Authorization

For a transaction to be authorized, certain information regarding the transaction is requested:

• Secret key is used to validate the API key. Then, the API key is mapped to the correct merchant.
• PSP test mode flag is sent to validate the transaction mode on the PSP side.
• Alias is fetched by using the passed alias ID and the active flag.

The payment information is then gathered by combining the alias information and the merchant PSP configuration.

Using the idempotent key, a new transaction will be stored in the database using the transaction details passed in the request if the idempotent key does not exist. If it exists and the passed information is similar to the transaction information in the database, the new transaction is not created.

Operations

Authorize Transaction

A transaction can be authorized by providing the following parameters in a request header:

Parameter Name	Description	Type	Required
Secret-Key	The secret API key defined for the merchants	String	Yes
Idempotent-Key	Unique key for the request	String	Yes
PSP-Test-Mode	A flag defining if the alias is for the PSP test mode	Boolean	No

Request body:

Parameter Name	Description	Type	Required
aliasId	Stash! alias id	String	Yes
paymentData	Payment details	PaymentData	Yes
purchaseId	Merchant's transaction id	String	No
customerId	Merchant's customer id	String	No

PaymentData:

Parameter Name	Description	Type	Required
amount	Amount in smallest currency unit (e.g. cent)	Int	Yes
currency	Currency	String	Yes
reason	Reason of the transaction	String	Yes

Response body:

Parameter Name	Description	Type
transactionId	Stash! transaction id	String
amount	Amount in smallest currency unit (e.g. cent)	Int
currency	Currency	String
status	SUCCESS or FAIL or PENDING	String
action	AUTH	String

The Swagger documentation can be found here.