Integration Documentation

This pages provides an overview of the main components of the sandbox environment including the payment page, dashboard, and API. The purpose is to provide enough information on the different integration options so you can begin the integration process with the epay3 payment platform.

 

Sandbox Urls

Payment Page

https://sandbox.epaypolicy.com
The payment page is exactly the same as your production payment page except that this one only accepts fake transactions and never executes a debit on a real account.

Dashboard

https://app-sandbox.epaypolicy.com
The dashboard gives you a comprehensive view of all transactions run through your account.

API

https://api-sandbox.epaypolicy.com
The API provides an integration point to process transactions. By default, the API Url will present you with the Swagger UI which provides rich, interactive documentation.

 

Test Transaction Numbers

When running a test credit card transaction, 4242424242424242 can be used with a month and year into the future and any value for the CVV. Test ACH transactions just require a valid routing number. As an example, 111000025 (Bank of America) can be used.

 

Swagger and SDK

Swagger (http://swagger.io/) is an open-source documentation suite for REST APIs. To use the Swagger UI, just proceed to the Url provided for the REST API. Enter in the Api Key and Secret and the scroll down to view supported endpoints. As you expand the endpoints (e.g. Transactions) you will see the supported verbs. Expanding more will show the inputs and outputs of each endpoint. In addition, you will see the Model and Model Schema options on the right side which will give a template for the request as well as indicators for the optional vs required fields. Once the required values are supplied, you can click “Try it out!” to see the UI hit the Api endpoint without writing any code.

 

When using the API, you may notice that the amount supplied and the amount that is shown in the dashboard differ. This is due to a customer fee being added as the transaction is being processed.

 

We have provided a C# SDK on Github that includes automated tests with sample code.

 

Secure Integration

While some of our clients choose to integrate directly with our API only, this does put some of the responsibility for security on the application developer since their servers are actually handling the credit card information. This is why we’ve added the option for a blended API integration where the user can enter the sensitive payment information without the details hitting your servers. We have outlined 2 options below to help you achieve this.

 

Client Side

This integration option keeps the user in your application with your pages for a consistent user experience.

 

Step 1

Your page can securely collect the payment information and submit it to our servers via a jQuery call which will generate a token Id. You can even add custom attributes to the token such as a customer identifier. The payload for the token creation matches exactly to the payload described here.

IMPORTANT: To avoid security risks, please do not let the page post to your server. Instead you should only post the Token Id that is returned by the API call.

See a sample Html page that collects information and creates a token via jQuery.

Step 2

Using the API and the token Id, execute a GET operation against the API to obtain the token details including any custom attributes passed in during Step 1. This token Id can be used in subsequent API calls to execute transactions.

See the sample code to get the details of a token.

See the sample code to run a transaction using a token Id.

 

Hosted Pages

This integration option redirects the user to a hosted page on our servers to collect the payment information.

 

Step 1

Via the API, generate a token page session Id by passing in any custom attributes to attach to the transaction and a success Url. The success Url is the location to which you would like the user forwarded once a payment method is successfully saved through the hosted page. The session Id returned by the API is valid for 30 minutes.

See the sample code to create a token page session.

Step 2

Your application forwards the user to the hosted page with the session Id in the query string (tokens?sessionId={sessionId}). Once a payment method is saved, the user will be forwarded back to the success Url specified in Step 1 along with the token Id in the query string (?tokenId={id}).

Step 3

Using the API and the token Id from the query string, execute a GET operation against the API to obtain the token details including any custom attributes passed in during Step 1. This token Id can be used in subsequent API calls to execute transactions.

See the sample code to get the details of a token.

See the sample code to run a transaction using a token Id.