On this page, you will find information about how to authenticate with the Checkout 3.0 Backend API, construct the authentication header and how to Initialize payment.
Avarda base URLs for Checkout 3.0 Backend API:
Stage environment: https://stage.checkout-api.avarda.com
Production environment: https://checkout-api.avarda.com
“Partner access token” is used as authentication for all further communication with the Checkout 3.0 Backend API. This token should never be displayed to the user or sent to the frontend of the application.
To obtain the token send POST
request with clientId
and clientSecret
as a JSON
to /api/partner/tokens
.
# Obtain Partner access token curl -X "POST ${api_url}/api/partner/tokens" \ -H 'Content-type: application/json' \ -H 'Accept: application/json' \ -d '{ "clientId": "659e57c9-d970-4db8-b003-8ba04cc157f9", "clientSecret": "4~{x*6%gvBt(:aD" }'
Property | Data type |
clientId | string |
clientSecret | string |
<?php $api_url = "https://stage.checkout-api.avarda.com"; // Use your CLIENT_ID and CLIENT_SECRET $client_id = "659e57c9-d970-4db8-b003-8ba04cc157f9"; $client_secret = "4~{x*6%gvBt(:aD"; // Send POST request and save "Partner access token" $request_url = "$api_url/api/partner/tokens"; $request_payload = array('clientId' => $client_id, 'clientSecret' => $client_secret); $options = array( 'http' => array( 'header' => "Content-type: application/json\r\n", 'method' => 'POST', 'content' => json_encode($request_payload) ) ); $context = stream_context_create($options); $result = file_get_contents($request_url, false, $context); if ($result === false) { /* Handle error */ } else { $json_data = json_decode($result); $partner_access_token = $json_data->token; echo (string) $partner_access_token; };
{ "token": "eyJ0eXAiOiJKV1QiLCJhbGc...", "tokenExpirationUtc": "2020-01-01T09:24:42.2011052Z" }
Property | Data type | Description |
token | string | JWT token in string format – “Partner Access Token” |
tokenExpirationUtc | string | DateTime in string format – easy access to expiration date of “Partner Access Token”. More information about handling of the token in Handling Partner access token |
Initialize payment and set up initial parameters such as: language; items list; etc. Please check the full list of options below.
Send a POST
request with “Partner access token” as authorization with JSON
data. Successful initialization returns a unique “Purchase JWT token” and “PurchaseId”. “Purchase JWT token” is used to display Checkout 3.0 form on the frontend of your application. “PurchaseId” is used in other Checkout 3.0 Backend API calls.
# Initialize a new payment POST {api_url}/api/partner/payments Content-type: application/json Authorization: Bearer {partner_access_token} { "items": [ { "description": "string", "notes": "string", "amount": 0, "taxCode": "string", "taxAmount": 0, "quantity": 0 } ], "checkoutSetup": { "recurringPayments": "Hidden", "emailInvoice": "Hidden", "language": "English", "mode": "B2C", "completedNotificationUrl": "string", "displayItems": true, "smsNewsletterSubscription": "Hidden", "emailNewsletterSubscription": "Hidden", "differentDeliveryAddress": "Hidden", "termsAndConditionsUrl": "string", "integrityConditionsUrl": "string" }, "b2C": { "customerToken": "string", "invoicingAddress": { "address1": "string", "address2": "string", "zip": "string", "city": "string", "country": "AF", "firstName": "string", "lastName": "string" }, "deliveryAddress": { "address1": "string", "address2": "string", "zip": "string", "city": "string", "country": "AF", "firstName": "string", "lastName": "string", "type": "Default" }, "userInputs": { "phone": "string", "email": "string" } }, "b2B": { "invoicingAddress": { "address1": "string", "address2": "string", "zip": "string", "city": "string", "country": "AF", "name": "string" }, "deliveryAddress": { "address1": "string", "address2": "string", "zip": "string", "city": "string", "country": "AF", "firstName": "string", "lastName": "string", "type": "Default" }, "userInputs": { "phone": "string", "email": "string", "reference": "string" } }, "extraIdentifiers": { "orderReference": "string", "loyaltyNumber": "string", "productGroup": "string", "attachment": "string", "description": "string", "referenceName": "string", "posId": "string" } }
Property | Data type | Description |
Items | [ Item ] | List of item objects |
CheckoutSetup | CheckoutSetup | Setup for checkout payment |
B2C | B2CInfo | Business to customer checkout setup |
B2B | B2BInfo | Business to business checkout setup |
ExtraIdentifiers | ExtraIdentifiers | Partner’s checkout session identifiers |
<?php $api_url = "https://stage.checkout-api.avarda.com"; // "Partner access token" generated by calling `$api_url/api/partner/tokens` see more info: <https://docs.avarda.com/checkout-3/how-to-get-started/#obtain-partner-access-token> $partner_access_token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IllNRUxIVDBnd..."; // Send POST request, save "Purchase JWT token" and "PurchaseId" $request_url = "$api_url/api/partner/payments"; $request_payload = array( "checkoutSetup" => array( "language" => "English" ), "items" => array(array( "description" => "Test Item 1", "notes" => "Test Notes 1", "amount" => 50, "taxCode" => "20%", "taxAmount" => 10, "quantity" => 2 )), ); $options = array( 'http' => array( 'header' => "Content-type: application/json\r\nAuthorization: Bearer $partner_access_token\r\n", 'method' => 'POST', 'content' => json_encode($request_payload) ) ); $context = stream_context_create($options); $init_result = file_get_contents($request_url, false, $context); if ($init_result === false) { /* Handle error */ } else { $init_data = json_decode($init_result); $purchase_jwt_token = $init_data->jwt; $purchase_id = $init_data->purchaseId; echo (string) $purchase_id; echo (string) $purchase_jwt_token; }
{ "purchaseId": "AVT3gn", "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJDaGVja291dCIsImp0aSI6IjljZGRhZWI4LWU1N2UtNGIwNC04ZDdjLTBjODc0YTA1MDY2MyIsIlB1cmNoYXNlSWQiOiJBVlQzZ24iLCJleHAiOjE1Nzg5MTE0OTh9.HMRidZgeOQtOQtXyHwanmfS0KwYXb73m5lkTeQ449co", "expiredUtc": "2020-01-01T09:02:03.2160375Z" }