Skip to main content

Place orders with catalog products

Place orders with catalog products

Last updated: 11-Jul-2024
Rate this article:

Overview

Use this object via JSON-RPC API 6.0 to create new orders and collect payments from shoppers using catalog products defined in your Merchant Control Panel.

For orders that require physical delivery, if no shipping methods are provided, 2Checkout will add to the cart your account's default shipping configuration.

You can find a list of common errors that may arise when using the placeOrder call via API 6.0 here.

Supported payment methods/flows

Requirements

For credit card orders placed using 2Checkout API 6.0 or a more recent version, you need to pass through additional parameters that support the 3D Secure flow. 3D Secure works by redirecting customers to pages provided by their banks, where they need to enter additional security tokens or password to trigger the completion of the charge. By using 3D Secure, you get additional protection from liability for fraudulent card payments, with customers having to go through an extra layer of authentication.

Send the following parameters in the placeOrder call, as part of the PaymentDetails object:

Parameters Description
Vendor3DSReturnURL Required (string)
  URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized.
Vendor3DSCancelURL Required (string)
  URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized.
WSOrder Optional (String)
  The WSOrder parameter is used to control the website URL displayed in the email messages shoppers receive after they place an order. By default, 2Checkout reports the URL set as Homepage in the Account information area. Adding WSOrder to the buy-links for your products will cause the optional website address set by using the parameter to override and replace the Homepage URL in the email notifications sent to customers. The behavior is similar to the WS_ORDER parameter supported on checkout/cart pages and described here.

Response

Parameters Type/Description
Order information Object
  Object containing order information.

Parameters

 
Parameters Type/Description
Currency String / Optional
  The currency ISO code for the payment - ISO 4217. Example: “usd.”
Country String / Optional
  Shopper country. ISO 3166 two-letter code. Example: “us.”
Language String / Optional
  ISO 639-1 two-letter code. The language used for the purchase process. Example: “en.”
ExternalReference String / Optional
  Set external reference identifiers for orders. Enables you to replicate the functionality of the REF parameter included into Buy Links. Maximum 100 characters. If there is a need for longer references, you can apply an md5 hash for any string value, resulting in a 32 characters string. You can verify the hash after the order notification, on the client side.
Source String / Optional
 

The link source for the sales. Enables you to replicate the functionality of the SRC (separate link identifier) parameter when included into Buy Links. Use the SRC parameter to track sale sources.

 

Maximum length 255 characters.

CustomerReference Integer/Optional
  Set an external customer ID, attached to the customer.
Affiliate Object/Optional
                 AffiliateCode String/Required
  The affiliate unique code (as returned by the affiliates API methods).
AffiliateSource String/Optional
  The affiliate source.
Items Array of objects / Required
  Details below. 
  OrderItem Object
      Details below. 
    Code String / Mandatory
      Unique product identifier your control. Max length 256 characters. Only for catalog products.
    Quantity Integer / Optional
      Number of units
    PriceOptions Array of strings / Optional
      Array of price option codes.
    SKU String / Optional
      SKU identifier.
    Price Object - Can be NULL. If Price Type is set to 'CUSTOM', dynamic pricing can be added to the order via the Amount parameter.
    CrossSell Object – Can be NULL
        Details below. 
      ParentCode String 
        The product code of the master product you set to trigger the campaign.
      CampaignCode String 
        Unique, system-generated identifier for cross-sell campaigns.
    Trial Object – Can be NULL
        Details below. 
      Period Integer 
        The length of the trial subscription lifetime in days.
      Price Double / Optional
        Total trial price in the payment currency before 2Checkout deducts any taxes, discounts, etc.
    AdditionalFields Array of objects – Can be NULL
      AdditionalFieldSet Object – Can be NULL
        Code String
          The alpha-numeric characters, underscores and dashes that are set as the field identifier.
        Value String
          Selected field value.
    SubscriptionStartDate String
     

Specify the date time stamp when the subscription becomes active. Format 2016-07-02 22:22:22 (YYYY-MM-DD HH:mm:ss). Available for JSON-RPC and REST.

Send empty or NULL to activate subscriptions on the same date when customers purchase them.

You can exclude HH:mm:ss when sending the date and include only YYYY-MM-DD. In this case, 2Checkout uses 00:00:01. Default time zone GMT+02:00.

    SubscriptionCustomSettings Object/Optional
      To use this, the ExtraInformation object with AssistedSale property set to "true" is required.
   

CycleAmountType

String/Required
      Billing cycle unit NET/GROSS.
   

CycleUnit

String/Required
      DAY/MONTH. Can be NULL.
   

CycleAmount

Float/Required
      Billing cycle (renewal) price.
   

CycleLength

Integer/Required
      Billing cycle length. Can be NULL.
   

ContractLength

Integer/Optional
      Contract period length (expressed in the specified CycleUnit; must be multiple of CycleLength). Can be NULL.
   

MerchantDealAutoRenewal

Boolean/Optional
      Merchant deal auto-renewal flag.
   

ClientDealAutoRenewal

Boolean/Optional
      Client deal auto-renewal flag.
BillingDetails Object / Required
    Details below. 
  FirstName String / Required
    Shopper name.
  LastName String / Required
    Shopper surname.
  CountryCode String / Required
    Shopper country. ISO 3166 two-letter code.
  State String/Optional – Required for US, Canada, Brazil, Turkey, India and Romania
    The state in the shopper's country. Mandatory when you set the Billing Country to US, Canada, Brazil, Turkey, India and Romania. Use case insensitive utf8 strings for the full name, or just the two letter code.
  City String /Required
    Shopper city.
  Address1 String/Required
    Shopper address.
  Address2 String / Optional
    Shopper address.
  Zip String/Required
    ZIP/ Postal code.
  Email String/Required
    Shopper email address.
  Phone String / Optional
    Shopper phone number. Mandatory when you set Brazil as the Billing Country. Can be NULL.
  Company String / Optional
    Company name. Can be null for end users. When present, you also need to provide the FiscalCode.
  FiscalCode String / Optional– Required for Brazil
   

• For companies, it needs to be the VAT ID. 2Checkout will validate the value provided and throw an error if the VAT ID is invalid/incorrect when calling setPaymentDetails. When present, you also need to provide the Company name.

• Mandatory when you set Brazil as the Billing Country. For Brazilian customers it represents the Fiscal Code (CPF/CNPJ).

Mandatory when you set India as the Billing Country, and purchase is made by a Company.

• Can be NULL for end users.

  TaxExemptionId  Optional (string)
    Tax Exempt Certification id used to deduct taxes for US orders
Example: 1b80eecc349v
DeliveryDetails Object / Required
                    Details below. 
    FirstName String / Required
                    Shopper name from the delivery details.
    LastName String / Required
                    Shopper surname from the delivery details.
    CountryCode String / Required
                    Shopper country. ISO 3166 two-letter code from the delivery details.
    State String/Optional – Required for the US, Canada, Brazil, Turkey, India, and Romania
                    The state in the shopper's country. Mandatory when you set the Billing Country to US, Canada, Brazil, Turkey, India, and Romania. Use case insensitive utf8 strings for the full name, or just the two-letter code.
    City String / Optional
                    Shopper city from the delivery details.
    Address1 String / Optional
                    Shopper address from the delivery details.
    Address2 String / Optional
                    Shopper address from the delivery details.
    Zip               String / Optional
                    ZIP/ Postal code from the delivery details.
    Email String / Optional
      Shopper email address from the delivery details.
    Phone String / Optional
      Shopper phone number from the delivery details. Mandatory when you set Brazil as the Billing Country. Can be NULL.
    Company String / Optional
      Company name from the delivery details. Can be null for end users. When present, you also need to provide the FiscalCode.
DeliveryInformation

Object / Optional

For products that require physical delivery, use this object to send the shipping method.

    ShippingMethod        

Object

Details below

      Code           String
  System-generated identified for your shipping method configuration
PaymentDetails Object / Required
  Adapt this object to the desired payment method.
  Type Required (string)
   

The payment method:

  • CC (credit/debit card - including local Brazilian cards).
  • ENCRYPTED_PAYMENT_DATA (client-side encryption)
  • PAYPAL
  • PAYPAL_EXPRESS
  • CCNOPCI(credit/debit card for non-PCI certified merchants).
  • TEST (for test orders).
  • PREVIOUS_ORDER(place new orders using the reference of a previous order).
  • EXISTING_PAYMENT_DATA  (use a card one of your customers already used to purchase from your account).
  • WIRE – the placeOrder response includes Wire payment details.
  • CHECK – the placeOrder response includes Check payment details.
  • WE_CHAT_PAY (for WeChat payments).
  • IDEAL (for iDEAL payments).
  • PURCHASEORDER - use for orders with POs.
  • FREE – for 0 value orders for which you’re not requiring customers to provide payment details.
  • ALIPAY
  • WEBMONEY
  • UNIONPAY
  • DIRECT_EBANKING (SOFORT)
  • TRUSTLY (for Trustly payments)
  • EES_TOKEN_PAYMENT (2Pay.js)
  • APPLE PAY
  • BOLETO/PIX
  • GOOGLE PAY
  Currency Required (string)
    The currency ISO code for the payment - ISO 4217. Example: “usd.”
  PaymentMethod Optional (object)
   

Object structure and parameters differ according to payment method selected and API method (placing orders (POST) vs. retrieving order data (GET)).

 

NULL for 0 value orders for which you’re not requiring customers to enter payment details.

                                                              RecurringEnabled Optional (boolean)Optional (boolean)
   

true – shopper checks the auto-renewal checkbox and 2Checkout charges subscription renewals using a recurring billing process.

false – shopper doesn’t check the auto-renewal checkbox.

      CardPayment Optional (object)
          Details below. 
        CardNumber Required (string)
          The credit/debit card number.
        CardType Required (string)
          visa, visaelectron, mastercard, maestro, amex, discover, dankort, cartebleue, jcb, hipercard, elo
        ExpirationYear Required (string)
          The year in which the card expires.
        ExpirationMonth Required (string)
          The month in which the card expires.
        HolderName Required (string)
          Cardholder name.
        CCID Required (string)
          Credit Card Identification - an extra ID printed on the card, usually a 3-4 digit number, the CVC2/CVV2.
        Vendor3DSReturnURL Required (string)
          URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized.
        Vendor3DSCancelURL Required (string)
          URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized.
        HolderNameTime Optional (float)
         

The interval of time in seconds in which shoppers enter their name in the HolderName field. An abnormally short interval is usually a red flag for fraud attempts.

Can be NULL, but not a negative number.

        CardNumberTime Optional (float)
         

The interval of time in seconds in which shopper enters their card number in the CardNumber field. An abnormally short interval is usually a red flag for fraud attempts.

Can be NULL, but not a negative number.

        InstallmentsNumber  Optional (Int)
          Number of installments. Available only when customers un Brazil pay with Visa or MasterCard using Brazilian Real as the order currency. Use 1 or exclude the parameter for full payments. 
      PayPalExpress Optional (object)
          Details below. 
        Email Optional (string)
          Email address customers use for their PayPal account.
        ReturnURL Optional (string)
          The PayPal Express Checkout redirect URL returned by calling the getPayPalExpressCheckoutRedirectURL method. The return URL is the page on your website to which PayPal redirects yourbuyer's browser after the buyer logs into PayPal and approves the payment. Typically, this is a secure page (https://...) on your site.
        CancelURL Optional (string)
          The cancel URL is the page on your website to which PayPal redirects your buyer's browser if the buyer does not approve the payment. Typically, this is the secure page (https://...) on your site from which you redirected the buyer to PayPal.
      PreviousOrder Optional (Object)
          Details below. 
        RefNo Optional (string)
         

Order reference a previous purchase that reached the Approved/Complete status. You can use orders for which customers paid with credit/debit cards or with PayPal. The status of orders should be AUTHRECEIVED or COMPLETE.

 

Check the validity of references with the isValidOrderReference method.

 

The 2Checkout system blocks you from using references for fraudulent or potentially fraudulent orders.

      PurchaseOrderPaymentDetails Optional (Object)
          Details below. 
        InternalPONumber Optional (string)
          Identifier that business customers use internally in their organization to track and manage Purchase Orders (PO). Can be NULL.
        AutoApprove Optional (boolean)
         

TRUE - requires activation of the PO AutoApprove package (If the package is inactive 2Checkout returns an error). Please contact 2Checkout. When AutoApprove is TRUE, 2Checkout no longer requires that business customers upload a PO document. As such, PO orders are automatically approved for your account, without a PO doc. 2Checkout sets the PURCHASE_PENDING status for auto-approved PO orders.

FALSE - Default. Send this if the PO AUtoApprove package is not available for your account. 2Checkout uses the same flow as cart purchases with Purchase Orders for business customers placing orders with POs via API. This means that customers receive the same emails as if they made the purchase using the cart and need to update the PO document, which is reviewed by 2Checkout and that you need to approve. 2Checkout sets the AVAITING_UPLOAD status for POs andUnfinished for their orders.

 

Can be NULL.

      WE_CHAT_PAY Optional (string)
        Details below
        ReturnURL Optional (string)
          The return URL is the page to which your customers are redirected after their successful payment.
        CancelURL Optional (string)
          The cancel URL is the page to which your customers are redirected after their failed payment attempt.
      IDEAL Optional (string)
        Details below
        ReturnURL Optional (string)
          The return URL is the page to which your customers are redirected after their successful payment.
        CancelURL Optional (string)
          The cancel URL is the page to which your customers are redirected after their failed payment attempt.
        BankCode Required (string)
          String contains the SWIFT code of the bank, the plus sign "+", and the first 3 characters from the bank name. E.q.: in the case of Rabobank, code parameter is "RABONL2U+RAB".
      EXISTING_PAYMENT_DATA Optional (Object)
        By using EXISTING_PAYMENT_DAT you no longer require shoppers to enter any payment details.
        TransientToken Optional (string)
          Returned as a part of the process of retrieving customer information by SSOToken.
      TRUSTLY  Optional (string)
          Details below.
        ReturnURL Optional (string)
     

 

  The return URL is the page to which your customers are redirected after their successful payment. The return URL is the page to which your customers are redirected after their successful payment. 
  CustomerIP Optional (string)
    Shopper IP.
Promotions Optional (Array of strings)
  Array of promotion codes.
AdditionalFields Object / Optional
    Details below. 
  Code Optional (string)
    The alpha-numeric characters, underscores, and dashes that are set as the field identifier.
  Text Optional (string)
    Field text visible to shoppers in the cart.
  Value Optional (string)
    Selected field value.
LocalTime Optional (string)
 

Local shopper time in the following format: Y-m-d H:i:s.

This parameter can impact the fraud score of an order when it's missing, NULL or incorrectly formatted.

GiftDetails Optional (object)
  Contains contact details for the recipient of a gift purchase.
  FirstName Optional (string)
    First name of gift recipient.
  LastName Optional (string)
    Last name of gift recipient.
  Email Optional (string)
    Email of gift recipient. 2Checkout uses this email for the delivery/fulfillment process.
  GiftNote Optional (string)
    Custom text shoppers provide as a message to the gift recipient.

Request example

<?php
declare(strict_types=1);
class Configuration
{
    public const MERCHANT_CODE = '';
    public const MERCHANT_KEY = '';
    public const URL = 'http://api.2checkout.com/rpc/6.0';
    public const ACTION = 'placeOrder';
    public const ADDITIONAL_OPTIONS = null;
    //array or JSON
    public const PAYLOAD = <<<JSON
{
    "Currency": "USD",
    "Country": "US",
    "CustomerIP": "91.220.121.21",
    "Source": "testAPI.com",
    "WSOrder": "http://www.myurlfortest.com",
    "ExternalReference": null,
    "BillingDetails": {
        "Address1": "Test Address",
        "City": "London",
        "CountryCode": "US",
        "Email": "customer@2Checkout.com",
        "FirstName": "Customer",
        "LastName": "2Checkout",
        "Phone": "556133127400",
        "State": "DF",
        "Zip": "70403-900"
    },
    "PaymentDetails": {
        "Type": "CC",
        "Currency": "USD",
        "CustomerIP": "91.220.121.21",
        "PaymentMethod": {
            "CCID": "123",
            "CardNumber": "4111111111111111",
            "CardNumberTime": "12",
            "CardType": "Visa",
            "ExpirationMonth": "12",
            "ExpirationYear": "2023",
            "HolderName": "John Doe",
            "HolderNameTime": "12",
            "RecurringEnabled": true,
            "Vendor3DSReturnURL": "www.test.com",
            "Vendor3DSCancelURL": "www.test.com"
        }
    },
    "Items": [
        {
            "Code": "testprod",
            "Quantity": "1"
        }
    ]
}
JSON;
}
class Client
{
    private const LOGIN_METHOD = 'login';
    private $calls = 1;
    private $sessionId;
    private function generateAuth(): array
    {
        $merchantCode = Configuration::MERCHANT_CODE;
        $key = Configuration::MERCHANT_KEY;
        $date = gmdate('Y-m-d H:i:s');
        $string = strlen($merchantCode) . $merchantCode . strlen($date) . $date;
        $hash = hash_hmac('md5', $string, $key);
        return compact('merchantCode', 'date', 'hash');
    }
    public function login(string $url)
    {
        $payload = $this->generateAuth();
        $response = $this->call($url, array_values($payload), self::LOGIN_METHOD);
        $this->sessionId = $response['result'];
    }
    public function call(
        string $url = Configuration::URL,
               $payload = Configuration::PAYLOAD,
        string $action = Configuration::ACTION
    ): ?array {
        if (empty($this->sessionId) && $action !== self::LOGIN_METHOD) {
            $this->login($url);
        }
        if(is_string($payload)) {
            $payload = json_decode($payload, true);
        }
        if (!empty($this->sessionId)) {
            $payload = [$this->sessionId, Configuration::ADDITIONAL_OPTIONS, $payload];
        }
        $payload = array_filter($payload);
        $request = json_encode([
            'jsonrpc' => '2.0',
            'method' => $action,
            'params' => $payload,
            'id' => $this->calls++,
        ]);
        $curl = curl_init($url);
        curl_setopt($curl, CURLOPT_POST, 1);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt($curl, CURLOPT_SSLVERSION, 0);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json', 'Cookie: XDEBUG_SESSION=PHPSTORM'));
        curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
        $response = curl_exec($curl);
        if(empty($response)) {
            die('Server unavailable');
        }
        echo $response . '</br>';
        return json_decode($response, true);;
    }
}
$client = new Client();
$result = $client->call();
var_dump($result);

 

Rate this article:

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Verifone logo