Our APIs provide programmatic access to the Getpaid solution. This page contains a comprehensive reference for all resources of the Getpaid public API. For walkthrough documentation please see Getpaid guides.
To get started, sign up at https://getpaid.io. This will give you access to the Getpaid dashboard where you can configure your account and retrieve your credentials needed to authenticate with Getpaid API.
| Type | Format |
|---|---|
| Amount minor | Amount in the minor currency unit (e.g. 100 cents for 1 EUR). |
| Card number | Credit/debit card numbers are formatted as a string of digits with no white spaces or dashes. The value must be between 13 and 19 digits long and must fulfill the Luhn check. |
| Card Verification Value | Card Verification Value (CVV) or Card Verification Code (CVC) is formatted as a string of digits. The value must be 3 or 4 digits long. |
| Country | The country code fields follow the ISO 3166-1 Alpha 2 standard in uppercase. Examples: ES, US. |
| Currency | The currency code fields follow the ISO 4217 standard in uppercase. Examples: EUR, USD. |
| Date | Dates are formatted using the complete date format according to the ISO 8601 standard: YYYY-MM-DD. Example: 2023-09-30. |
| Date-time | Date-time fields are formatted using the ISO 8601 standard for the combined date and time in UTC: YYYY-MM-DDThh:mm:ss.sssZ. Example: 2015-09-01T23:59:59.479Z. |
Email fields should follow the RFC 5322 standard. Example: jon.smith@acme.com |
|
| HEX color | Colors are represented as a string starting with # followed by six hexadecimal digits. Each pair of digits represents the intensity of red, green, and blue components respectively. Examples: #FFFFFF, #000000, #FF5733. |
| Identifier | Identifiers are formatted as a string of 3 alphabetic characters (which represents the type of the identified object), one underscore and 26 alphanumeric characters. Every identifier generated in our system is globally unique. Examples: acc_44678r08jtm8zbt227tzhc4nw5, doc_473cr1y0ghbyc3m1yfbwvn3nxx. |
| IP | IP fields are formatted using the Internet Protocol version 4 (IPv4) standard: x.x.x.x where x must be a decimal value between 0 and 255. Example: 192.158.1.38. |
The format of the files uploaded must correspond to the MIME type in the Content-Type header. See the supported file
formats and the corresponding MIME types:
| Extensions | Kind of document | MIME Type |
|---|---|---|
.csv |
Comma-separated values (CSV) | text/csv |
.doc |
Microsoft Word | application/msword |
.docx |
Microsoft Word (OpenXML) | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
.jpeg, .jpg |
JPEG images | image/jpeg |
.md |
Markdown | text/markdown |
.pdf |
Adobe Portable Document Format (PDF) | application/pdf |
.png |
Portable Network Graphics | image/png |
.svg |
Scalable Vector Graphics (SVG) | image/svg+xml |
.tsv |
Tab-separated values (TSV) | text/tab-separated-values |
.txt |
Text (generally ASCII or ISO 8859-n) | text/plain |
.xls |
Microsoft Excel | application/vnd.ms-excel |
.xlsx |
Microsoft Excel (OpenXML) | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |
In order to authenticate with Getpaid API you need to request an OAuth 2.0 access token using your client ID and secret available from the Getpaid dashboard:
curl --location --request POST 'https://auth.getpaid.io/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"client_id": "{{client_id}}",
"client_secret": "{{client_secret}}",
"audience": "https://api.sandbox.getpaid.io",
"grant_type": "client_credentials"
}'
Specify the appropriate client_id, client_secret, and audience to switch between sandbox and live environments.
Check the full details of the Request Access Token endpoint.
The response will return a Bearer access token in the JSON Web Token (JWT) format in the access_token field which
you should use in the Authorization header of any subsequent Getpaid API requests:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"scope": "accounts:read documents:read_write payments:read",
"expires_in": 3600,
"token_type": "Bearer"
}
The access_token will be valid for the length of time in seconds indicated by the expires_in field. When it
expires, you should request a new one.
clientCredentials https://auth.getpaid.io/oauth/tokendocuments:read - Allows to read documents.
documents:read_write - Allows to read and/or upload documents.
payments:read - Allows to read payments and checkouts.
payments:read_write - Allows to read, create and/or operate payments and checkouts.
Obtain an OAuth 2.0 access token to authenticate API requests
| client_id required | string Your OAuth client ID for the environment, live or sandbox, you are requesting the token for. |
| client_secret required | string Your OAuth client Secret for the environment, live or sandbox, you are requesting the token for. |
| audience required | string <uri> Enum: "https://api.sandbox.getpaid.io" "https://api.getpaid.io" The API you wish to integrate with. Use this to switch between sandbox and live environment. |
| grant_type required | string The OAuth grant type. Value: "client_credentials" |
{- "client_id": "g6gWu46zeP0HH4jkW3i22yJ2shDrNxJ8",
- "client_secret": "VJG133mOfuHhSfkIS6gozTXzr7FBm-0HS42OZ0cmxJkcHyGrVZMLGJtyruTA4CQv",
- "grant_type": "client_credentials"
}{- "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
- "scope": "accounts:read documents:read_write payments:read",
- "expires_in": 86400,
- "token_type": "Bearer"
}