# Initiate a payment attempt This is used to supply the card you have collected from the customer to pay for this payment session. Only call this endpoint from your front-end once you have collected the customer's card details. If you want the lowest PCI burden we recommend using our embedded payment forms in place of this endpoint. This ensures Ryft store & transmit the card details securely from our servers rather than your own. Please contact your account manager if you want to opt for this. Endpoint: POST /payment-sessions/attempt-payment Version: 1.1.0 Security: publicApiKeyAuth ## Header parameters: - `Account` (string) The linked accountId (use this when operating on payments related to a linked account) Example: "ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327" ## Request fields (application/json): - `clientSecret` (string, required) The client secret of the payment session. Example: "ps_01FCTS1XMKH9FF43CAFA4CXT3P_secret_b83f2653-06d7-44a9-a548-5825e8186004" - `paymentMethodType` (string,null) The type of the payment method the customer has opted to pay with. Enum: "Card" - `cardDetails` (object) - `cardDetails.number` (string, required) The 16-digit card number Example: "4444333322221111" - `cardDetails.expiryMonth` (string, required) The 2-digit expiry month of the card Example: "10" - `cardDetails.expiryYear` (string, required) The 4-digit expiry year of the card Example: "2024" - `cardDetails.cvc` (string,null) The card verification code. 3/4 digits. Note that this parameter is required unless: - you are processing MOTO entered transactions; and you have approval to not supply this field. Failure to provide this will result in the payment being declined with lastError: "cvc_required" Example: "100" - `cardDetails.name` (string,null) (optional) The card holder's name as printed on the card. Must be at least 2 words and max length 120. Example: "MR ISAAC CLARKE" - `walletDetails` (object) - `walletDetails.type` (string) Enum: "GooglePay", "ApplePay" - `walletDetails.googlePayToken` (string) The encrypted GooglePay token obtained on the client-side Example: "{\"signature\":\"MEYCIQCOjFuUGDkyieeJCQkm23qMSsQtGRjjVcWuAEHjdcGtNH+fx9GD342jNa\",\"intermediateSigningKey\":{\"signedKey\":\"{\\\"keyValue\\\":\\\"MFkwEjHIVnhmXEs2OjgvsLYCuiwXttkLpM5EFA3snvzPBUzT9hFeUuPCBTyP+83vbpNo5WFqjObGuVj3EFYRa0bGQ0+4ZYlk16tk4cGqVliuD2VS+ooPiDzztKahTj3tNicjyUjpD7AxiMPf/RHsHTlXs+m79EibjQxyE/CjlqrwfA3qpxJpdkt/ihS8JlVhQP8d/gnV/Get36o02gZc/F9s7kfG6Ur/rZ0Nf5F0yVCfZfgYCIeEPE415sjm0yJehlmVJ+iWrsdoUjrTlDfNqUj8m44vfxyrmTbk2HaAgy+LWyu0DtBFHtQsecZpGyYLGbiTRbL/F6wXEZEcM9W8lFy7pNtyx2FpvGFKPOnM8hAEhJ6OkDHMNmBSZWoqY9PLeVeXvbuW9KdKzHeGkFQmsypKBrkT5XDmP49AFAnaGyVfvtBunLdt4SrPqJgSpvLdBhvOwHNQRSAaaUx6xBQqEecVAZF/fdwpcMXc2Mc\\\",\\\"ephemeralPublicKey\\\":\\\"BEPsTEoiu6nyicBC9EhvTE45t8+IxjiKiifT/tmytIhn+O6d+cGSuiSmzeg1k1X0xZqr...\",\\\"tag\\\":\\\"pDKKl7MBNL+CnyrY6XB8E/T6hbbnEo8q4\\\\u003d\\\"}\"}" - `walletDetails.applePayToken` (string) The base64 encoded paymentData returned by Apple on the client-side Example: "eyJ2ZXJzaW9uIjoiRUNfdjEiLCJkYXRhIjoiN21Fay9BSGh2OXJzSmM1K0NFbVhRaERHaHZCMjViaDFxb0hTZmVVWHpiNFA5Nk5ieWd6alV3ZnR3RXJUYmRhQ3FFMXFi......" - `paymentMethod` (object) - `paymentMethod.id` (string) The Id of the payment method to pay with Example: "pmt_01G0EYVFR02KBBVE2YWQ8AKMGJ" - `paymentMethod.cvc` (string,null) The card verification code. 3/4 digits This is primarily not required, but can be collected again from the customer and submitted with an existing payment-method (card-only) if you want to run a cvc check again. Note that if this check fails the payment too will fail. Example: "100" - `paymentMethodOptions` (object) - `paymentMethodOptions.store` (boolean) Set this to true if you want to store the customer's card details on file. This will currently only be applied to cardDetails payments. If true, we will set the stored payment method as the customer's default/preferred payment method. - `billingAddress` (object,null) - `billingAddress.firstName` (string) The first name of the customer Example: "Nathan" - `billingAddress.lastName` (string) The last name of the customer Example: "Jones" - `billingAddress.lineOne` (string) First line of the address Example: "123 Test Street" - `billingAddress.lineTwo` (string) Second line of the address Example: "456 Lane" - `billingAddress.city` (string) The address city/town Example: "Manchester" - `billingAddress.country` (string, required) The two-character ISO country code Example: "GB" - `billingAddress.postalCode` (string, required) The postal code/zip of the address Example: "SP4 7DE" - `billingAddress.region` (string,null) The state/county/province/region Required if the address is in the US/Canada and must be a 2-character ISO state/province code Example: "NY" - `customerDetails` (object) - `customerDetails.email` (string) The email address of the customer This is required for a payment to be taken and must be provided here if not provided when creating the payment session. We recommend only providing the email here if payment is being taken for guest users who don't transact via your checkout page, e.g. when using Apple Pay or Google Pay on a product page Example: "example@mail.com" - `customerDetails.homePhoneNumber` (string,null) The home phone number of the customer. Can be provided here if not available at the time of creating the payment session. Must be in E.164 format! Example: "+447900000000" - `customerDetails.mobilePhoneNumber` (string,null) The mobile phone number of the customer. Can be provided here if not available at the time of creating the payment session. Must be in E.164 format! Example: "+447900000000" - `shippingDetails` (object,null) Example: {"address":{"firstName":"Fox","lastName":"Mulder","lineOne":"Stonehenge","postalCode":"SP4 7DE","city":"Salisbury","country":"GB"},"phoneNumber":"+447900000000"} - `shippingDetails.address` (object,null, required) - `shippingDetails.phoneNumber` (string,null) The phone number of the recipient receiving the goods. Must be in E.164 format Example: "+447900000000" - `threeDsRequestDetails` (object) - `threeDsRequestDetails.deviceChannel` (string, required) The channel of the device where payment is being attempted Enum: "Browser", "Application" - `threeDsRequestDetails.browserDetails` (object) The details of the customer's browser, required if the deviceChannel is Browser - `threeDsRequestDetails.browserDetails.acceptHeader` (string, required) The content of the 'Accept' header from the customer's browser. This can be retrieved by observing the value used on http requests prior to making this one from the browser (e.g. to your backend). Example: "application/json,text/plain,text/html,*/*" - `threeDsRequestDetails.browserDetails.colorDepth` (integer, required) The color depth of the customer's browser, in bits per pixel. This can be retrieved from the browser with JavaScript using the window.screen.colorDepth property. Example: 24 - `threeDsRequestDetails.browserDetails.javaEnabled` (boolean, required) A flag to indicate whether the customer's browser can execute Java. This can be retrieved from the browser with JavaScript using the window.navigator.javaEnabled property. - `threeDsRequestDetails.browserDetails.language` (string, required) The name of the customer's browser language. This can be retrieved from the browser with JavaScript using the window.navigator.language property. Example: "en-GB" - `threeDsRequestDetails.browserDetails.screenHeight` (integer, required) The height of the customer's screen in pixels. This can be retrieved from the browser with JavaScript using the window.screen.height property. Example: 900 - `threeDsRequestDetails.browserDetails.screenWidth` (integer, required) The width of the customer's screen in pixels. This can be retrieved from the browser with JavaScript using the window.screen.width property. Example: 1440 - `threeDsRequestDetails.browserDetails.timeZoneOffset` (integer, required) The time difference between UTC and the customer's browser local time, in minutes. This can be retrieved with JavaScript using the getTimezoneOffset() method on the Date object, e.g. new Date().getTimezoneOffset(). Example: -120 - `threeDsRequestDetails.browserDetails.userAgent` (string, required) The content of the 'User-Agent' header from the customer's browser. This can be retrieved from the browser with JavaScript using the window.navigator.userAgent property. Example: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ## Response 200 fields (application/json): - `id` (string) The unique identifier for the payment Example: "ps_01FCTS1XMKH9FF43CAFA4CXT3P" - `amount` (integer) The amount of the sale/purchase in minor digits Example: 500 - `currency` (string) The ISO currency code Example: "GBP" - `paymentType` (string,null) The type of the payment. Use this to control whether the payment is classified as a Customer-Initiated Transaction (CIT) or Merchant-Initiated Transaction (MIT). (MIT) - customer is not actively participating in the transaction and has instead given consent for you to charge their stored card off session. (CIT) - customer is actively in your checkout flow and is on hand to react to and complete any supplementary steps to complete the payment (e.g. 3DS). CIT values: - Standard - A regular one-off e-commerce payment, made by a customer on your website/app MIT values: - Unscheduled - Uses an already stored card on file for a fixed or variable amount that does not occur on a scheduled or regular basis such as recurring payments/subcriptions. Recurring is classified as CIT if it is the initial payment in the series and MIT if it is a subsequent (follow up) payment in the series. MOTO has now been deprecated in favour of the entryMode (MOTO) field. Enum: "Standard", "Unscheduled", "MOTO", "Recurring" - `entryMode` (string,null) Indicates how the payment method details were (or will be) obtained by the merchant for this payment. - Online - when the payment method is collected with the customer present (e.g. an e-commerce payment within a browser) - MOTO - when the payment method is collected via mail order (not e-email) or over the phone - InPerson - when the payment is collected in-person over a physical medium (such as card terminal) MOTO is subject to additional approval, contact us if you require this functionality. Enum: "Online", "MOTO", "InPerson" - `customerEmail` (string,null) The email address of the customer Example: "example@mail.com" - `customerDetails` (object,null) The details of the customer that this payment belongs to - `customerDetails.id` (string,null) The Id of the customer this payment belongs to. Set this upfront when creating the payment-session if you wish to make use of paying with a customer's saved payment methods Example: "cus_01G0EYVFR02KBBVE2YWQ8AKMGJ" - `customerDetails.firstName` (string,null) The first name of the customer this payment belongs to. Example: "Fred" - `customerDetails.lastName` (string,null) The last name of the customer this payment belongs to. Example: "Jones" - `customerDetails.homePhoneNumber` (string,null) The home phone number of the customer. In E.164 format Example: "+447900000000" - `customerDetails.mobilePhoneNumber` (string,null) The mobile phone number of the customer. In E.164 format Example: "+447900000000" - `customerDetails.metadata` (object,null) The metadata of the customer this payment belongs to. Example: {"customerId":"123"} - `credentialOnFileUsage` (any) - `previousPayment` (object,null) For recurring/unscheduled payments - details of the initial payment in the series. Required for: - partners who want to externally schedule recurring payments. - partners who process Unscheduled payments - `previousPayment.id` (string) The Id of the initial Payment Session in the series Example: "ps_01G0EYVFR02KBBVE2YWQ8AKMGJ" - `rebillingDetail` (any) - `enabledPaymentMethods` (array) List of payment method types that can be used to complete payment for this PaymentSession. Card is the default and will allow all card schemes configured on your account (Visa, Mastercard etc.). Apple Pay & Google Pay are classified as Card types and will be displayed provided you have confogured them properly. Enum: "Card" - `paymentMethod` (object,null) - `paymentMethod.type` (string) Enum: "Card" - `paymentMethod.tokenizedDetails` (object,null) The details of any tokenized payment method used - `paymentMethod.tokenizedDetails.id` (string) The Id of the tokenized payment method Example: "pmt_01G0EYVFR02KBBVE2YWQ8AKMGJ" - `paymentMethod.tokenizedDetails.stored` (boolean) Flag to indicate whether or not the tokenized payment method was stored (against the customer) Example: true - `paymentMethod.card` (object,null) Details of the card used - `paymentMethod.card.scheme` (string) Enum: "Visa", "Mastercard", "Amex" - `paymentMethod.card.last4` (string) The last 4 digits of the card used Example: "4242" - `paymentMethod.wallet` (object,null) Details of the wallet used (Google Pay / Apple Pay) - `paymentMethod.billingAddress` (object,null) - `paymentMethod.billingAddress.firstName` (string) The first name of the customer Example: "Nathan" - `paymentMethod.billingAddress.lastName` (string) The last name of the customer Example: "Jones" - `paymentMethod.billingAddress.lineOne` (string) First line of the address Example: "123 Test Street" - `paymentMethod.billingAddress.lineTwo` (string) Second line of the address Example: "456 Lane" - `paymentMethod.billingAddress.city` (string) The address city/town Example: "Manchester" - `paymentMethod.billingAddress.country` (string, required) The two-character ISO country code Example: "GB" - `paymentMethod.billingAddress.postalCode` (string, required) The postal code/zip of the address Example: "SP4 7DE" - `paymentMethod.billingAddress.region` (string,null) The state/county/province/region Required if the address is in the US/Canada and must be a 2-character ISO state/province code Example: "NY" - `paymentMethod.checks` (object,null) - `paymentMethod.checks.avsResponseCode` (string,null) The response from Address Verification Service (AVS) that determines the match or partial match of the customer's billing address. Possible values: - A - Partial Match (street address matches, postal/zip code does not match) - B - Partial Match (street address matches, postal/zip code not verified) - C - No Match (street address and postal/zip code not verified) - D - Full Match (street address and postal/zip code match) - F - Full Match (street address and postal/zip code match) - G - Not Supported (address information not verified) - I - No Match (address information not verified) - M - Full Match (street address and postal/zip code match) - N - No Match (neither street address not postal/zip code match) - P - Partial Match (postal/zip code matches, street address not verified) - R - System Unavailable (unable to perform verification) - S - Not Supported (AVS currently not supported by issuer) - U - System Unavailable (address information not verified due to no data from issuer) - W - Partial Match (postal/zip code matches, street address does not match) - X - Full Match (street address and postal/zip code match) - Y - Full Match (street address and postal/zip code match) - Z - Partial Match (postal/zip code matches, street address does not match) Example: "Y" - `paymentMethod.checks.cvvResponseCode` (string,null) The response from the check on the Card Verification Value (CVV/CVV2/CVC) Possible values: - M - Match (Visa and MC) - Y - Match (Amex) - N - No Match - P - Not Processed - S - Should be on card - U - Issuer does not participate Example: "M" - `platformFee` (integer,null) The amount (if any) that will be taken and applied to the platform account. This cannot be greater than the "amount" property Example: 50 - `splitPaymentDetail` (object,null) - `splitPaymentDetail.items` (array) - `splitPaymentDetail.items.id` (string) The unique identifier for this split payment item. Note that this will be the id of the SplitPayment created once payment is captured. Example: "sp_01FCTS1XMKH9FF43CAFA4CXT3P" - `splitPaymentDetail.items.accountId` (string) The ID of the sub account who will receive this split payment amount in the form of a SplitPayment. Must be unique, i.e. you cannot have > 1 splits to the same account in your request. Example: "ac_b83f2653-06d7-44a9-a548-5825e8186004" - `splitPaymentDetail.items.amount` (integer) Example: 50 - `splitPaymentDetail.items.fee` (object) - `splitPaymentDetail.items.description` (string) A short description of this split that will be displayed to the account. Example: "2 x The Selfish Gene" - `splitPaymentDetail.items.metadata` (object,null) The metadata to attach to this part of the split. This will be used to populate metadata on the SplitPayment once it is subsequently created. Example: {"productId":"123","productDescription":"The Selfish Gene"} - `status` (string) Enum: "PendingPayment", "PendingAction", "Processing", "Approved", "Captured", "Voided" - `metadata` (object,null) use this parameter to attach key-value data to the payment. These will be sent with any associated payment events on your webhook. Example: {"orderNumber":"123"} - `clientSecret` (string,null) The client secret is used to complete a payment from your frontend. Do NOT store/log/embed anywhere and ensure it is only surfaced on pages served over TSL Example: "ps_01FCTS1XMKH9FF43CAFA4CXT3P_secret_b83f2653-06d7-44a9-a548-5825e8186004" - `lastError` (string,null) The most recent error when attempting to Pay. Note that we may add further values without notice. Enum: "insufficient_funds", "declined_do_not_honour", "invalid_card_number", "cvv2_failure", "restricted_card", "blacklisted_card", "blacklisted_bin", "blacklisted_country", "blacklisted_ip", "risk_declined", "security_violation", "expired_card", "gateway_reject", "suspected_fraud", "contact_issuer", "not_permitted", "invalid_account", "pickup_card", "stolen_card", "issuer_decline", "closed_account", "account_not_activated", "limit_exceeded", "withdrawal_limit_exceeded", "blocked_by_cardholder", "3ds_authentication_failure", "3ds_cardholder_not_participating", "3ds_authentication_required", "payment_method_option_amex_disabled", "cvc_required", "payment_method_not_available", "payment_method_option_amex_not_available", "credit_card_not_permitted", "issuer_error", "system_error", "unknown_error" - `refundedAmount` (integer) The total amount refunded thus far against the payment-session. Refunds can only be actioned once the payment-session is Captured. You can only have one refund in-flight at a time. Example: 120 - `statementDescriptor` (object) - `statementDescriptor.descriptor` (string) The statement descriptor that will be shown on the customer's bank statement for this payment. If you don't specify this then the descriptor set on your account will be used instead. It must satisfy the following regex pattern: ^[A-Za-z0-9 ][A-Za-z][A-Za-z0-9 ]$ Example: "Ryft Ltd" - `statementDescriptor.city` (string) This is the city that will be shown on the statements of the account's customers. If you don't specify this then the descriptor set on your account will be used instead. It must satisfy the following regex pattern: ^[A-Za-z0-9 ][A-Za-z][A-Za-z0-9 ]$ Example: "London" - `requiredAction` (object,null) The action to take (if any) in order to authorise the payment. This will be non-null if the customer's bank challenge the payment (i.e. 3DS) Example: {"type":"Redirect","url":"https://ryftpay.com/3ds-auth"} - `requiredAction.type` (string) The type of action Enum: "Redirect", "Identify", "Challenge" - `requiredAction.url` (string,null) The url to redirect to (if the requiredAction has type Redirect) Example: "https://ryftpay.com/3ds-auth" - `requiredAction.identify` (object,null) - `requiredAction.challenge` (object,null) - `returnUrl` (string) URL to send the customer back to after a redirection (e.g. 3DS). We will always append the paymentSessionId under query param ps. Example: "https://ryftpay.com/checkout?orderId=123&ps=ps_01FCTS1XMKH9FF43CAFA4CXT3P" - `authorizationType` (string,null) Specifies the type of authorization. PreAuth - Used to authorize a non-final amount, where you may want to later capture a different amount or adjust the initial authorized amount. FinalAuth - When the amount authorized is final and identical to the amount later captured. By default we will always use FinalAuth. Note that PreAuth is restricted to particular MCC values for Visa, contact us to verify and enable PreAuth if you believe your business is eligible. Enum: "PreAuth", "FinalAuth" - `captureFlow` (string,null) Whether the payment is automatically/manually captured. Defaults to Automatic. Enum: "Automatic", "Manual" - `verifyAccount` (boolean,null) Whether the PaymentSession was used to facilitate an account verification check. - `shippingDetails` (any) The shipping details for the purchase/payment. This is optional but recommended to reduce fraudulent payments. - `orderDetails` (object,null) The details of the order - `orderDetails.reference` (string,null) Your unique identifier for the order Example: "fffd1682-f82b-43e3-a89b-48d9ad7d55d9" - `paymentSettings` (object,null) Allows for customisation of various payment settings. - `paymentSettings.paymentMethodOptions` (object,null) - `paymentSettings.paymentMethodOptions.disabled` (array) Specific payment method options that have been disabled during payment. These options cannot be used to complete payment on this payment session. Enum: "Amex" - `paymentSettings.platform` (object,null) Only applicable to payments under the platform model. - `paymentSettings.platform.paymentFees` (object,null) Denotes which Ryft account's are charged particular fees for the payment. Example: {"interchange":{"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"},"network":{"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"},"miscPassThrough":{"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"}} - `paymentSettings.platform.paymentFees.interchange` (object,null) The ID of the Ryft account that any interchange fees are deducted from. Only applicable for accounts on the ICC++ pricing model. Example: {"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"} - `paymentSettings.platform.paymentFees.network` (object,null) The ID of the Ryft account that any network (scheme) fees are deducted from. Only applicable for accounts on the ICC++ pricing model. Example: {"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"} - `paymentSettings.platform.paymentFees.miscPassThrough` (object,null) The ID of the Ryft account that any miscellanous pass-through fees are deducted from. Only applicable for accounts on the ICC++ pricing model. Example: {"bookTo":"ac_3fe8398f-8cdb-43a3-9be2-806c4f84c327"} - `paymentSettings.platform.paymentFees.processor` (object,null) The ID of the Ryft account that the Ryft processing fee is deducted from. Note that: - when on Blended pricing, this refers to the full blended fee - when on ICC++ pricing, this refers to the final +, i.e. Ryft's markup - `paymentSettings.platform.paymentFees.gateway` (object,null) The ID of the Ryft account that any gateway fees are deducted from. - `paymentSettings.platform.paymentFees.combined` (object,null) The ID of the Ryft account that all the above are deducted from. This field takes precedence over any of the more granular fields. Note that: - when on Blended pricing, this will book all of: processor & gateway fees - when on ICC++ pricing, this will book all of: interchange, network, miscPassThrough, processor & gateway fees - `createdTimestamp` (integer) The epoch timestamp (seconds) when the payment was created Example: 1470989538 - `lastUpdatedTimestamp` (integer) The epoch timestamp (seconds) when the payment was last updated Example: 1470989538 ## Response 400 fields (application/json): - `requestId` (string) Example: "b83f2653-06d7-44a9-a548-5825e8186004" - `code` (string) Example: "400" - `errors` (array) - `errors.message` (string) Example: "Required property 'amount' not found in JSON" ## Response 500 fields (application/json): - `requestId` (string) Example: "b83f2653-06d7-44a9-a548-5825e8186004" - `code` (string) Example: "400" - `errors` (array) - `errors.message` (string) Example: "Required property 'amount' not found in JSON"