External API

The External API integration is MoneyHash's solution for those who desire to integrate fully through API calls but are not PCI Compliant.

The External API integration enables you to configure and personalize the checkout process. However, MoneyHash still maintains control over the forms responsible for collecting the customer's information since MoneyHash is PCI compliant. On this page, you find a guide on how to use this integration.


Before starting using the External API integration, be sure to have completed the steps described below.

  1. Get Started with MoneyHash to get access to your own Organization.
  2. Create an Account within your Organization.
  3. Connect providers to your new Account.
  4. Set up your Payment Defaults.
  5. Get your API keys in the dashboard to be able to make API calls.


External API integration type is completely done through API calls. To start every payment, the first step is to create an intent using the Create Intent endpoint, whose URL is provided below. To use MoneyHash endpoints, you need to provide correct authentication information. Otherwise, you cannot create intents or perform other requests to MoneyHash API.


The response from the Create Intent endpoint provides the necessary information to present your customer with the first step of his payment experience. This response lets you access all available payment methods for the currency and account you specified in the intent.

As you present the available payment options and the customer chooses a payment method, you need to inform it to MoneyHash. You can call the Update selected method endpoint with the intent ID received by the intent creation.


The response from the Update selected method endpoint provides a URL at data.state_details.embed_url you can use in an iframe to show your customer the fields they need to fill in with their payment information. After this point, MoneyHash will handle the payment until the end, including collecting user payment data.

Payment data and PCI Compliance

As mentioned before, when using the External API integration, you are not required to be PCI compliant. It happens because MoneyHash will collect customer payment data, such as card numbers and expiration dates. For this reason, you are required to present the content from the URL received when using the Update selected method endpoint.


After integrating with MoneyHash through the External API, it's recommended you learn how to configure and use Webhooks and Redirects to be able to receive notifications and automatically redirect your customer to where you want with ease.