Description

Pay is an API that allows you submit online payment with Santander accounts, and check the status of those payment submissions.

This information is useful for the customer to know if he/she will have access to financing. That can help your business, reinforcing the customer buying decision. Also, it is possible for you, as a merchant, to take specific actions. Use that info on your Check Out process to suggest the customer to finance their purchases with Santander.Please keep in mind that we will request customer's consent to share this information with you.

Requirements

Before initiating this process, you need to fulfil the following requirements:

1. Your application must be registered in our Developer Hub. You will so obtain a Client ID and Client Secret.

2. A valid redirect URI previously registered in the application to receive the answer to the authorization calls.

3. The application must be subscribed to the API "Pay".

Data

In order to start a payment submission, you must at least provide us the following data:

  • Payment Amount
  • Payment Currency
  • Credit Account: Account where we will credit you the funds.

Once process has completed successfully, we will provide you the current status of the Payment submission:

Field Description
Paymnent ID Payment request ID.
Payment status Indicates payment status: ACCP: Payment ID has been generated but customer has not yet accepted the transaction. RJCT: Customer has been authenticated and presented the transaction but has rejected its execution ACSC: Customer has accepted the transaction and we debit has been performed. Funds credit on your account will actually depend of local payment settlement circuits
Get a new Payment ID

To submit a new payment, you need to get a valid Payment ID for your payment submission request from Santander.

This process occurs in two steps:

    1) Get access token. That access allows you to call our payments endpoint to get a valid new payment ID.

    2) API call to get a valid new payment id.

1. Get access token
Once the request for access token is authorized, a call must be made to obtain it.
Parameters
End Point oauth/token Mandatory
Parameters

Header

Authorization

Basic Base64(ClientID:Secret) yes

Body

country

Country to use.
Codes available in Sandbox: ESP, UK
Codes available in Live: ESP
yes

Body

scope

_payments yes

Body

grant_type

client_credentials yes
Response

{

'access_token': '9b678b10-cc8e-42ef-a479-1ceadbc2e176',

'token_type': 'bearer',

'expires_in': 43199,

'scope': '_payments'

}

Error Handling
Errors can occur for several reasons.
2. Get payment ID
From now on, calls to the API with access_token will be authorized during the effective time of the access token.
URI https://apis.santander.com/payments
Method POST
Parameters HEADER client_id
HEADER access_token
Parameters
End Point oauth/token Mandatory
Parameters

Header

Authorization

Basic Base64(ClientID:Secret) yes

QueryString

redirect_uri (optional)

URL to redirect the response. no

Body

country

Country to use.
Codes available in Sandbox: ESP, UK
Codes available in Live: ESP
yes (Retrieved by introspective process)

Body

scope

_payments yes (Retrieved by introspective process)

Body

grant_type

authorization_code yes (Retrieved by introspective process)

Body

code

The code obtained in the authorization endpoint no
Response

{

'payment_id': 'PIS19943012266676591'

}

Get customer's consent

Once you have a valid payment id, you need customer consent to submit the payment.

This process occurs in three steps:

    1) Retrieve customer consent. Get an authorization from the customer so you can get an access token to call the payments API.

    2) Get access token. That access token authorizes the subsequent API calls to submit payments and get their status.

    3) API call to submit the payment.

1. Retrieve Authorization Code
To obtain the authorization code that allows you to request the access token, it is necessary to make a call to the OAuth authorization server.
Parameters
End Point oauth/authorize Mandatory
Parameters

QueryString

client_id

Client identifier assigned in the API portal. yes

QueryString

scope

_payments{{payment_id}} (payment_id is retrieved in step 2 'Get payment ID') yes

QueryString

user (Combo box)

User of the test case no

QueryString

country

Identification code associated with the country to which the client belongs.
Codes available in Sandbox: ESP, UK
Codes available in Live: ESP
yes

QueryString

redirect_uri

URL to redirect the response. yes

QueryString

response_type

Type of grant. It must be filled with code yes

QueryString

state(optional)

It is used to maintain correlation between this request and the authorization server's response recomended
Response

https://partnerURL.com/?code=839a3d23-c3d5-4fc5-b6f9-3427b40ebc09&redirect_uri=https://www.partnerRedirectURI.es/

Error Handling
Errors can occur for several reasons.
2. Get access token
Once the request for access token is authorized, a call must be made to obtain it.
Parameters
End Point oauth/token Mandatory
Parameters

Header

Authorization

Basic Base64(ClientID:Secret) yes

QueryString

redirect_uri

URL to redirect the response. yes

Body

country

Country to use.
Codes available in Sandbox: ESP, UK
Codes available in Live: ESP
yes (Retrieved by introspective process)

Body

scope

_payments{{payment_id}} yes (Retrieved by introspective process)

Body

grant_type

authorization_code yes (Retrieved by introspective process)

Body

code

The code obtained in the authorization endpoint no
Response

{

'access_token': '9b678b10-cc8e-42ef-a479-1ceadbc2e176',

'token_type': 'bearer',

'expires_in': 43199,

'scope': '_payments PIS32852035485905442'

}

Error Handling
Errors can occur for several reasons.
Show Status Codes
Submit payment & check payment status

To successfully complete the payment submission process it is mandatory to check the payment status once.

Subsequent calls to check the payment status will return an up-to-date status.

3. Calling the API - Get Payment Status
From now on, calls to the API with access_token will be authorized during the effective time of the access token.

To see more details, go to API Explorer.

Sandbox

Get into our testing environment and try your API before launching it to production.