Submit Payments from Your Server

On this page:


When you receive a Card Identifier using our Drop-in Checkout or your Own Form integration, you can submit the payment to the Opayo gateway from your server.

Note: Opayo offers you a range of additional transaction types, too.


You must:

  • Authenticate your call using HTTP Basic authentication.
  • Format the string as, 'integrationKey:integrationPassword' and encode it using Base64 encoding.
  • Included the encoded string in the Authorization header.

Step 1. Submit the transaction request

For a basic transaction, the parameters listed in the following table must be included in the request body.

Transaction request parameters




The type of transaction requested. For example, Payment or Repeat.


The payment method for the transaction. In this object you must provide us with the cardIdentifier and the merchantSessionKey used to create that cardIdentifier.


Your unique reference for this transaction.


The amount in the smallest currency unit.
For example, to charge £1.00 the amount is input as 100. A Pound is 100 Pence. There is no smaller unit than the Pence.


The currency of the amount in 3 letter ISO-4217 format. For example, GBP.


Your customer's first name.


Your customer's last name.


Your customer's billing address.

Important: You must submit the strongCustomerAuthentication object. For more information, see the API reference.

Example payment transaction request

curl \ -H "Authorization: Basic aEpZeHN3N0hM..NVVzNXU=" \ -H "Content-type: application/json" \ -X POST \    -d '{
  "description":"Demo transaction",
    "address1":"407 St. John Street",
    "postalCode":"EC1V 4AB",
  "strongCustomerAuthentication": {
        "website": "",
        "notificationURL": "https://notification.url",
        "browserIP": "",
        "browserAcceptHeader": "text/html, application/json",
        "browserJavascriptEnabled": true,
        "browserJavaEnabled": false,
        "browserLanguage": "en-GB",
        "browserColorDepth": "16",
        "browserScreenHeight": "768",
        "browserScreenWidth": "1200",
        "browserTZ": "+300",
        "browserUserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0",
        "challengeWindowSize": "Small",
        "threeDSRequestorChallengeInd": "02",
        "requestSCAExemption": false,
        "transType": "GoodsAndServicePurchase",
        "threeDSRequestorDecReqInd": "N"

You can find a full list of parameters in our API Reference.

Step 2. Handle transaction responses

Responses depend on your 3D Secure requirements. When 3D Secure authentication is not required and the transaction is successfully authorised, you should receive a response similar to the following example:

  "statusDetail":"The Authorisation was Successful.",

The statusstatusCode and statusDetail inform you of the transaction outcome.

Response statuses


Status description


Transaction request completed successfully.


Transaction request was not authorised.


Transaction request was rejected by your fraud rules.


Missing properties or badly formed body.


Invalid property values supplied


An error occurred at Opayo

Transactions with 3D Secure

Transactions that use 3D Secure authentication require your customer to be forwarded to their card issuer for authentication before a card authorisation can complete. When 3D Secure authentication is required you should receive a response similar to the following example:

  "statusDetail":"Please redirect your customer to the ACSURL to complete the 3DS Transaction",

Next steps