Skip to main content

Introduction

Our API follows a standard REST architectural style, has predictable resource-oriented URLs, and returns JSON-encoded responses, both of which are widely supported by off the shelf HTTP clients. We also provide a range of SDKs to allow you to interact with the API using popular programming languages.

Environment Sub Domains#

Our REST API is hosted on two subdomains, one for testing and one for live payments.

Sandbox#

https://sandbox.comcarde.com

Use this subdomain to test your integration works as expected.

Production#

https://secure.comcarde.com

Use this subdomain to process live payments.

Versioning#

Our API is versioned (e.g. https://secure.comcarde.com/v1/) so you can rely on us to not introduce breaking changes without an accompanying change in the API version. In the event of us needing to deprecate a version of our API, we will contact you in advance of you needing to take any action to upgrade.

Authorization#

You will need appropriate keys to access the API, which can be obtained by emailing support@comcarde.com.

The API Keys are grouped into two main classes, based on how they will be used. Server API Keys must only be used in your secure back-end services, and must not be exposed to your end users. Separate Client API Keys will be provided for use in client applications to support features such as Comcarde hosted fields, drop-in user interfaces, 3D Secure authentication, etc.

Server and Client API Key overview

Callbacks#

For some operations it is not possible to provide a final outcome in the response to an API call, in which case you will receive a 2101 Pending: The operation has been accepted for processing and the outcome is not yet known response.

If your Merchant Account is configured with a callback URL then you will receive a POST message when the information becomes available.

Callback overview

Please refer to the PaymentStatusCallback schema of our OpenAPI specification for details of what is contained in callback messages.