# Create Card Payment ## **Create Card Payment** ## Payin by CreditCard `POST` `https://gateway-test.pagsmile.com/trade/pay` This endpoint allows you to create a card payment. #### Headers | Name | Type | Description | | ----------------------------------------------- | ------ | ------------------------------------------ | | Content-Type\* | string | application/json; chartset=UTF-8 | | Authorization\* | string | Basic Base($app\_*id:$security\_*key) | #### Request Body | Name | Type | Description | | ------------------------------------------------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | app\_id\* | string |

created app's id at dashboard

- Max. 32 chars -

| | method\* | string | CreditCard or DiscoverCard | | out\_trade\_no\* | string |

ID given by the merchant in their system
- Max. 64 chars -

| | notify\_url\* | string | Where Pagsmile will send notification to | | return\_url | string | Redirect to Merchant's url when user finished checkout | | timestamp\* | string |

yyyy-MM-dd HH:mm:ss
- Max. 19 chars -

| | subject\* | string |

payment reason or item title

- Max. 128 chars -

| | content\* | string |

payment reason detail or item detail. This will be shown on the bank bill.

- Max. 255 chars -

| | order\_amount\* | string |

payment amount
- check here -

| | order\_currency\* | string | BRL, HKD, JPY, TJS, USD, EUR or GBP | | buyer\_id\* | string | merchant user's id | | token\* | string | Get token by using [Tokenization API](https://docs.pagsmile.com/payin/pci-direct-integration/tokenize) or [Pagsmile Javascript](https://docs.pagsmile.com/payin/tools/pagsmile-javascript) | | user\_ip\* | string | user's IP address | | customer.name | string | User's name | | customer.email | string | User's email | | customer.phone | string | User's phone | | customer.identify.type | string | User's identification type | | customer.identify.number | string | User's identification number | | issuer | string | issuer of CreditCard | | device.user\_agent | string | user's browser ua | | website\_url | string |

merchant website URL

- Max. 128 chars -

| | address.zip\_code | string | zip code | | address.street | string |

street

- Required if zip\_code not provide -

| | address.street\_number | string |

street number

- Required if zip\_code not provide -

| | address.city | string |

city

- Required if zip\_code not provide -

| | address.state | string |

state
- Required if zip\_code not provide -

| | installments | string | installments for CreditCard | | threeds.server\_trans\_id | string | Universally unique transaction identifier assigned by the 3DS Server to identify a single transaction generated by the Init 3DS API and used to link the init call to the order call | | threeds.version | string | Version used in the transaction | | threeds.cavv | string | Authentication Value (CAVV / AAV for 3DS1) recieved from authorization/Authentication response | | threeds.status\_code | string | 3DSecure - Status code recieved from authorization/authentication response, (Possible values: U, N, Y, A, C, D, R, I) | | threeds.eci | string | ECI value recieved from authorization/authentication response | | threeds.status | string | 3DSecure - Status text received from 3D secure vendor | | threeds.status\_reason\_code | string | String EMVCO Indicator of the reason for the 3DS status code provided during the authentication, (Possible values: 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16) | | threeds.liability\_shift | string | liability shift - indicate whether the chargeback liability shifted to the card issuer | | threeds.acs\_trans\_id | string | This field contains a universally unique transaction identifier assigned by the ACS to identify a single transaction. | | threeds.ds\_trans\_id | string | A universally unique transaction identifier is assigned by the DS to identify a single transaction. | | timeout\_express | string |

m(minutes), h(hours), d(days), c(always end in current day).

Used to control the expiration time of submitting an order (from initial to processing). (90m in default, max 15d)

| | region | string | region of the payment. The format is ISO 3166-1 alpha-3 - ARG, BRA, etc. Check [here](https://docs.pagsmile.com/payin/data/country-code). Required if using Global app - | {% tabs %} {% tab title="200 submit successfully" %} ``` { "code": "10000", "msg": "Success", "trade_no": "2022010110293900084", "out_trade_no": "202201010354003", "web_url": "", "trade_status": "PROCESSING" "pay_url": "https://checkout-test.pagsmile.com/checkout?prepay_id=", //Only available when method=DiscoverCard "check_url": "https://checkout-test.pagsmile.com/checkout?prepay_id=" ``` {% endtab %} {% tab title="400 duplicate out\_trade\_no" %} ``` { "code": "40002", "msg": "Business Failed", "sub_code": "duplicate-out_trade_no", "sub_msg": "out_trade_no is duplicate" } ``` {% endtab %} {% endtabs %} {% hint style="info" %} The merchant should have 3DS provider to get the value of "threeds". {% endhint %} ### Example ``` curl --location --request POST 'https://gateway-test.pagsmile.com/trade/pay' \ --header 'Authorization: Basic MTYyNTgyOTIxNDUzMTY2Mzg6UGFnc21pbGVfc2tfZDUwMWQ1ZGNkNTI5OGQ5N2MwNmUzYjI4YjA2OWZjZmY3NDU5ZjY2NzNiMjFjMTFlYTY3NDM5MDgzOTZkOTYxNQ==' \ --header 'Content-Type: application/json' \ --data-raw '{ * "app_id": "162************38", * "out_trade_no": "202201010354003", * "method": "CreditCard", * "order_amount": "12.01", * "order_currency": "BRL", * "subject": "trade pay test", * "content": "trade pay test content", * "notify_url": "http://merchant/callback/success", "return_url": "https://www.merchant.com", * "buyer_id": "buyer_0101_0001", * "user_ip": "127.0.0.1", * "token": "${token}", "installments": "1", * "timestamp": "2022-01-01 03:54:01", "timeout_express": "1c", "customer": { "identify": { "type": "CPF", "number": "50284414727" }, "name": "Test User Name", "email": "test@pagsmile.com", "phone": "75991435892" }, "device": { "user_agent": "" }, "address": { "zip_code": "38082365", }, "threeds": { //The "threeds" parameters are required to apply 3DS. "version": "2.1.0", "cavv": "MTIzNDU2Nzg5MDEyMzQ1Njc4OTA", "eci ": "05", "server_trans_id": "1111-2222-3333-4444", "acs_trans_id": "7777-8797-4645-1233", "ds_trans_id": "7777-8797-4645-1233", "status": "Cardholder authenticated", "status_code": "Y", "status_reason_code": "15", "liability_shift": "true" }, "region": "BRA" //Required if using Global app }' ``` {% hint style="info" %} Note: **162\*\*\*\*\*\*\*\*\*\*\*\*38** is pagsmile's test app id for sandbox, and **MTYyNTgyOTIxNDUzMTY2Mzg6UGFnc21pbGVfc2tfZDUwMWQ1ZGNkNTI5OGQ5N2MwNmUzYjI4YjA2OWZjZmY3NDU5ZjY2NzNiMjFjMTFlYTY3NDM5MDgzOTZkOTYxNQ==** is authorization token associated with the test app id. {% endhint %} {% hint style="danger" %} Please use your own **app\_id** and generate your own **authorization token** when testing. {% endhint %}