External API

The External API integration is MoneyHash's solution for those who desire to integrate fully through API calls but are not PCI Compliant.

The External API integration enables you to configure and personalize the checkout process. However, MoneyHash still maintains control over the forms responsible for collecting the customer's information since MoneyHash is PCI compliant. On this page, you find a guide on how to use this integration.

Prerequisites

Before starting using the External API integration, be sure to have completed the steps described below.

  1. Get Started with MoneyHash to get access to your own Organization.
  2. Create an Account within your Organization.
  3. Connect providers to your new Account.
  4. Set up your Payment Defaults.
  5. Get your API keys in the dashboard to be able to make API calls.

Integrating

External API integration type is completely done through API calls. To start every payment, the first step is to create an intent using the Create Intent endpoint, whose URL is provided below. To use MoneyHash endpoints, you need to provide correct authentication information. Otherwise, you cannot create intents or perform other requests to MoneyHash API.

POST
/api/v1.1/external/payments/intent/

The state returned can guide you through the actions and methods required to proceed and complete the payment or payout. The table below describes each action related to each possible state value.

stateAction
METHOD_SELECTIONstate_details will contain list of all possible payment methods that could be used to complete your payment, you need to render them to your users
INTENT_NATIVE_FORMstate_details will contain all fields required to be collected from your customer, fields will be under different parents such as card key
INTENT_FORMMoneyHash will send you a URL in the state details to be rendered to your users, used with 3DS
INTENT_PROCESSEDRender your successful confirmation UI with the intent details.
TRANSACTION_FAILEDRender your failure UI with the intent details.
TRANSACTION_WAITING_USER_ACTIONRender your pending actions confirmation UI with the intent details and externalActionMessage if exists on Transaction.
EXPIREDRender your intent expired UI.
CLOSEDRender your intent closed UI.

The response from the Create Intent endpoint provides the necessary information to present your customer with the first step of his payment experience. This response lets you access all available payment methods for the currency and account you specified in the intent.

As you present the available payment options and the customer chooses a payment method, you need to inform it to MoneyHash. You can call the Update selected method endpoint with the intent ID received by the intent creation.

POST
/api/v1.1/external/payments/intents//update-method/

The response from the Update selected method endpoint provides a URL at data.state_details.embed_url you can use in an iframe to show your customer the fields they need to fill in with their payment information. After this point, MoneyHash will handle the payment until the end, including collecting user payment data.

Payment data and PCI Compliance

As mentioned before, when using the External API integration, you are not required to be PCI compliant. It happens because MoneyHash will collect customer payment data, such as card numbers and expiration dates. For this reason, you are required to present the content from the URL received when using the Update selected method endpoint.

Notifications

After integrating with MoneyHash through the External API, it's recommended you learn how to configure and use Webhooks and Redirects to be able to receive notifications and automatically redirect your customer to where you want with ease.