Place orders with catalog products
Overview
Use this object via JSON-RPC API 6.0 to create new orders and collect payments from shoppers using catalog products defined in your Merchant Control Panel.
For orders that require physical delivery, if no shipping methods are provided, 2Checkout will add to the cart your account's default shipping configuration.
You can find a list of common errors that may arise when using the placeOrder call via API 6.0 here.
Supported payment methods/flows
- Credit/Debit cards: Visa, Visa Electron, MasterCard, Maestro, Amex, Discover, Dankort, Carte Bleue, JCB. 2Checkout supports local Brazilian cards.
- PayPal and PayPal Express
- Purchase Order
- Wire
- Check
- WeChat Pay
- iDEAL
- Alipay
- WebMoney
- Trustly
- SOFORT
- TEST orders
- Free orders (no payment information required)
- Previous order references - In addition to the payment methods enumerated above, 2Checkout also supports 1-click purchase flows in which you use valid previous order references belonging to returning customers to pay for new orders with their previously used cards and PayPal accounts.
- Order with installments
- ApplePay
- 2Pay.js
- Boleto/Pix
- Google Pay
Requirements
For credit card orders placed using 2Checkout API 6.0 or a more recent version, you need to pass through additional parameters that support the 3D Secure flow. 3D Secure works by redirecting customers to pages provided by their banks, where they need to enter additional security tokens or password to trigger the completion of the charge. By using 3D Secure, you get additional protection from liability for fraudulent card payments, with customers having to go through an extra layer of authentication.
Send the following parameters in the placeOrder call, as part of the PaymentDetails object:
| Parameters | Description |
|---|---|
| Vendor3DSReturnURL | Required (string) |
| URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized. | |
| Vendor3DSCancelURL | Required (string) |
| URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized. | |
| WSOrder | Optional (String) |
| The WSOrder parameter is used to control the website URL displayed in the email messages shoppers receive after they place an order. By default, 2Checkout reports the URL set as Homepage in the Account information area. Adding WSOrder to the buy-links for your products will cause the optional website address set by using the parameter to override and replace the Homepage URL in the email notifications sent to customers. The behavior is similar to the WS_ORDER parameter supported on checkout/cart pages and described here. |
Response
| Parameters | Type/Description |
|---|---|
| Order information | Object |
| Object containing order information. |
Parameters
| Parameters | Type/Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Currency | String / Optional | ||||||||||
| The currency ISO code for the payment - ISO 4217. Example: “usd.” | |||||||||||
| Country | String / Optional | ||||||||||
| Shopper country. ISO 3166 two-letter code. Example: “us.” | |||||||||||
| Language | String / Optional | ||||||||||
| ISO 639-1 two-letter code. The language used for the purchase process. Example: “en.” | |||||||||||
| ExternalReference | String / Optional | ||||||||||
| Set external reference identifiers for orders. Enables you to replicate the functionality of the REF parameter included into Buy Links. Maximum 100 characters. If there is a need for longer references, you can apply an md5 hash for any string value, resulting in a 32 characters string. You can verify the hash after the order notification, on the client side. | |||||||||||
| Source | String / Optional | ||||||||||
|
The link source for the sales. Enables you to replicate the functionality of the SRC (separate link identifier) parameter when included into Buy Links. Use the SRC parameter to track sale sources.
Maximum length 255 characters. |
|||||||||||
| CustomerReference | Integer/Optional | ||||||||||
| Set an external customer ID, attached to the customer. | |||||||||||
| Affiliate | Object/Optional | ||||||||||
| AffiliateCode | String/Required | ||||||||||
| The affiliate unique code (as returned by the affiliates API methods). | |||||||||||
| AffiliateSource | String/Optional | ||||||||||
| The affiliate source. | |||||||||||
| Items | Array of objects / Required | ||||||||||
| Details below. | |||||||||||
| OrderItem | Object | ||||||||||
| Details below. | |||||||||||
| Code | String / Mandatory | ||||||||||
| Unique product identifier your control. Max length 256 characters. Only for catalog products. | |||||||||||
| Quantity | Integer / Optional | ||||||||||
| Number of units | |||||||||||
| PriceOptions | Array of strings / Optional | ||||||||||
| Array of price option codes. | |||||||||||
| SKU | String / Optional | ||||||||||
| SKU identifier. | |||||||||||
| Price | Object - Can be NULL. If Price Type is set to 'CUSTOM', dynamic pricing can be added to the order via the Amount parameter. | ||||||||||
| CrossSell | Object – Can be NULL | ||||||||||
| Details below. | |||||||||||
| ParentCode | String | ||||||||||
| The product code of the master product you set to trigger the campaign. | |||||||||||
| CampaignCode | String | ||||||||||
| Unique, system-generated identifier for cross-sell campaigns. | |||||||||||
| Trial | Object – Can be NULL | ||||||||||
| Details below. | |||||||||||
| Period | Integer | ||||||||||
| The length of the trial subscription lifetime in days. | |||||||||||
| Price | Double / Optional | ||||||||||
| Total trial price in the payment currency before 2Checkout deducts any taxes, discounts, etc. | |||||||||||
| AdditionalFields | Array of objects – Can be NULL | ||||||||||
| AdditionalFieldSet | Object – Can be NULL | ||||||||||
| Code | String | ||||||||||
| The alpha-numeric characters, underscores and dashes that are set as the field identifier. | |||||||||||
| Value | String | ||||||||||
| Selected field value. | |||||||||||
| SubscriptionStartDate | String | ||||||||||
|
Specify the date time stamp when the subscription becomes active. Format 2016-07-02 22:22:22 (YYYY-MM-DD HH:mm:ss). Available for JSON-RPC and REST. Send empty or NULL to activate subscriptions on the same date when customers purchase them. You can exclude HH:mm:ss when sending the date and include only YYYY-MM-DD. In this case, 2Checkout uses 00:00:01. Default time zone GMT+02:00. |
|||||||||||
| SubscriptionCustomSettings | Object/Optional | ||||||||||
| To use this, the ExtraInformation object with AssistedSale property set to "true" is required. | |||||||||||
|
CycleAmountType |
String/Required | ||||||||||
| Billing cycle unit NET/GROSS. | |||||||||||
|
CycleUnit |
String/Required | ||||||||||
| DAY/MONTH. Can be NULL. | |||||||||||
|
CycleAmount |
Float/Required | ||||||||||
| Billing cycle (renewal) price. | |||||||||||
|
CycleLength |
Integer/Required | ||||||||||
| Billing cycle length. Can be NULL. | |||||||||||
|
ContractLength |
Integer/Optional | ||||||||||
| Contract period length (expressed in the specified CycleUnit; must be multiple of CycleLength). Can be NULL. | |||||||||||
|
MerchantDealAutoRenewal |
Boolean/Optional | ||||||||||
| Merchant deal auto-renewal flag. | |||||||||||
|
ClientDealAutoRenewal |
Boolean/Optional | ||||||||||
| Client deal auto-renewal flag. | |||||||||||
| BillingDetails | Object / Required | ||||||||||
| Details below. | |||||||||||
| FirstName | String / Required | ||||||||||
| Shopper name. | |||||||||||
| LastName | String / Required | ||||||||||
| Shopper surname. | |||||||||||
| CountryCode | String / Required | ||||||||||
| Shopper country. ISO 3166 two-letter code. | |||||||||||
| State | String/Optional – Required for US, Canada, Brazil, Turkey, India and Romania | ||||||||||
| The state in the shopper's country. Mandatory when you set the Billing Country to US, Canada, Brazil, Turkey, India and Romania. Use case insensitive utf8 strings for the full name, or just the two letter code. | |||||||||||
| City | String /Required | ||||||||||
| Shopper city. | |||||||||||
| Address1 | String/Required | ||||||||||
| Shopper address. | |||||||||||
| Address2 | String / Optional | ||||||||||
| Shopper address. | |||||||||||
| Zip | String/Required | ||||||||||
| ZIP/ Postal code. | |||||||||||
| String/Required | |||||||||||
| Shopper email address. | |||||||||||
| Phone | String / Optional | ||||||||||
| Shopper phone number. Mandatory when you set Brazil as the Billing Country. Can be NULL. | |||||||||||
| Company | String / Optional | ||||||||||
| Company name. Can be null for end users. When present, you also need to provide the FiscalCode. | |||||||||||
| FiscalCode | String / Optional– Required for Brazil | ||||||||||
|
• For companies, it needs to be the VAT ID. 2Checkout will validate the value provided and throw an error if the VAT ID is invalid/incorrect when calling setPaymentDetails. When present, you also need to provide the Company name. • Mandatory when you set Brazil as the Billing Country. For Brazilian customers it represents the Fiscal Code (CPF/CNPJ). • Mandatory when you set India as the Billing Country, and purchase is made by a Company. • Can be NULL for end users. |
|||||||||||
| TaxExemptionId | Optional (string) | ||||||||||
| Tax Exempt Certification id used to deduct taxes for US orders Example: 1b80eecc349v |
|||||||||||
| DeliveryDetails | Object / Required | ||||||||||
| Details below. | |||||||||||
| FirstName | String / Required | ||||||||||
| Shopper name from the delivery details. | |||||||||||
| LastName | String / Required | ||||||||||
| Shopper surname from the delivery details. | |||||||||||
| CountryCode | String / Required | ||||||||||
| Shopper country. ISO 3166 two-letter code from the delivery details. | |||||||||||
| State | String/Optional – Required for the US, Canada, Brazil, Turkey, India, and Romania | ||||||||||
| The state in the shopper's country. Mandatory when you set the Billing Country to US, Canada, Brazil, Turkey, India, and Romania. Use case insensitive utf8 strings for the full name, or just the two-letter code. | |||||||||||
| City | String / Optional | ||||||||||
| Shopper city from the delivery details. | |||||||||||
| Address1 | String / Optional | ||||||||||
| Shopper address from the delivery details. | |||||||||||
| Address2 | String / Optional | ||||||||||
| Shopper address from the delivery details. | |||||||||||
| Zip | String / Optional | ||||||||||
| ZIP/ Postal code from the delivery details. | |||||||||||
| String / Optional | |||||||||||
| Shopper email address from the delivery details. | |||||||||||
| Phone | String / Optional | ||||||||||
| Shopper phone number from the delivery details. Mandatory when you set Brazil as the Billing Country. Can be NULL. | |||||||||||
| Company | String / Optional | ||||||||||
| Company name from the delivery details. Can be null for end users. When present, you also need to provide the FiscalCode. | |||||||||||
| DeliveryInformation |
Object / Optional For products that require physical delivery, use this object to send the shipping method. |
||||||||||
| ShippingMethod |
Object Details below |
||||||||||
| Code | String | ||||||||||
| System-generated identified for your shipping method configuration | |||||||||||
| PaymentDetails | Object / Required | ||||||||||
| Adapt this object to the desired payment method. | |||||||||||
| Type | Required (string) | ||||||||||
|
The payment method:
|
|||||||||||
| Currency | Required (string) | ||||||||||
| The currency ISO code for the payment - ISO 4217. Example: “usd.” | |||||||||||
| PaymentMethod | Optional (object) | ||||||||||
|
Object structure and parameters differ according to payment method selected and API method (placing orders (POST) vs. retrieving order data (GET)).
NULL for 0 value orders for which you’re not requiring customers to enter payment details. |
|||||||||||
| RecurringEnabled | Optional (boolean)Optional (boolean) | ||||||||||
|
true – shopper checks the auto-renewal checkbox and 2Checkout charges subscription renewals using a recurring billing process. false – shopper doesn’t check the auto-renewal checkbox. |
|||||||||||
| CardPayment | Optional (object) | ||||||||||
| Details below. | |||||||||||
| CardNumber | Required (string) | ||||||||||
| The credit/debit card number. | |||||||||||
| CardType | Required (string) | ||||||||||
| visa, visaelectron, mastercard, maestro, amex, discover, dankort, cartebleue, jcb, hipercard, elo | |||||||||||
| ExpirationYear | Required (string) | ||||||||||
| The year in which the card expires. | |||||||||||
| ExpirationMonth | Required (string) | ||||||||||
| The month in which the card expires. | |||||||||||
| HolderName | Required (string) | ||||||||||
| Cardholder name. | |||||||||||
| CCID | Required (string) | ||||||||||
| Credit Card Identification - an extra ID printed on the card, usually a 3-4 digit number, the CVC2/CVV2. | |||||||||||
| Vendor3DSReturnURL | Required (string) | ||||||||||
| URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized. | |||||||||||
| Vendor3DSCancelURL | Required (string) | ||||||||||
| URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized. | |||||||||||
| HolderNameTime | Optional (float) | ||||||||||
|
The interval of time in seconds in which shoppers enter their name in the HolderName field. An abnormally short interval is usually a red flag for fraud attempts. Can be NULL, but not a negative number. |
|||||||||||
| CardNumberTime | Optional (float) | ||||||||||
|
The interval of time in seconds in which shopper enters their card number in the CardNumber field. An abnormally short interval is usually a red flag for fraud attempts. Can be NULL, but not a negative number. |
|||||||||||
| InstallmentsNumber | Optional (Int) | ||||||||||
| Number of installments. Available only when customers un Brazil pay with Visa or MasterCard using Brazilian Real as the order currency. Use 1 or exclude the parameter for full payments. | |||||||||||
| PayPalExpress | Optional (object) | ||||||||||
| Details below. | |||||||||||
| Optional (string) | |||||||||||
| Email address customers use for their PayPal account. | |||||||||||
| ReturnURL | Optional (string) | ||||||||||
| The PayPal Express Checkout redirect URL returned by calling the getPayPalExpressCheckoutRedirectURL method. The return URL is the page on your website to which PayPal redirects yourbuyer's browser after the buyer logs into PayPal and approves the payment. Typically, this is a secure page (https://...) on your site. | |||||||||||
| CancelURL | Optional (string) | ||||||||||
| The cancel URL is the page on your website to which PayPal redirects your buyer's browser if the buyer does not approve the payment. Typically, this is the secure page (https://...) on your site from which you redirected the buyer to PayPal. | |||||||||||
| PreviousOrder | Optional (Object) | ||||||||||
| Details below. | |||||||||||
| RefNo | Optional (string) | ||||||||||
|
Order reference a previous purchase that reached the Approved/Complete status. You can use orders for which customers paid with credit/debit cards or with PayPal. The status of orders should be AUTHRECEIVED or COMPLETE.
Check the validity of references with the isValidOrderReference method.
The 2Checkout system blocks you from using references for fraudulent or potentially fraudulent orders. |
|||||||||||
| PurchaseOrderPaymentDetails | Optional (Object) | ||||||||||
| Details below. | |||||||||||
| InternalPONumber | Optional (string) | ||||||||||
| Identifier that business customers use internally in their organization to track and manage Purchase Orders (PO). Can be NULL. | |||||||||||
| AutoApprove | Optional (boolean) | ||||||||||
|
TRUE - requires activation of the PO AutoApprove package (If the package is inactive 2Checkout returns an error). Please contact 2Checkout. When AutoApprove is TRUE, 2Checkout no longer requires that business customers upload a PO document. As such, PO orders are automatically approved for your account, without a PO doc. 2Checkout sets the PURCHASE_PENDING status for auto-approved PO orders. FALSE - Default. Send this if the PO AUtoApprove package is not available for your account. 2Checkout uses the same flow as cart purchases with Purchase Orders for business customers placing orders with POs via API. This means that customers receive the same emails as if they made the purchase using the cart and need to update the PO document, which is reviewed by 2Checkout and that you need to approve. 2Checkout sets the AVAITING_UPLOAD status for POs andUnfinished for their orders.
Can be NULL. |
|||||||||||
| WE_CHAT_PAY | Optional (string) | ||||||||||
| Details below | |||||||||||
| ReturnURL | Optional (string) | ||||||||||
| The return URL is the page to which your customers are redirected after their successful payment. | |||||||||||
| CancelURL | Optional (string) | ||||||||||
| The cancel URL is the page to which your customers are redirected after their failed payment attempt. | |||||||||||
| IDEAL | Optional (string) | ||||||||||
| Details below | |||||||||||
| ReturnURL | Optional (string) | ||||||||||
| The return URL is the page to which your customers are redirected after their successful payment. | |||||||||||
| CancelURL | Optional (string) | ||||||||||
| The cancel URL is the page to which your customers are redirected after their failed payment attempt. | |||||||||||
| BankCode | Required (string) | ||||||||||
| String contains the SWIFT code of the bank, the plus sign "+", and the first 3 characters from the bank name. E.q.: in the case of Rabobank, code parameter is "RABONL2U+RAB". | |||||||||||
| EXISTING_PAYMENT_DATA | Optional (Object) | ||||||||||
| By using EXISTING_PAYMENT_DAT you no longer require shoppers to enter any payment details. | |||||||||||
| TransientToken | Optional (string) | ||||||||||
| Returned as a part of the process of retrieving customer information by SSOToken. | |||||||||||
| TRUSTLY | Optional (string) | ||||||||||
| Details below. | |||||||||||
| ReturnURL | Optional (string) | ||||||||||
|
|
The return URL is the page to which your customers are redirected after their successful payment. The return URL is the page to which your customers are redirected after their successful payment. | ||||||||||
| CustomerIP | Optional (string) | ||||||||||
| Shopper IP. | |||||||||||
| Promotions | Optional (Array of strings) | ||||||||||
| Array of promotion codes. | |||||||||||
| AdditionalFields | Object / Optional | ||||||||||
| Details below. | |||||||||||
| Code | Optional (string) | ||||||||||
| The alpha-numeric characters, underscores, and dashes that are set as the field identifier. | |||||||||||
| Text | Optional (string) | ||||||||||
| Field text visible to shoppers in the cart. | |||||||||||
| Value | Optional (string) | ||||||||||
| Selected field value. | |||||||||||
| LocalTime | Optional (string) | ||||||||||
|
Local shopper time in the following format: Y-m-d H:i:s. This parameter can impact the fraud score of an order when it's missing, NULL or incorrectly formatted. |
|||||||||||
| GiftDetails | Optional (object) | ||||||||||
| Contains contact details for the recipient of a gift purchase. | |||||||||||
| FirstName | Optional (string) | ||||||||||
| First name of gift recipient. | |||||||||||
| LastName | Optional (string) | ||||||||||
| Last name of gift recipient. | |||||||||||
| Optional (string) | |||||||||||
| Email of gift recipient. 2Checkout uses this email for the delivery/fulfillment process. | |||||||||||
| GiftNote | Optional (string) | ||||||||||
| Custom text shoppers provide as a message to the gift recipient. | |||||||||||
Request example
<?php
declare(strict_types=1);
class Configuration
{
public const MERCHANT_CODE = '';
public const MERCHANT_KEY = '';
public const URL = 'http://api.2checkout.com/rpc/6.0';
public const ACTION = 'placeOrder';
public const ADDITIONAL_OPTIONS = null;
//array or JSON
public const PAYLOAD = <<<JSON
{
"Currency": "USD",
"Country": "US",
"CustomerIP": "91.220.121.21",
"Source": "testAPI.com",
"WSOrder": "http://www.myurlfortest.com",
"ExternalReference": null,
"BillingDetails": {
"Address1": "Test Address",
"City": "London",
"CountryCode": "US",
"Email": "customer@2Checkout.com",
"FirstName": "Customer",
"LastName": "2Checkout",
"Phone": "556133127400",
"State": "DF",
"Zip": "70403-900"
},
"PaymentDetails": {
"Type": "CC",
"Currency": "USD",
"CustomerIP": "91.220.121.21",
"PaymentMethod": {
"CCID": "123",
"CardNumber": "4111111111111111",
"CardNumberTime": "12",
"CardType": "Visa",
"ExpirationMonth": "12",
"ExpirationYear": "2023",
"HolderName": "John Doe",
"HolderNameTime": "12",
"RecurringEnabled": true,
"Vendor3DSReturnURL": "www.test.com",
"Vendor3DSCancelURL": "www.test.com"
}
},
"Items": [
{
"Code": "testprod",
"Quantity": "1"
}
]
}
JSON;
}
class Client
{
private const LOGIN_METHOD = 'login';
private $calls = 1;
private $sessionId;
private function generateAuth(): array
{
$merchantCode = Configuration::MERCHANT_CODE;
$key = Configuration::MERCHANT_KEY;
$date = gmdate('Y-m-d H:i:s');
$string = strlen($merchantCode) . $merchantCode . strlen($date) . $date;
$hash = hash_hmac('md5', $string, $key);
return compact('merchantCode', 'date', 'hash');
}
public function login(string $url)
{
$payload = $this->generateAuth();
$response = $this->call($url, array_values($payload), self::LOGIN_METHOD);
$this->sessionId = $response['result'];
}
public function call(
string $url = Configuration::URL,
$payload = Configuration::PAYLOAD,
string $action = Configuration::ACTION
): ?array {
if (empty($this->sessionId) && $action !== self::LOGIN_METHOD) {
$this->login($url);
}
if(is_string($payload)) {
$payload = json_decode($payload, true);
}
if (!empty($this->sessionId)) {
$payload = [$this->sessionId, Configuration::ADDITIONAL_OPTIONS, $payload];
}
$payload = array_filter($payload);
$request = json_encode([
'jsonrpc' => '2.0',
'method' => $action,
'params' => $payload,
'id' => $this->calls++,
]);
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSLVERSION, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json', 'Cookie: XDEBUG_SESSION=PHPSTORM'));
curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
$response = curl_exec($curl);
if(empty($response)) {
die('Server unavailable');
}
echo $response . '</br>';
return json_decode($response, true);;
}
}
$client = new Client();
$result = $client->call();
var_dump($result);
