REST 5.0 Reference

Overview

Use the attached blueprints to integrate with the 2Checkout API via REST 5.0. 

Before you start using the 2Checkout API, make sure you are PCI DSS compliant. Find out more details about what PCI DSS compliance means and what you should do to be PCI compliant here.

Authentication

To authenticate to the 2Checkout REST API include a header with the following structure into your requests:

X-Avangate-Authentication: code="{VENDOR_CODE}" date="{REQUEST_DATE_TIME}" hash="{HASH}"

Alternatively, use:

X-Avangate-Authentication: code='{VENDOR_CODE}' date='{REQUEST_DATE_TIME}' hash='{HASH}'

• VENDOR_CODE: Your unique 2Checkout supplied merchant code.
• REQUEST_DATE_TIME: The UTC date-time of the request. Format: YYYY-MM-DD HH:MM:SS. You must provide the time of the request in the GMT timezone.
• HASH: The hash mac digest with an md5 hashing algorithm of the following: LEN(VENDOR_CODE) + VENDOR_CODE + LEN(REQUEST_DATE_TIME) + REQUEST_DATE_TIME. Use the secret key associated with your account for the hashing.

You must authenticate for all requests.

JSON encoded requests

The 2Checkout REST API supports only JSON encoded requests and responses. You need to include the following headers in your requests:

• Content-Type: application/json
• Accept: application/json

Reponses follow HTTP specification regarding response headers. Successful responses are composed of:

• An HTTP Success header.
• A JSON encoded string.

REST API 5.0 Blueprints for Download