The API follows a set of HTTP API standards and supports
Idempotency to facilitate a more robust integration. PGP
encrypted payloads use the content type
application/octet-stream; charset=utf-8 and are sent using base64url
encoding, as defined in
Google hosted URLs
The documentation for each Google-hosted method provides a base URL, which includes the method name and major version number. The complete URL is created by adding the caller's Payment Integrator Account ID to the end. For example, the documentation for the Google-hosted echo method specifies the URL:
If the caller's Payment Integrator Account ID is
INTEGRATOR_1, they would add
that to the end of the URL to form:
Partner hosted URLs
The documentation for each partner hosted API method provides a base URL, which
includes the method name and major version number. You should not include the
Payment Integrator Account ID (
in the URLs you host.
HTTP response codes
The server application must return 200 for all requests it accepts. This includes both successful and declined requests.
If a request cannot be processed, this represents an error between Google and the payment integrator. In error situations an HTTP 200 must not be returned. You must use an error code from the table below. In order to provide more detailed diagnostic information the HTTP body can be an ErrorResponse, however it is acceptable to have an empty HTTP body as well. Error responses must not be cached or returned idempotently, as a change in system state may result in subsequent retries succeeding.
|HTTP Errors And Reasons|
Client specified an invalid argument. Note that this should not be used
for situations where an appropriate application error is available. For
example, incorrect currencies should return
This can also be returned if the operation was rejected because the system is not in a state required for the operation's execution.
Use this if retries of the request cannot succeed until the system state has been explicitly fixed. For example, if a refund request fails because it references a capture that does not exist, retrying will not succeed until the capture exists in the integrators system.
The request does not have valid authentication credentials for the operation. For example, invalid signatures or unknown signatures should return 401.
The caller does not have permission to execute the specified operation.
Some requested entity such as payment or user was not found.
The operation was aborted, typically due to a concurrency issue like sequencer-check failures, transaction aborts, etc.
This code should be used in situations where an idempotency key is being reused with different parameters.
Some system resource has exhausted.
The operation was cancelled (typically by the caller).
Internal errors. This means some invariants expected by underlying system has been broken.
Operation is not implemented, supported or enabled in this service.
The service is currently unavailable. This is a most likely a transient condition and may be corrected by retrying.
Deadline expired before operation could complete. For operations that change the state of the system, this error may be returned even if the operation has completed successfully. For example, a successful response from a server could have been delayed long enough for the deadline to expire.
Error results must never be cached or idempotently returned.