraries in Shell, Python, Perl or PHP and the list keeps getting longer
Code examples are displayed in each section. Tabs available in the menu allow you to switch them to various programming languages.
The API is available at https://api.stancer.com/
and supports TLS 1.2, *HTTP/1.1 ** and * HTTP/2.
INFO
This documentation uses httpie
(https://httpie.io/) for shell examples, and our libraries for PHP, Python & Perl examples.
Key concepts ​
The API is available at https://api.stancer.com and supports TLS 1.2, HTTP/1.1 and HTTP/2 requests.
The same API can be used to access live
resources processing real payments and payment methods, but also test
resources for your software development and debug purpose. Our API service use API keys to authenticate requests. You can register for an API key at our website. API keys are in the form of sprod_xxx
for your live
requests and stest_xxx
for your test
ones. Corresponding public keys are pprod_xxx
and ptest_xxx
.
The authentication to the API is performed via HTTP Basic Auth. You must use your API key as username and provide no password.
We advise you to use the basic auth mecanism of your HTTP toolkit, but if you need to handle it manually, as specified in HTTP Basic Auth RFC, you need to encode your API key in base64 before sending the corresponding authenticationc token in an Authorization
HTTP header. For example, if your API key is sprod_xxx
, you need to encode sprod_xxx:
(remember, empty password) in base64 (given c3Byb2RfeHh4Og==
) then send a Authorization: Basic c3Byb2RfeHh4Og==
HTTP header.
This documentation focus on common use case workflows. For more comprehensive or technical documentation, please refer to our OpenAPI or Redoc documentation.
Create payments ​
Through integrated payment page ​
$ http --auth stest_xxx: https://api.stancer.com/v2/customers/ \
name="Foo Bar" email=foo.bar@example.org
{
"id": "cust_xxx",
…
}
$ http --auth stest_xxx: https://api.stancer.com/v2/payments/ \
currency=eur amount=100 customer=cust_xxx description="Test payment" auth=True
{
"id": "paym_xxx",
…
}
To create a payment, use the POST /v2/payments route. You need to at least provide a currency and an amount.
If you want to associate the payment with a customer, you can use the customer
field and pass the corresponding cust_xxx
ID.
Note you currently have to force 3DS validation with the auth=true
parameter. Else your customer won't be able to proceed the payment as his bank will surely refuse a not authenticated payment.
You can now send your customer on the payment page located at https://payment.stancer.com/ptest_xxx/paym_xxx
. Replace public key and payment ID accordingly.
Once payment is created, you can modify it until capture for example to reflect a purchase change, using PATCH /v2/payments/{id} method.
$ http --auth stest_xxx: https://api.stancer.com/v2/payments/paym_xxx amount=200
Through API ​
$ http --auth stest_xxx: https://api.stancer.com/v2/cards/ \
name="Foo Bar" number=4242424242424242 exp_month=10 exp_year=2024 cvc=424
{
"id": "card_xxx",
…
}
$ http --auth stest_xxx: https://api.stancer.com/v2/payments/ \
currency=eur amount=100 customer=cust_xxx description="Test payment" \
card=card_xxx auth[return_url]=http://example.org
{
"id": "paym_xxx",
"auth": {
"redirect_url": "https://3ds.iliad78.net/v2/redirect/xxx",
…
}
…
}
If you prefer to collect by yourself the card number, you can process a payment directly and tokenize the sensible information with POST /v2/cards before using it elsewhere in API calls.
You need to specify a return_url
to handle 3DS authentication. At the end of the 3DS process, we will redirect your customer to this URL.
$ http --auth stest_xxx: https://api.stancer.com/v2/payments/paym_xxx
{
…
"auth": {
"status": "success"
}
}
$ http --auth stest_xxx: PATCH https://api.stancer.com/v2/payments/paym_xxx \
status=capture
Then send your customer on the given auth[redirect_url]
to proceed with 3DS. After the redirect to your return_url
, you need to check for authentication validity, then capture the payment if all is good.
API status code ​
Payment status ​
The status
field in the payment object indicates in which state is the payment.
Status | Meaning |
---|---|
The bank authorized the payment but the transaction will only be processed when the capture will be set to true | |
The amount of the payment have been credited to your account | |
The capture operation is being processed, the payment can not be cancelled anymore, refunds must wait the end of the capture process | |
The customer declined the payment after it have been captured on your account | |
The authorisation was not captured and expired after 7 days | |
The payment has failed, refer to the response field for more details | |
The payment has been refused | |
The bank authorized the payment, money will be processed within the day |
Authenticated payment status codes ​
The status
field in the auth object returns the authorisation state for an authenticated payment.
Status | Meaning |
---|---|
Customer was redirected to his bank for authentication | |
Customer strong authentication is possible | |
Authentication declined | |
Authentication sessions expired after 6 hours | |
Authentication failed | |
A strong authentication is awaiting for more information | |
Authentication succeeded, processing can continue | |
The strong authentication is not available for this payment method |
Payout status codes ​
The status
field in the payout explains in which state is the credit transfer which wires funds from Stancer to your bank.
Status | Meaning |
---|---|
The payout has been created and is awaiting for clearing | |
The payout is ready to be transfered | |
The payout has been sent out for processing | |
The payout credit transfer has been processed: funds have been received by your bank | |
The credit transfer has failed, please refer to you dashboard for more informations |
Card response codes ​
Code | Meaning |
---|---|
Successful approval/completion or that VIP PIN verification is valid | |
Refer to card issuer | |
Refer to card issuer, special condition | |
Invalid merchant or service provider | |
Pickup | |
Do not honor | |
General error | |
Pickup card, special condition (other than lost/stolen card) | |
Honor with identification | |
Request in progress | |
Partial approval | |
VIP approval | |
Invalid transaction | |
Invalid amount (currency conversion field overflow) or amount exceeds maximum for card program | |
Invalid account number (no such number) | |
No such issuer | |
Insufficient funds | |
Customer cancellation | |
Re-enter transaction | |
Invalid response | |
No action taken (unable to back out prior transaction) | |
Suspected Malfunction | |
Unable to locate record in file, or account number is missing from the inquiry | |
File is temporarily unavailable | |
Format error | |
Merchant should retain card (card reported lost) | |
Merchant should retain card (card reported stolen) | |
Insufficient funds | |
No checking account | |
No savings account | |
Expired card | |
Incorrect PIN | |
Card missing from file | |
Transaction not permitted to cardholder | |
Transaction not allowed at terminal | |
Suspected fraud | |
Activity amount limit exceeded | |
Restricted card (for example, in country exclusion table) | |
Security violation | |
Activity count limit exceeded | |
Response received too late | |
Allowable number of PIN-entry tries exceeded | |
Unable to locate previous message (no match on retrieval reference number) | |
Previous message located for a repeat or reversal, but repeat or reversal data are inconsistent with original message | |
’Blocked, first used’—The transaction is from a new cardholder, and the card has not been properly unblocked. | |
Visa transactions: credit issuer unavailable. Private label and check acceptance: Invalid date | |
PIN cryptographic error found (error found by VIC security module during PIN decryption) | |
Negative CAM, dCVV, iCVV, or CVV results | |
Unable to verify PIN | |
No reason to decline a request for account number verification, address verification, CVV2 verification; or a credit voucher or merchandise return | |
Issuer unavailable or switch inoperative (STIP not applicable or available for this transaction) | |
Destination cannot be found for routing | |
Transaction cannot be completed, violation of law | |
Duplicate transmission | |
Reconcile error | |
System malfunction, System malfunction or certain field error conditions | |
Server inaccessible | |
Authentication Required, you must do a card inserted payment with PIN code | |
Authentication Required, you must do a 3-D Secure authentication | |
Surcharge amount not permitted on Visa cards (U.S. acquirers only) | |
Force STIP | |
Cash service not available | |
Cashback request exceeds issuer limit | |
Decline for CVV2 failure | |
Invalid biller information | |
PIN change/unblock request declined | |
Unsafe PIN | |
Card authentication failed | |
Stop payment order | |
Revocation of authorization order | |
Revocation of all authorizations order | |
Forward to issuer | |
Forward to issuer | |
Offline-declined | |
Unable to go online | |
Refusal count exceeded for this card / sepa | |
Exceeded payment volume for this card / sepa | |
Stolen or lost card | |
Bank server unavailable |
Dispute response codes ​
Response | Network | Meaning |
---|---|---|
National | Transaction not authorized | |
National | Duplicate processing | |
National | Transaction disputed | |
Visa | Fraud; card Absent Environment | |
Visa | Duplicate processing | |
Mastercard | Requested/required authorization not obtained. Transaction not authorized | |
Mastercard | Duplicate processing | |
Mastercard | Fraudulent transaction; no cardholder authorization | |
Mastercard | Cardholder Dispute Defective/Not as Described | |
Mastercard | Cardholder does not recognize. Potential fraud |
Test data ​
Test cards ​
Number | Brand | Country | 3DS | Return |
---|---|---|---|---|
Visa | AT 🇦🇹 | Optional | 00 OK | |
Visa | BE 🇧🇪 | Optional | 00 OK | |
Visa | DK 🇩🇰 | Optional | 00 OK | |
Visa | FI 🇫🇮 | Optional | 00 OK | |
CB | FR 🇫🇷 | Optional | 00 OK | |
Visa | DE 🇩🇪 | Optional | 00 OK | |
Visa | IE 🇮🇪 | Optional | 00 OK | |
Visa | IT 🇮🇹 | Optional | 00 OK | |
Visa | LU 🇱🇺 | Optional | 00 OK | |
Visa | NL 🇳🇱 | Optional | 00 OK | |
Visa | NO 🇳🇴 | Optional | 00 OK | |
Visa | PT 🇵🇹 | Optional | 00 OK | |
Visa | RU 🇷🇺 | Optional | 00 OK | |
Visa | ES 🇪🇸 | Optional | 00 OK | |
Visa | SE 🇸🇪 | Optional | 00 OK | |
Visa | CH 🇨🇠| Optional | 00 OK | |
Visa | GB 🇬🇧 | Optional | 00 OK | |
Visa | US 🇺🇸 | Not required | 00 OK | |
Visa | US 🇺🇸 | Not required | 00 OK | |
Visa | US 🇺🇸 | Not required | 00 OK | |
Mastercard | US 🇺🇸 | Optional | 00 OK | |
Mastercard | US 🇺🇸 | Optional | 00 OK | |
Mastercard | US 🇺🇸 | Optional | 00 OK | |
Visa | US 🇺🇸 | Not enrolled | 00 OK | |
Visa | BR 🇧🇷 | Optional | 00 OK | |
Visa | CA 🇨🇦 | Optional | 00 OK | |
Visa | MX 🇲🇽 | Optional | 00 OK | |
Visa | FR 🇫🇷 | Optional | 00 OK | status = 50 captured | |
Visa | US 🇺🇸 | Required | A1 must perform 3DS | status = 0 refused | |
Visa | FR 🇫🇷 | Optional | 05 do not honor | status = 0 refused | |
Visa | FR 🇫🇷 | Optional | 51 insufficient fund | status = 0 refused | |
Visa | FR 🇫🇷 | Optional | 41 lost card | status = 0 refused | |
Visa | FR 🇫🇷 | Optional | 00 OK | status = 60 disputed | |
Visa | FR 🇫🇷 | Optional | 00 OK | status = 60 disputed | |
Visa | FR 🇫🇷 | Optional | 00 OK | status = 60 disputed |
Test SEPA ​
IBAN | Country | Name | Birthdate | Return |
---|---|---|---|---|
AT 🇦🇹 | Otto Normalverbraucher | 1971-02-02 | 00 OK | |
BE 🇧🇪 | Jef Van Pijperzele | 1972-03-03 | 00 OK | |
CH 🇨🇠| Leonhard Euler | 1973-04-04 | 00 OK | |
DE 🇩🇪 | Max Mustermann | 1974-05-05 | 00 OK | |
EE 🇪🇪 | Friedrich Robert Faehlmann | 1975-06-06 | 00 OK | |
ES 🇪🇸 | Juan Pérez | 1976-07-07 | 00 OK | |
FI 🇫🇮 | Maija Meikäläinen | 1977-08-08 | 00 OK | |
FR 🇫🇷 | Pierre Martin | 1978-09-09 | 00 OK | |
GB 🇬🇧 | John Doe | 1970-01-01 | 00 OK | |
IE 🇮🇪 | John Kilkenny | 1979-10-10 | 00 OK | |
LT 🇱🇹 | Jonas Petraitis | 1980-11-11 | 00 OK | |
LU 🇱🇺 | Adalbert Boros | 1981-12-12 | 00 OK | |
IT 🇮🇹 | Piero Pers | 1982-01-13 | 00 OK | |
NL 🇳🇱 | Jan Modaal | 1983-02-14 | 00 OK | |
NO 🇳🇴 | Peder Aas | 1984-03-15 | 00 OK | |
PT 🇵🇹 | Jan Kowalski | 1985-04-16 | 00 OK | |
SE 🇸🇪 | Lisa Svensson | 1986-05-17 | 00 OK | |
FR 🇫🇷 | Gilles Dupont | 1987-06-18 | 00 OK | |
FR 🇫🇷 | Jean Banbois | 1992-11-23 | AC01 Incorrect Account Number | status = 0 refused | |
FR 🇫🇷 | Marie-Jeanne Sansbanque | 1993-12-24 | AC04 Closed Account Number | status = 0 refused | |
FR 🇫🇷 | Marc Barrer | 1994-01-25 | AC06 Blocked Account | status = 0 refused | |
FR 🇫🇷 | Sophie Fontek | 1995-02-26 | AG01 Transaction Forbidden | status = 0 refused | |
FR 🇫🇷 | Hector Fauché | 1996-03-27 | AM04 Insufficient Funds | status = 0 refused | |
FR 🇫🇷 | Lillianne Sansmandat | 1997-04-28 | MD01 No Mandate | status = 0 refused | |
FR 🇫🇷 | Vincent Refusé | 1998-05-29 | MD06 Refund Request By End Customer | status = 0 refused | |
FR 🇫🇷 | Eric Indécis | 1999-06-30 | MS02 Not Specified Reason Customer Generated | status = 0 refused | |
BE 🇧🇪 | Camille Honnête | 1988-07-19 | AM04 Insufficient Funds | status = 60 disputed | |
ES 🇪🇸 | Pepito Pérez | 1990-09-21 | AC04 Closed Account Number | status = 60 disputed |