Forward an API call to a PCI endpoint. The request body is evaluated and any template fields are replaced by the card data before the request is sent to the given destination.

Forward PCI data

gr4vy

A header that is forwarded to the `x-vault-forward-url`. The header will be
forwarded without the `x-vault-forward-header` part. For example,
`x-vault-forward-header-x-frame-options: SAMEORIGIN` is forwarded as
`x-frame-options: SAMEORIGIN`.

The HTTP method that is used when forwarding the request to the `x-vault-forward-url`.

A comma-separated list of Payment Method IDs that can be used to fill in the request template. At least 1 must be given, and a maximum of 100 are accepted.

The number of seconds to wait before timing out when forwarding the
request.

Bearer authentication header of the form `Bearer <token>`, where `<token>` is your auth token.

BearerAuth

Bad Request

Incorrect JSON

Unauthorized Error

x-vault-forward-payment-methods

x-vault-forward-url

x-vault-forward-http-method

x-vault-forward-header-{HEADER_NAME}

x-vault-forward-timeout

Returns the payload received from the forwarded request. If the request timed
out or there was a network error, the payload will be empty instead.

Returns an error if the request was badly formatted or missing required fields.

Returns an error if no valid authentication was provided.

Authorization

The algorithm to use for the API Key Pair. The recommended value is `ECDSA`.
You should only use the `RSA` algorithm in environments that do not support
`ECDSA`.

The date and time when this key pair was created.

A name for this key-pair which is used in the Gr4vy admin panel to give the key-pair a human readable name.

Merchant Account

The private key for the key-pair. This is only returned after
the key is initially requested. For subsequent API calls this value is
`null`.

A unique ID for this key-pair. This ID is the thumbprint of the key.

The date and time when this key pair was last updated.

API Key Pair

The optional ID of the merchant account this API Key Pair should be assigned to.
Leave this unset to create an API key that works across all merchant accounts.

A list of role IDs that will be assigned to the API Key Pair being created.
Only the "Administrator" and "Integration" roles are supported.

API key-pair (Create)

API key-pair (Update)

A list of the currently active API key pairs.

The limit applied to request. This represents the number of items that are at
maximum returned by this request.

The cursor that represents the next page of results. Use the `cursor` query
parameter to fetch this page of items.

A list of active API key pairs

The date and time when this action was created.

The type of this resource. Is always `action`.

Action

Actions

The country for the address in ISO 3166 format.

The house number or name for the address. Not all payment
services use this field but some do.

The optional name of the company or organisation to add
to the address.

The postal code or zip code for the address.

The state, county, or province for the address.

The code of state, county, or province for the address in
ISO 3166-2 format.

Address

This event logs the reason why we were unable to get an anti-fraud decision.

The date and time when this transaction was created in our system.

The name of this resource. Is always `anti-fraud-decision-error`.

The type of this resource. Is always `transaction-event`.

Anti-fraud - Error

This event logs the request and response details of HTTP calls made to an anti-fraud provider.

The name of this resource. Is always `anti-fraud-decision`.

Anti-fraud - Decision

This event logs the reason why we skipped getting an anti-fraud decision.

The name of this resource. Is always `anti-fraud-decision-skipped`.

Anti-fraud - Skipped

Defines if this service is currently active or not.

The name of the Anti-Fraud service provider.
During update request, this value is used for validation only but
the underlying service can not be changed for an existing service.

The date and time
when this anti-fraud service was created in our system.

A unique name for this anti-fraud service which is used in the Gr4vy admin panel to give a anti-fraud service a human readable name.

A list of fields, each containing a key-value pair for anti-fraud service decision mapping e.g. for Sift `approve_decision` will be in the response.

The unique Gr4vy ID for this anti-fraud service.

Defines if this service needs to handle the review status with a proper
review workflow. If not, the review status will be treated as any other
one.

The type of this resource. Is always `anti-fraud-service`.

The date and time
when this anti-fraud service was last updated in our system.

Anti-Fraud Service

A request to update an anti-fraud service.

Anti-Fraud Service (Update)

A request to create an anti-fraud service.

Anti-Fraud Service (Create)

Defines if this service is currently active or not. There can only
be one active service at any time. When updating a service
to active, the current active service will be deactivated.

A unique name for this anti-fraud service which is used in the Gr4vy admin panel to give a anti-fraud Service a human readable name.

A list of fields, each containing a key-value pair for each field defined
by the definition for this anti-fraud service e.g. for Sift
`api_key` must be sent within this field when creating the service.

For updates, only the fields sent here will be updated,
existing ones will not be affected if not present.

Defines if this service needs to handle the review status from anti-fraud
responses with a proper review workflow. If not, the review status will
be treated as any other one.

This event logs the webhook received when an anti-fraud decision is updated.

The name of this resource. Is always `anti-fraud-webhook`.

Anti-fraud - Webhook

A log of an error that happened in the API call.

The http request method that generated the log entry.

The date and time that the request was received.

The http request URL which trigged the error log.

The JSON response body for the log entry.

API Log

API Logs

The unique identifier representing a merchant for Apple Pay. This value is
populated after the Apple Pay certificate record has been updated with
the payment processing certificate received from Apple.

The Certificate Signing Request to upload to the Apple Developer console
when creating a new payment processing certificate.

The date and time this Apple Pay certificate record was created in our
system.

The name for this Apple Pay certificate which is used in the Gr4vy admin
panel to give the Apple Pay certificate a human readable name.

The date and time this Apple Pay certificate expires. This value is
populated after the Apple Pay certificate record has been updated
with the payment processing certificate received from Apple.

The unique identifier for this Apple Pay certificate record.

The hash value of the public key associated with this Apple Pay
certificate. This value is populated after the Apple Pay certificate
record has been updated with the payment processing certificate
received from Apple.

The status of this Apple Pay certificate.

The type of this resource. Is always `apple-pay-certificate`.

The date and time this Apple Pay certificate record was last updated.

Apple Pay Certificate

A request to start the registration of a new Apple Pay payment
processing certificate.

A name for this Apple Pay certificate which is used in the Gr4vy
admin panel to give the Apple Pay certificate a human readable name.

Apple Pay certificate (Create)

A list of Apple Pay certificates

The encrypted (opaque) token that was passed to the `onpaymentauthorized`
callback by the Apple Pay integration.

Apple Pay payment method request

Fully qualified domain name of the merchant.

Validation URL obtained from the event passed to a
`onvalidatemerchant` callback.

Apple Pay session request

A log of a change that occurred in the Gr4vy instance.

The ID of the merchant account this entry was created for.

The date and time that the action was performed.

Audit Log

Audit Logs

The result and raw data for a card BIN lookup.

The name of this resource. Is always `bin-lookup-request`.

BIN Lookup Request

The first name(s) or given name of the buyer.

The last name, or family name, of the buyer.

The phone number of the buyer. This number is formatted according to the
[E164 number standard](https://www.twilio.com/docs/glossary/what-e164).

The tax information associated with the billing details.

The type of this resource. Is always `billing-details`.

Billing details

Billing details to use associated to a buyer.

The first name(s) or given name for the buyer.

The phone number for the buyer which should be formatted according to the
[E164 number standard](https://www.twilio.com/docs/glossary/what-e164).

The tax ID information associated with the billing details.

Billing details (Create)

Billing Details (Update)

The `Accept` header of the request from the buyer's browser.

Indicates whether the client browser supports Java.

Indicates whether the client browser supports JavaScript.

The preferred language of the buyer,
usually the language of the browser UI.

Time-zone offset in minutes between UTC and buyer location.

The user agent string for the current browser.

The platform that is being used to access the website.

Browser info

The billing details associated with a buyer.

The date and time
when this buyer was created in our system.

A unique name for this buyer which is used in the Gr4vy admin panel to give a buyer a human readable name.

An external identifier that can be used to match the buyer against your own records.

The type of this resource. Is always `buyer`.

The date and time
when this buyer was last updated in our system.

Buyer

Snapshot of a buyer, as used when embedded inside other
resources.

The billing details associated with the buyer, which include the
address and tax ID.

Buyer (Snapshot)

The optional billing details to associate with a buyer.

An external identifier that can be used to match the buyer against your own records. This value needs to be unique for all buyers.

Buyer (Create)

Buyer (Update)

Buyers

The 2-letter ISO code of the issuing country of the card.

The 8 digit BIN of the card. When looking up card details using a
`payment_method_id` this value will be `null`.

The fields that are required to process a transaction for this payment option.

Required Fields

Card Details

Details to register a new card payment method.

The `external_identifier` of the buyer to associate this payment method
to. If this field is provided then the `buyer_id` field
needs to be unset.

The ID of the buyer to associate this payment method to. If this field is
provided then the `buyer_external_identifier` field needs to be unset.

The expiration date of the card, formatted `MM/YY`.

An external identifier that can be used to match the card against your own records.

The 13-19 digit number for this card as it can be found on the
front of the card.

The redirect URL to redirect a buyer to after they have authorized their
transaction or payment method. This only applies to payment methods that
require buyer approval.

Card

Definitions of a card scheme including icon, label, etc.

Card Scheme Definition

A list of available card scheme definitions.

Card Scheme Definitions

A cart item that represents a single cart line item for a transaction.
Note that some optional properties are required for certain payment
service providers. If no value is set for these properties, we will use
their default value.

If the total due to be paid for the item is required by the payment service
provider, generally referred to as the "total amount", the formula below
will usually be used to calculate this amount:

`(unit_amount * quantity) - discount_amount + tax_amount`

It's highly recommended that the total amount to pay for all items
should match the transaction's amount to reduce the risk of the
transaction being declined by the payment service provider.

The amount discounted for this item represented as a monetary amount
in the smallest currency unit for the given currency, for example `1299`
USD cents represents `$12.99`.

Please note that this amount is for the total of the cart item and not
for an individual item. For example, if the quantity is 5, this value
should be the total discount amount for 5 of the cart item.

You might see unexpected failed transactions if the `discount_amount` can
not be equally divided by the `quantity` value. This is due to the fact
that some payment services require this amount to be specified per unit.

In this situation we recommend splitting this item into separate items,
each with their own specific discount.

An external identifier for the cart item. This can be set to any value and is not sent to the payment service.

The name of the cart item. The value you set for this property may
be truncated if the maximum length accepted by a payment service
provider is less than 255 characters.

The quantity of this item in the cart. This value cannot be negative
or zero.

The tax amount for this item represented as a monetary amount
in the smallest currency unit for the given currency, for example `1299`
USD cents represents `$12.99`.

Please not that this amount is for the total of the cart item and not
for an individual item. For example, if the quantity is 5, this value
should be the total tax amount for 5 of the cart item.

You might see unexpected failed transactions if the `tax_amount` can
not be equally divided by the `quantity` value. This is due to the fact
that some payment services require this amount to be specified per unit.

In this situation we recommend splitting this item into separate items,
each with their own specific tax amount.

The amount for an individual item represented as a monetary amount
in the smallest currency unit for the given currency, for example
`1299` USD cents represents `$12.99`.

Cart Item

An array of cart items that represents the line items of a transaction.

The date and time when the Checkout Session will expire.
By default this will be set to 1 hour from the date of creation.

Checkout Session

Checkout Session (Create)

Details to store a new card payment method.

The 3 or 4 digit security code often found on the card. This often
referred to as the CVV or CVD.

The security code can only be set if the stored payment method
represents a card.

Card Payment Method

Details to store a new Click to Pay payment method.

Merchant checkout transaction identifier which is returned in the checkout
response from Click to Pay JavaScript methods.


Click to Pay Payment Method

Details to register a new Checkout Session payment method.

A request to update the secure fields of a checkout session.

Checkout Session Secure Fields (Update)

Checkout Session (Update)

Whether this connection is currently in use. Connections can
be deactivated to allow for them to be kept around and
re-activated at a later date.

Connection Definition

Connection

A list of available connection definitions.

Connection definitions

Additional options to be passed through to Adyen when processing
card transactions.

Additional options for Cybersource Decision Manager (anti-fraud).

Additional options for Forter (anti-fraud).

Additional options to be passed through to PayPal when processing
transactions.

Payments

Connections

Dashboard

Errors

Forward PCI data

Authorizations

Headers

Body

Response