Charge Card

Send card details along with payment information in order to charge a card for payment

Charge Card

POST https://a1pay.net/api/cardpayment/paynow

Request Body

Name	Type	Description
PIN	string	4 digit PIN of the card
CardId	number	0 if this is a new card, or Id of selected card if user is using an existing card
UserId	integer	Id of the logged in user
CVV	string	User's CVV also known as CVC
RecipientNameResolved	boolean	set to true
ClientReference	string	set to .PostData.TransactionCode of the selected OnlinePaymentOptions[] array element
Medium	string	set to 'web' or 'mobile' depending on your platform
UserPhoneNumber	string	set to .PostData.PhoneNumber
UserEmail	string	set to .PostData.EmailAddress of the selected OnlinePaymentOptions[] array element
ResolvedBeneficiaryName	string	set to .PostData.TransType of the selected OnlinePaymentOptions[] array element
BeneficiaryEmail	string
BeneficiaryName	string	set to .PostData.TransType of the selected OnlinePaymentOptions[] array element
BeneficiaryPhone	string
Amount	number	set to .PostData.AmountExpected of the selected OnlinePaymentOptions[] array element
Fee	number	set to 0
RecipientBankCode	string	set to 'wallet'
BeneficiaryAccount	string	set this to 'wallet'

200 Transaction initialized

{
  "status": "success", //or error. If error, data will contain the error message
  "data": {
    "Use3DSecure": false, //if true load AuthURL in a webview
    "OTPMessage": "Kindly enter the OTP sent to *******3337 and o*******@yahoo.com",
    "AuthURL": "",
    "GatewayReference": "",
    "TransactionId": "12345",
    "OTPValidationEndpoint": "https://www.a1pay.net/home/api/CardPayment/OTPValidation",
    "ReferenceCode": ""
  }
}

Very important. The entire request body needs to be serialized to JSON and encrypted using AES before posting to the endpoint. The encryption should follow these steps: 1. Convert the user token base 64 string. Then convert to byte array of length 16. If the array length is less than 16 add empty bytes to make up 16. Use this as the AES Key 2. Repeat step 1 above for your Secret Key and use this as the AES IV

Where to go from here?

Once you have called the endpoint successfully, check If status == "success" then you can proceed to inspect the data object. If not, then data will contain the error message. If data.Use3DSecure == true, then you need to load data.AuthURL in a webview, otherwise, display data.OTPMessage as a prompt to the user with a text input field to accept user's OTP.

if (Response.data.Use3DSecure) {
  //transaction can only go through 3D secure
  //Load Response.data.AuthURL for the user in a webview, or browser page 
} else {
  //show OTP screen to user
  //Response.data.OTPMessage: will contain the message you need to display to the user
  //Response.data.OTPValidationEndpoint will contain the endpoint to post the OTP to
}