API Introduction
Acquired.com supports payments via the Card API or the Banking API – you decide what works best for your business. Our platform has your back.
Endpoints
Time to play - access your API using these endpoints:
Security
We can’t overstate how important security is to everyone at Acquired.com. Here is how we protect each other when you’re using our API:
Request Hash
Each transaction gets a request_hash. We generate one, you generate one, and if they match when we receive your transaction then everyone knows it’s legit.
company_hashcode to calculate the request_hash value. If you’re a new customer, or if you lost your previous key, send the support@acquired.com team a note. They’ll sort you out.
Here’s what you do next:
- First concatenate the request fields with your
company_hashcode. - Then SHA256 encrypt the resulting string.
For AUTH_ONLY, AUTH_CAPTURE, CREDIT and BENEFICIARY_NEW request types, concatenate the values from the table below.
| Parameter | Format | Length | Description |
|---|---|---|---|
| timestamp | string |
14 | Date and time of transaction submission. Acceptable Characters: 0-9 in the format yyyymmddhhmmss |
| transaction_type | string |
1-20 | The transaction type being performed. Acceptable Characters: a-z A-Z _ |
| company_id | int |
1-11 | API Company ID we issue to merchants. Acceptable Characters: 0-9 |
| merchant_order_id | string |
1-50 | Unique ID used to identify each transaction. Acceptable Characters: a-z A-Z 0-9 _ - |
| company_hashcode | string |
1-30 | Hash value we assign to merchants. Acceptable Characters: a-z A-Z 0-9 _ |
For VOID,CAPTURE,REFUND, ACCOUNT_UPDATER and PAY_OUTrequest types, concatenate the values from the table below.
| Parameter | Format | Length | Description |
|---|---|---|---|
| timestamp | string |
14 | Date and time of transaction submission. Acceptable Characters: 0-9 in the format yyyymmddhhmmss |
| transaction_type | string |
1-20 | The transaction type being performed. Acceptable Characters: a-z A-Z _ |
| company_id | int |
1-11 | API Company ID we issue to merchants. Acceptable Characters: 0-9 |
| original_transaction_id | int |
1-50 | transaction_id value we generated and returned in the original request. Acceptable Characters: 0-9 |
| company_hashcode | string |
1-30 | Hash value we assign to merchants. Acceptable Characters: a-z A-Z 0-9 _ |
Here’s sample code for calculating the request_hash value:
function request_hash($param,$company_hashcode){
if(in_array($param['transaction_type'],array('AUTH_ONLY','AUTH_CAPTURE','CREDIT','BENEFICIARY_NEW'))){
$str=$param['timestamp'].$param['transaction_type'].$param['company_id'].
$param['merchant_order_id'];
}elseif(
in_array($param['transaction_type'],array('CAPTURE','VOID',
'REFUND','SUBSCRIPTION_MANAGE','ACCOUNT_UPDATER','PAY_OUT'))){
$str=$param['timestamp'].$param['transaction_type'].$param['company_id'].
$param['original_transaction_id'];
}
return hash('sha256',$str.$scompany_hashcode);
}
Coming soon...
Coming soon...
Response Hash
You’ll see a response_hash parameter in our response to all your transaction requests. That’s how you know it’s absolutely, definitely from Acquired.com.
response_hash is calculated in the same way whatever the transaction type – it’s a concatenated 64-character SHA256-encrypted string created from the following response values:
| Parameter | Format | Length | Description |
|---|---|---|---|
| timestamp | string |
14 | Date and time of transaction submission. Acceptable Characters: 0-9 in the format yyyymmddhhmmss |
| transaction_type | string |
1-20 | The transaction type being performed. Acceptable Characters: a-z A-Z _ |
| company_id | int |
1-11 | API Company ID we issue to merchants. Acceptable Characters: 0-9 |
| transaction_id | int |
1-50 | Unique transaction_id value we generated. Acceptable Characters: 0-9 |
| response_code | int |
1-3 | Code describing transaction results. Acceptable Characters: 0-9 |
| company_hashcode | string |
1-30 | Hash value we assign to merchants. Acceptable Characters: 0-9 |
Here’s sample code for calculating the response_hash value:
function response_hash($param,$company_hashcode){
$str=$param['timestamp'].$param['transaction_type'].$param["company_id"].$param['transaction_id'].$param['response_code'];
return hash('sha256',$str.$company_hashcode);
Coming soon...
Coming soon...