This reference describes payment protocol 1. Tringify selects this version for new declarations. All provider endpoints receive JSON over HTTPS.
Signed request headers#
Header |
Purpose |
|---|---|
|
Hex HMAC-SHA256 signature. |
|
Unix timestamp included in the signature. |
|
Unique identifier for this delivery attempt. |
|
Store that owns the connection. |
|
App receiving the request. |
Compute the expected signature as HMAC-SHA256 with your app signing secret over the timestamp string followed immediately by the exact raw request body. Compare signatures in constant time and reject stale timestamps before doing provider work.
Connection check request#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
string |
Yes |
Identifies the connected merchant account. |
|
string |
Yes |
Identifies the store that owns the connection. |
|
string |
Yes |
Identifies your app. |
|
string |
Yes |
The requested provider service; |
|
string |
Yes |
Your stable key for this merchant connection. |
|
string |
Yes |
The approved declaration this connection must follow. |
Connection check response#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
string |
Yes |
Whether the account is ready, needs merchant action, or cannot be used. |
|
string |
No |
Optional stable reason code supplied by your app. |
|
string |
No |
Whether the connected credentials are |
|
string |
No |
Whether the ready account is healthy or temporarily degraded. |
|
string |
No |
ISO country code for the connected provider account. |
|
string |
No |
Safe, masked text that helps the merchant recognize the account. |
|
array of string |
No |
Operations this account can perform now. |
|
array of string |
No |
ISO currency codes this account can process now. |
Start-payment request#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
string |
Yes |
Tringify payment-session ID and idempotency key. |
|
string |
Yes |
Payment protocol version for this request. |
|
string |
Yes |
Approved declaration revision that governs this request. |
|
string |
Yes |
Store accepting the payment. |
|
string |
Yes |
Market whose payment-provider assignment selected this connection. |
|
string |
No |
Optional store name for the provider experience. |
|
string |
Yes |
Order being paid. |
|
string |
No |
Optional merchant-facing order number. |
|
string |
Yes |
Exact decimal amount as a string; never a floating-point number. |
|
string |
Yes |
ISO currency code for the amount. |
|
string |
No |
Customer email when available and needed for payment. |
|
string |
No |
Customer phone when available and needed for payment. |
|
object |
No |
Normalized billing address when available and needed for payment. |
|
string |
Yes |
Tringify URL to return to after the provider experience. |
|
string |
No |
Optional Tringify URL used when the customer cancels. |
|
ISO 8601 timestamp |
Yes |
Time after which the payment session can no longer be completed. |
Start-payment response#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
boolean |
Yes |
Whether the provider payment was created or retrieved. |
|
string |
No |
Gateway-hosted HTTPS URL Tringify opens for the customer; mutually exclusive with browser_action. |
|
object |
No |
Reviewed browser adapter and public per-session configuration; mutually exclusive with launch_url. |
|
string |
No |
Optional provider-owned identifier for this attempt. |
|
string |
No |
Stable, non-sensitive error code when the request is rejected. |
|
string |
No |
Safe developer-facing detail when the request is rejected. |
Refund request#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
string |
Yes |
Tringify refund ID and idempotency key. |
|
string |
Yes |
Original Tringify payment-session ID. |
|
string |
Yes |
Store requesting the refund. |
|
string |
Yes |
Order being refunded. |
|
string |
Yes |
Provider transaction previously reported for the payment. |
|
string |
Yes |
Exact refund amount as a decimal string. |
|
string |
Yes |
ISO currency code for the refund amount. |
|
string |
No |
Optional merchant-provided reason for the refund. |
Refund response#
Field |
Type |
Required |
Description |
|---|---|---|---|
|
boolean |
Yes |
Whether the refund request was accepted. |
|
string |
No |
Optional provider-owned refund identifier. |
|
string |
No |
Current result: |
|
string |
No |
Stable, non-sensitive error code when the request fails. |
|
string |
No |
Safe developer-facing detail when the request fails. |
Reliability rules#
Treat session and refund IDs as idempotency keys and reject a reused ID whose immutable request values changed. Return the original provider object for a repeated matching request. For a start-payment request, checkout must receive exactly one valid browser handoff before the customer can continue; an uncertain provider result after customer interaction is reconciled through the Store API. Refund and off-session operation timeouts remain ambiguous and must be queried before repeating money movement.
Sensitive data#
Provider requests and Store API callbacks must not include card numbers, CVV or CVC values, cardholder data, wallet cryptograms, PINs, API keys, access tokens, or merchant credentials.