Payment with Idempotence

API interface that allows the online store to process sales requisitions.

Call Details#

  • Resource: /v2/payments
  • HTTP Method: POST
  • Request format: JSON
  • Response format: JSON
  • Header parameters:
ParameterDescriptionFormatMandatory
merchant_idMerchant code on Carat Portal. The production and certification codes will be different.< 15 ANYES
merchant_keyMerchant authentication key on Carat Portal. The production and certification keys will be different.< 80 ANYES
Content-TypeIt must be sent with the value application/json.= 15 ANYES
idempotency_keyIt's like a random code (identifier), with up to 80 characters, created by the integrator that will use the Carat API.< 80 NYES

Examples#

Request:

curl --location --request POST 'https://{{url}}/e-sitef/api/v2/payments/' \
--header 'Content-Type: application/json' \
--header 'merchant_id: ************' \
--header 'merchant_key: ************' \
--header 'idempotency_key: ************' \
--data-raw '{
"merchant_usn": "12050620649",
"order_id": "121314",
"installments": "10",
"installment_type": "4",
"authorizer_id": "2",
"amount": "10000",
"card": {
"expiry_date": "1222",
"security_code": "123",
"number": "5555555555555555"
}
}'
--verbose

Response:

{
"code": "0",
"message": "OK. Transaction successful.",
"payment": {
"authorizer_code": "000",
"authorizer_message": "Transacao Aprov.",
"status": "CON",
"nit": "1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr",
"order_id": "121314",
"customer_receipt": "====CUPOM COMPRADOR====",
"merchant_receipt": "====CUPOM ESTABELECIMENTO====",
"authorizer_id": "2",
"acquirer_id": "229",
"acquirer_name": "Bin",
"authorizer_date": "14/07/2022T11:54",
"authorization_number": "145778",
"merchant_usn": "12050620649",
"esitef_usn": "220714103502410",
"sitef_usn": "145778",
"host_usn": "999145778 ",
"amount": "10000",
"payment_type": "C",
"issuer": "2",
"authorizer_merchant_id": "000000000000005",
"terminal_id": "ES000032",
"payment_date": "14/07/2022T11:54"
}
}

Payment using the same idempotency_key with different order_id#

Request:

curl --location --request POST 'https://{{url}}/e-sitef/api/v2/payments/' \
--header 'Content-Type: application/json' \
--header 'merchant_id: **********' \
--header 'merchant_key: **********' \
--header 'idempotency_key: ************' \
--data-raw '{
"merchant_usn": "12050620649",
"order_id": "1657833175201",
"installments": "10",
"installment_type": "4",
"authorizer_id": "2",
"amount": "10000",
"card": {
"expiry_date": "1222",
"security_code": "123",
"number": "5555555555555555"
}
}'

Resposta:

{
"code": "1270",
"message": "Idempotent transaction body does not match the original",
"payment": {
"status": "INV",
"nit": "6ffad47ea1446d76160f1241f0fdca39342521df4f3f577920d9c855047fb9a2",
"order_id": "1657833175201",
"merchant_usn": "12050620649",
"esitef_usn": "230912025329730",
"amount": "10000"
}
}

Performing pre-authorization if the idempotency key is the same as that of a payment transaction#

Request:

curl --location --request POST 'https://{{url}}/e-sitef/api/v2/preauthorizations/' \
--header 'Content-Type: application/json' \
--header 'merchant_id: **********' \
--header 'merchant_key: **********' \
--header 'idempotency_key: ************' \
--data-raw '{
"merchant_usn": "12050620649",
"order_id": "1657833175201",
"installments": "10",
"installment_type": "4",
"authorizer_id": "2",
"amount": "11000",
"card": {
"expiry_date": "1222",
"security_code": "123",
"number": "5555555555555555"
}
}'

Response :

{
"code": "1272",
"message": "Idempotent transaction is not of the same type",
"payment": {
"status": "INV",
"nit": "d081e89daa1a0e446b92ead4ed2325f860d4e1280aa4b407f32957ce17f62ee3",
"order_id": "1657833175201",
"merchant_usn": "12050620649",
"esitef_usn": "230912025329774",
"amount": "2220"
}
}

Request parameters#

The table below describes the request parameters of the transaction creation service:

WARNING: The terminal e company_code parameters must be used only for SiTef routings and must be sent simultaneously.
It is also necessary send a request to the Carat Portal Support Team for the permission Allows sending Company and SiTef Terminal via REST. Passengers information Hotel reservation information Hotel address information Hotel rooms information Hotel room guests information Event information Event venue information Event tickets information Event attendee information Travel connections information Billing address information Travel information
ParameterDescriptionFormatMandatory
merchant_usnUnique sequential number for each order, created by the merchant. The USN will be used during the whole communication with the merchant to help identifying the order. As it is a possible access key on the merchant's side, even though it's optional to Carat Portal, it's strongly recommended that the field is formatted and sent by the merchant's application.< 12 NNO
order_idOrder code defined by the merchant. It's advised that it is different for each order so that it becomes easier to track it.
For transactions routed through the acquirer Bin, there's a 20 characters limit.
< 40 ANYES
installmentsNumber of installments. Send 1 for spot sales.< 2 NYES
installment_typeInstallment financing type:
Value 3 = installments with interest.
Value 4 = installments without interest (use this value also on spot sales).
Value 6 = installments with interest (IATA).
Value 7 = installments without interest (IATA).
The IATA financing types are only used by companies that work with air transportation.
< 2 NYES
authorizer_idCode of the authorizer on Carat Portal. Learn more.< 3 NNO
amountTotal price of the purchase (in cents). Example: 1,00 = 100 or 1.100,00 = 110000 – send the value without the comma and the dots.< 12 NYES
soft_descriptorAdditional text that will be presented alongside the name of the establishment in the credit card invoice. Learn more< 30 ANNO
cardCard data.
numberCustomer's card number (PAN).

Brand generated token (DPAN) for network token payment. Learn more
< 19 NYES
expiry_dateCard expiry date in MMYY format. Its requirement depends on the selected acquirer. In most cases, this field is mandatory.= 4 NCOND.
security_codeCard security code. This field may not be mandatory if the company has an agreement in the contract established with the acquirers, only for payments of certain areas. However, it is possible to configure the mandatory field in the merchant settings, consult Carat support for more information.
Important: a payment with schedule implies on storing the customer's card data on Carat Portal's environment. However, for security reasons, the security code cannot be stored. Therefore, the scheduled payments will always be executed without the security code.
< 5 NCOND.
holderCard holder name. Only mandatory for payments with e-Rede, GetNet WS and VR (SmartNet). < 30 ANCOND.
tokenHASH of a card stored on Carat Portal. It's not allowed to send an ‘open' card number (number field) and a stored card (token field) on the same request.= 88 ANNO
cryptogramCryptogram generated by the card brand= 28 ANNO
wallet_typeField that specifies whether the transaction is processed with PAN or DPAN. If “type” is empty, the default value is PAN (non-tokenized card number). If there is a tokenized transaction, you must send the value “network_token”.ANNO
external_authenticationThis element receives MPI authentication result fields.
eciEletronic Commerce Indicator – Card holder authentication security level indicator.< 3 NNO
xidExternal card holder authentication transaction id.< 40 NNO
cavvCardholder Authentication Verification Value - Codes that refers to card holder authentication result data.< 40 NNO
acquirerData required only to specific acquirers / routings.
financing_planFinancing Plan code used for Via Certa Financiadora routed payments, only in case of installments plan with interest.< 4 NNO
special_codeConductor/Renner SiTef routings general use code.< 6 NNO
midAcquirer merchant code - For BIN routings, the MID to be used by the merchant is unique. This field must be used if it is necessary to select a MID other than the default one.< 15 ANCOND
recurrencyFlag that defines whether or not the payment is recurring. Accepted all routings via SiTef, Cielo e-Commerce, Global Payments WS, Stone WS, e.Rede REST and GetnetWS routings.
In the case of a Stone WS recurrency, it is mandatory to send only one of the fields below, is_first_recurring OR is_subsequent_recurring.
< 5 T/FNO
recurrency_tidFirst transaction's TID. This field tells the first and the subsequent transactions apart. Use only if it is a recurrent payment. This field is used only for e.Rede REST routings using the brands Visa or Mastercard and for GetnetWS routing. < 16 ANNO
is_first_recurringFlag used only for StoneWS routing. Indicates that the transaction is the first in a series of recurring transactions.< 5 T/FCOND.
is_subsequent_recurringFlag used only for StoneWS routing. It indicates that the transaction is the second or nth of a series of recurring transactions, where n > 2.< 5 T/FCOND.
recurrency_original_amountOriginal value of the transaction that started the recurrency. This value must be informed in all subsequent recurrences. Used only for recurrence. Field used only in BIN routing, mandatory when recurrence< 18 ANNO
product_codeProduct code.
It is mandatory in routing via Marisa.
< 6 NCOND.
terminalSitef terminal code. In absence Carat Portal will generate a random terminal code.= 14 NNo
company_codeSitef company code. In absence Carat Portal will use company code from merchant configuration.= 8 NNo
authorization_numberAuthorization number. Mandatory for Bradescard Voucher authorizer.< 6 ANCOND.
acquirer.vouchers_filter[]Choice of vouchers that will not be accepted. Options of "Vouchers": 01 - Food, 02 - Meal, 03 - Culture, 04 - Fuel, 05 - Benefit.
Example:
You do not want to accept Vouchers: Culture, Fuel, Benefit. You must send:
"vouchers_filter": ["03", "04", "05"]
acquirer.prefixesElement for sending SiTef prefixes, like CICLOS, CPLANO and VLRADD. If the prefix that was sent is not supported by card, Carat Portal will invalidate the transaction, preventing that a false impression of the use of a functionality is given.

Example:
{ "key" : "value" } -> { "CICLO" : "01" }
keyPrefix name.< 1024 ANNO
valuePrefix value.< 1024 ANNO
acquirer.submerchant_split[]It consists of an array for split payments, unique to BIN and Sipag routing, both via SiTef. It allows the division of parts of the total amount of the payment among other merchants.
The maximum number of items allowed in this array is 5 items.
submerchant_codeBIN/Sipag merchant code< 51 ANNO
submerchant_amountTransaction amount related to the merchant< 12 NNO
acquirer.card_on_fileIt is intended for sending specific information such as card storage authorization, confirming that the cardholder has authorized the storage of the card.
Learn more.
usageIdentifies the usage.
For instance, in case of storage authorization: authorized
< 11 ANNO
reasonItentifies the reason.
For instance, in case of storage authorization: card
< 11 ANNO
additional_dataElement for sending additional data.
postpone_confirmationThis field must be sent with value true if a payment with late confirmation is desired.< 5 T/FNO
visitor_idVisitor identifier obtained using Konduto's JavaScript< 40 ANNO
descriptionProduct description< 100 ANNO
discount_amountDiscount amount of the product in cents< 10 NNO
discount_infoDiscount information.< 500 ANNO
skuItem product code< 100 ANNO
creation_dateIndicates the date of publication of the product on the merchant's site (Format: DD/MM/YYYY)= 10 ANNO
additional_data.payerElement for sending data related to the payer.
nameCustomer name< 100 ANYES
surnameCustomer surname< 100 ANYES
emailCustomer e-mail< 100 ANYES
born_dateCustomer birth date (format : YYYY-MM-DDTHH:MM:SS)= 19 ANNO
identification_numberCustomer document number< 100 ANNO
creation_dateAccount creation date on the site (format: DD/MM/YYYY )= 10 ANNO
is_new_clientBoolean that indicates if the customer is using a recently created account in this purchase< 5 T/FNO
is_vip_clientBoolean that indicates if the customer is VIP or a frequent buyer< 5 T/FNO
additional_data.merchantElement for sending data related to the merchant.
emailMerchant's e-mail address.< 1024 ANNO
additional_data
.passengers[]
namePassenger first name< 100 ANYES
last_namePassenger last name< 100 ANYES
legal_documentPassenger document< 100 ANYES
legal_document_typePassenger document type (5 = passport, any other number = id)< 8 ANYES
birth_datePassenger birth date (format: YYYY-MM-DDTHH:MM:SS)< 17 ANNO
nationalityPassenger nationality, following ISO 3166-1 alfa-3= 3 ANNO
is_frequent_travelerFrequent traveler boolean< 5 T/FNO
is_with_special_needsBoolean which indicates if it's a passenger with special needs< 5 T/FNO
frequent_flyer_cardLoyalty program type< 255 ANNO
customer_classLoyalty program category< 255 ANNO
additional_data
.hotel_reservations[]
hotelHotel name< 100 ANYES
categoryHotel category< 100 ANNO
additional_data
.hotel_reservations[]
.address
street_name Hotel street name< 255 ANNO
street_numberHotel street number< 255 ANNO
complementHotel address complement< 100 ANNO
cityHotel city< 100 ANNO
stateHotel state< 100 ANNO
zip_codeHotel zip code< 100 ANNO
countryHotel country code, following ISO 3166-1 alfa-3= 3 ANNO
additional_data
.hotel_reservations[]
.rooms[]
numberRoom number< 100 ANNO
codeRoom code< 100 ANNO
typeRoom type< 100 ANNO
check_in_dateCheck-in date and time (format: YYYY-MM-DDTHH:MM:SS)< 17 ANYES
check_out_dateCheck-out date and time (format: YYYY-MM-DDTHH:MM:SS)< 17 ANNO
number_of_guestsNumber of guests< 9999 NNO
board_basisFeeding regime< 100 ANNO
additional_data
.hotel_reservations[]
.rooms[]
.guests[]
nameGuest name< 100 ANYES
documentGuest document< 8 ANNO
document_typeGuest document type:
  • cpf
  • rg
  • passport
  • id
  • other
< 8 ANNO
birth_dateGuest birth date (format: YYYY-MM-DDTHH:MM:SS)< 17 ANNO
nationalityGuest nationality, following ISO 3166-1 alfa-3= 3 AN
additional_data
.events[]
nameEvent name< 255 ANYES
dateEvent date and time (format YYYY-MM-DDTHH:MM:SS)< 17 ANYES
typeEvent type:
  • show
  • theater
  • movies
  • party
  • festival
  • course
  • sports
  • corporate
< 9 ANYES
subtypeEvent type details< 255 ANNO
additional_data
.events[]
.venue
nameVenue name< 255 ANNO
street_nameVenue street name< 255 ANNO
street_numberVenue street number< 255 ANNO
cityVenue city< 255 ANNO
stateVenue state< 255 ANNO
countryVenue country code, following ISO 3166-1 alfa-3= 3 ANNO
capacityVenue capacity< 255 ANNO
additional_data
.events[]
.tickets[]
idUnique ticket identifier< 255 ANNO
categoryTicket category:
  • student
  • senior
  • government
  • social
  • regular
< 10 ANYES
sectionTicket section< 255 ANNO
premiumPremium ticket indicator< 5 T/FNO
additional_data
.events[]
.tickets[]
.attendee
nameAttendee name< 255 ANNO
documentAttendee document< 100 ANYES
document_typeAttendee document type:
  • cpf
  • cnpj
  • rg
  • passport
  • other
< 100 ANNO
birth_dateAttendee birth date (format: YYYY-MM-DDTHH:MM:SS)< 17 ANNO
additional_data.shipment.receiver_address
street_nameShipment address street name.< 255 ANNO
street_numberShipment address street number.< 15 ANNO
complementShipment address complement.< 50 ANNO
zip_codeShipment zip code. E.G.: 21241-140.< 9 ANNO
cityShipment city.< 50 ANNO
stateShipment state.= 2 ANNO
countryShipment country, following ISO 3166-1. E.G.: BRA= 3 ANNO
additional_data.browser
emailEmail registered in the customer's browser.< 100 ANNO
host_nameHost name where the customer was before entering the store's website.< 60 ANNO
additional_data.items[]
titleProduct name.< 255 ANNO
quantityQuantity of the product to be acquired.< 15 NNO
idProduct identifier.< 255 ANNO
unit_priceUnit price of the product.< 15 NNO
additional_data.items[].passenger
emailPassenger email.< 255 ANNO
legal_documentId of the passenger to whom the ticket was issued.< 32 ANNO
namePassenger name.< 120 ANNO
customer_classClassification of the Airline. Values such as Gold or Platinum can be used.< 32 ANNO
additional_data.items[].passenger.phone
ddiPassenger phone IDD.< 3 NNO
dddPassenger phone DDD.< 3 NNO
numberPassenger phone number.< 9 NNO
additional_data.extra_param.acquirer_params[]
keyId of the additional information to be sent. For further details about this field, see https://developercielo.github.io/Webservice-3.0/english.html#merchant-defined-data.< 1024 NNO
valueValue of additional information to be sent.< 1024 ANNO
additional_data.shipment
nameDelivery recipient name.< 255 ANNO
methodType of product delivery service. Allowed values:
SAME_DAY – Delivery on the same day.
ONE_DAY – Delivery overnight or on the next day.
TWO_DAY – Delivery in two days.
THREE_DAY – Delivery in three days.
LOW_COST – Low cost delivery service.
PICKUP – Product to be picked up in the store.
OTHER – Other method.
NONE – No delivery service, as it is a service or subscription.
< 9 ANNO
additional_data.shipment.phones[]
ddiAddressee phone IDD.< 3 NNO
dddAddressee phone DDD.< 3 NNO
numberAddressee phone number.< 9 NNO
additional_data
.connections[]
journey_type
  • OUTWARD - outward journey
  • RETURN - return trip
< 7 ANYES
origin_cityOrigin city< 100 ANYES, if transport_type=bus
destination_cityDestination city< 100 ANYES, se transport_type=bus
fromIATA airport code of the origin airport= 3 AN
toIATA airport code of the destination airport= 3 ANYES, if transport_type=flight
departure_dateDeparture date and time (format: YYYY-MM-DDTHH:MM:SS)< 17 ANYES
classSeat class name (Ex: economy, business or first)< 8 ANNO
class_codeSeat class code< 20 ANNO
companyAirline name< 20 ANNO
additional_data
.billing_data
.address
street_nameBilling street name< 255 ANNO
street_numberBilling street number< 255 ANNO
complementBilling address complement< 100 ANNO
cityBilling city< 100 ANNO
stateBilling state< 100 ANNO
zip_codeBilling zip code< 100 ANNO
countryBilling country code, following ISO 3166-1 alfa-3= 3 ANNO
additional_data
.travel
transport_typeTravel transport type (flight or bus)< 6 ANYES
expiration_dateExpiration date (format: DD/MM/YYYY )= 10 ANNO

The table below describes the additional parameters that must be sent on a payment with fraud analysis (for the time being only available for Cielo e-Commerce):

ParameterDescriptionFormatMandatory
additional_data
anti_fraud_institutionInstitution that will carry out the fraud analysis to the merchant. It must be send with the value AUTHORIZER.= 10 ANYES para análise de fraude
anti_fraudEnables the fraud analysis service. Allowed values:
enabled_before_auth – fraud analysis will be done BEFORE the payment authorization. If the analysis is rejected, the payment won't be initiated.
enabled_after_auth – fraud analysis will be done AFTER the payment authorization. If the analysis is rejected, the payment will be cancelled.
< 19 ANYES para análise de fraude
journey_typeType of the trip. Allowed values:
ROUND_TRIP – round trip.
OUTWARD – outward.
RETURN – return.
< 10 ANNO

Response parameters#

If successful, the HTTP response code will be 201. Any other code must be interpreted as an error. The table below describes the response parameters of the payment effectuation service:

ParameterDescriptionFormat
codeCarat Portal response code. Any code different from 0 means failure. Learn more.< 4 N
messageCarat Portal response message.< 500 AN
payment
authorizer_codeAuthorizer response code.< 10 AN
authorizer_messageAuthorizer response message.< 500 AN
statusStatus of the payment transaction on Carat Portal. Learn more.= 3 AN
nitIdentifier of the payment transaction on Carat.= 64 AN
order_idOrder code sent by the merchant on the creation of the transaction.< 40 AN
merchant_usnUnique sequential number sent by the merchant on the creation of the transaction.< 12 N
amountTotal price of the purchase specified by the merchant (in cents) on the creation of the transaction.< 12 N
sitef_usnUnique sequential number of the payment transaction on SiTef.= 6 N
esitef_usnUnique sequential number of the payment transaction on Carat Portal.= 15 N
customer_receiptCustomer's receipt.< 4000 AN
merchant_receiptMerchant's receipt.< 4000 AN
authorizer_idCode of the authorizer used on the transaction.< 4 N
acquirer_idCode of the acquirer used on the transaction.< 4 N
acquirer_nameName of the acquirer used on the transaction.< 100 AN
authorizer_datePayment authorization date returned by the authorizer in DD/MM/YYYY'T'HH:mm format. Example: 13/07/2017T16:03= 16 D
authorization_numberAuthorization number.< 6 AN
host_usnHost USN.< 15 AN
tidID of the transaction on the acquirer. This field is only returned on transactions with acquirers that are external to SiTef.< 40 AN
eciEletronic Commerce Indicator (security level indicator of the payment transaction).< 3 AN
payment_datePayment authorization date on Carat Portal in DD/MM/YYYY'T'HH:mm format. Example: 13/07/2017T16:03= 16 D
issuerIssuer code returned by the authorizer.< 5 AN
authorizer_merchant_idAffiliation code of the merchant on the authorizer.< 100 AN
xidXID field returned on 3DS authentications or certain acquirers.< 40 AN
cavvCardholder Authentication Verification Value - Codes that refers to card holder authentication result data.< 40 N
recurrency_tidFirst transaction's id (TID) on the card brand. Returned only if it is a recurrent payment. This field is used only for e.Rede REST routings using the brands Visa or Mastercard.< 16 AN
terminal_idTerminal code used in the transaction< 8 AN
payment_typePayment type from the selected authorizer: B = boleto, C = credit, D = debit, P = Private Label credit card, T = bank transfer, G = gift card, O = other payment methods, W = Boleto NR via Web Service= 1 AN
payment.analysis
statusStatus of the payment transaction on Carat Portal. Learn more.= 3 AN
codeCarat Portal response code. Any code different from 0 means failure. Learn more.< 4 N
messageCarat Portal response message.< 500 AN