How do I build apps for the 2checkout platform?

1. Sign-up for a 2Checkout account. 
2. Contact 2Checkout with your app proposal. 
3. 2Checkout reviews your application plan enables 3rd party apps for your account and creates a placeholder for your app. 
4. 2Checkout supplies you with authentication credentials. 
5. Build your application, integrate and test it with your account. 
6. Submit your final application for review. 
7. 2Checkout evaluates your application. Following the review process, 2Checkout can offer your app to all customers. 

Payments for mobile apps (such as applications hosted in Google Play Store ) are not currently supported.  However, our platform supports in-app integration using the 2Checkout API (you can integrate our shopping cart in your own application).

Installation

Add the following lines of code at the end of the <body> tag.

<script type="text/javascript" src="https://secure.2checkout.com/cpanel/js/third-party-apps/avangate.js"></script>
    <div id="avangate-hero" class="hide"></div>

Authentication

Contact 2Checkout directly to start building applications on top of the 2Checkout platform. 2Checkout supplies you with the public and private authentication keys for your application. 

Access requirements

Application authentication tokens work in tandem with user sessions for 2Checkout accounts. Users need to log into their account for 3rd party applications to have access to their data. Once account users log out, the application token expires and access is removed. By default, authentication tokens expire after one (1) hour.

Permanent authentication token

Contact 2Checkout to enable this functionality for your application. Once enabled, to make the auth token permanent use the 'permanentToken' parameter. This cases token expiration to grow to one (1) year.

Client side

1. Include the script from the Installation section in your JavaScript file you to access a global object called avangateCPanel that you can use for all the methods available in the client-side interface.

2. Next, set the PUBLIC_APP_ID and check that the scripts load in your JavaScript file.

var app = {
        cPanel  : false,
        appID   : 'PUBLIC_APP_ID',

        init : function()
        {
            this.cPanel = avangateCPanel;
            if (this.cPanel.init(this.appID)) {
                console.log('everything is ready to be used');
            }
        }
    };
    app.init();

3. Check 2Checkout account login by requesting the auth token via JavaScript.

    var app = {
        cPanel  : false,
        appID   : 'PUBLIC_APP_ID',

        init : function()
        {
            this.cPanel = avangateCPanel;
            if (this.cPanel.init(this.appID)) {
                console.log('everything is ready to be used');
                this.checkLogin();
            }
        },
        checkLogin : function()
        {
            this.cPanel.authentify({
                success: function(response) {
                    var authToken = response.value.authToken;
                },
                error: function(response) {
                    console.log(response.message); // something went wrong
                }
            });
        }
    };
    app.init();

var app = {
        cPanel  : false,
        appID   : 'PUBLIC_APP_ID',

        init : function()
        {
            this.cPanel = avangateCPanel;
            if (this.cPanel.init(this.appID)) {
                console.log('everything is ready to be used');
                this.checkLogin();
            }
        },
        checkLogin : function()
        {
            this.cPanel.authentify({
                success: function(response) {
                    var authToken = response.value.authToken; // object {authToken: 'the auth token string', expirationDate: 'the expiration date of the token'}
                    $.when(
                        $http('/validateToken').post(authToken)
                    ).then(
                        function() { //success
                            //user is logged
                        },
                        function() { //fail
                            // check what went wrong in the ajax call
                        }
                    );
                },
                error: function(response) {
                    console.log(response.message); // something went wrong
                }
            });
        }
    };
    app.init();

Server side

This example uses Laravel framework and Guzzle Http library. 

namespace App\Http\Controllers;

use Request;
use GuzzleHttp\Client as httpClient;
use App\Http\Controllers\Controller;

class MainController extends Controller {
    protected $authInfo   = false;
    protected $apiBaseUrl = 'https://apps.api.avangate.com/';

    // verifies and validates the auth token received via javascript
    public function validateToken()
    {
        $this->authInfo = [
            'authToken'         => Request::input('authToken'),
            'expirationDate'    => Request::input('expirationDate'),
        ];

        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->put('verify/');
            // to make the auth token permanent just apply the 'permanentToken' param (token expires in 1 year)
            // contact Avangate to enable this functionality for your app
            //$response = $httpClient->put('verify/', ['body' => ['permanentToken' => 1]]);
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        return ($response->json() == true);
    }

    // http client configuration
    private function getHttpClient()
    {
        return new httpClient([
            'base_url'  => $this->apiBaseUrl,
            'timeout'  => 2.0,
            'defaults' => [
                'proxy'     => '',
                'verify'    => false,
                'headers'   => [
                    'authToken' => $this->authInfo['authToken'],
                    'secretID'  => env('APP_SECRET'), // your app secret id
                    'Accept'    => 'application/json'
                ]
            ]
        ]);
    }
}

Get logged user info

This example uses Laravel framework and Guzzle Http library. 

namespace App\Http\Controllers;

use Request;
use GuzzleHttp\Client as httpClient;
use App\Http\Controllers\Controller;

class MainController extends Controller {
    protected $authInfo   = false;
    protected $apiBaseUrl = 'https://apps.api.avangate.com/';

    // verifies and validates the auth token received via javascript
    public function validateToken()
    {
        $this->authInfo = [
            'authToken'         => Request::input('authToken'),
            'expirationDate'    => Request::input('expirationDate'),
        ];

        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->put('verify/');
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        if ($response->json() == true) {
            $this->getAuthUserInfo();
        }
    }

    /*
        retrieves the logged user info
        return an array with following structure

        [
            'Email'         => (string),
            'FirstName'     => (string),
            'LastName'      => (string),
            'VendorInfo'    => [
                'ClientCode'        => (string),
                'CompanyName'       => (string),
                'CommercialName'    => (string),
                'Homepage'          => (string)
            ]
        ];
    */
    private function getAuthUserInfo()
    {
        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->get('user_info/');
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        return $response->json();
    }

    // http client configuration
    private function getHttpClient()
    {
        return new httpClient([
            'base_url'  => $this->apiBaseUrl,
            'timeout'  => 2.0,
            'defaults' => [
                'proxy'     => '',
                'verify'    => false,
                'headers'   => [
                    'authToken' => $this->authInfo['authToken'],
                    'secretID'  => env('APP_SECRET'), // your app secret id
                    'Accept'    => 'application/json'
                ]
            ]
        ]);
    }
}

Get API data

The API documentation can be found here.

This example uses Laravel framework and Guzzle Http library. From the API we will use the retrieve subscriptions method. 

namespace App\Http\Controllers;

use Request;
use GuzzleHttp\Client as httpClient;
use App\Http\Controllers\Controller;

class MainController extends Controller {
    protected $authInfo   = false;
    protected $apiBaseUrl = 'https://apps.api.avangate.com/';

    // verifies and validates the auth token received via javascript
    public function validateToken()
    {
        $this->authInfo = [
            'authToken'         => Request::input('authToken'),
            'expirationDate'    => Request::input('expirationDate'),
        ];

        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->put('verify/');
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        if ($response->json() == true) {
            $this->getSubscriptions();
        }
    }

    private function getSubscriptions()
    {
        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->get('subscriptions/');
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        return $response->json();
    }

    // http client configuration
    private function getHttpClient()
    {
        return new httpClient([
            'base_url'  => $this->apiBaseUrl,
            'timeout'  => 2.0,
            'defaults' => [
                'proxy'     => '',
                'verify'    => false,
                'headers'   => [
                    'authToken' => $this->authInfo['authToken'],
                    'secretID'  => env('APP_SECRET'), // your app secret id
                    'Accept'    => 'application/json'
                ]
            ]
        ]);
    }
}

Get ISE data

The ISE (Instant Search Order Export) documentation can be found here.

This example uses Laravel framework and Guzzle Http library. 

namespace App;

use GuzzleHttp\Client as httpClient;
use Illuminate\Support\Facades\Session;

class Order
{
    private function generateQuery($data = [])
    {
        $authInfo       = Session::get('authInfo');
        $queryParams    = [
            //required
            'APP_CREDENTIALS_TOKEN'     => $authInfo['authToken'],
            'APP_CREDENTIALS_SECRET_ID' => env('APP_SECRET'),

            'STARTDATE'                 => '2015-01-21 00:00:00',
            'ENDDATE'                   => '2015-01-21 00:00:00',
            'ORDERSTATUS'               => 'ALL',
            'REQ_DATE'                  => date('YmdHis'),
            'PRODUCT_ID'                => '',
            'COUNTRY_CODE'              => '',
            'FILTER_STRING'             => '',
            'FILTER_FIELD'              => '',
            'HASH'                      => '',

            //optional
            'INCLUDE_DELIVERED_CODES'   => '',
            'INCLUDE_FINANCIAL_DETAILS' => '',
            'INCLUDE_EXCHANGE_RATES'    => '',
            'INCLUDE_PRICING_OPTIONS'   => '',
            'EXPORT_FORMAT'             => 'XML',
        ];

        $queryParams = array_merge($queryParams, $data);

        return $queryParams;
    }

    public function getOrders($searchParams = [])
    {
        if (!is_array($searchParams)) {
            $searchParams = [];
        }

        $queryParams = $this->generateQuery($searchParams);
        try {
            $httpClient = $this->getHttpClient();
            $response   = $httpClient->post('ise/', [
                'body' => $queryParams
            ]);
        } catch (\Exception $e) {
            $response = $e->getResponse();
        }

        if ($response->getBody()->getContents() != '') {
            $response = $response->xml();
            if (isset($response->RESPONSE_MSG)) {
                return ['success' => false, 'message' => (string)$response->RESPONSE_MSG];
            } else {
                return ['success' => true, 'value' => $response->Orders];
            }
        } else {
            return ['success' => false, 'message' => ''];
        }
    }

    private function getHttpClient()
    {
        return new httpClient([
            'base_url'  => 'https://secure.avangate.com/action/',
            'timeout'  => 2.0,
            'defaults' => [
                'proxy'     => '',
                'verify'    => false,
            ]
        ]);
    }
}

Download mock application

This example uses Laravel framework and Guzzle Http library. 

You can download the app from here.

The app uses an SQLite database for the information and it displays a list of items only if is a valid authentication session in the 2checkout Control Panel.

Download documentation and mock application 

Click here to download the full documentation, including the mock application, as an archive that you can unpack and run locally.

Overview

The Accounting menu provides an easy way of keeping tabs on your 2Checkout account's financial activity.

Availability

All 2Checkout accounts. 

Metrics

The Account status section gives you an overview of the following metrics:

• Net sales = due payments that 2Checkout will pay you after all the taxes, fees and commissions are deducted. Net Profit = Quantity * (Unit Price - Unit Discount - Affiliate Commission) - Processing Fee - Total VAT + (DIS Profit - DIS Cost)
• Service invoices = unpaid charges you incurred for services such as marketing services, chargeback fees.
• Disputed orders balance = amounts 2Checkout retained for all open chargebacks at the end of the reporting period.
• Chargeback funds = the chargeback fund is retained by 2Checkout as soon as you sign the contract. 2Checkout uses this fund to settle chargebacks and refunds opened as late as six months after the termination of your 2Checkout contract. Six months after your 2Checkout contract ends, you receive the remaining chargeback fund back into your account.
• Minimum transfer limits = the minimum payout amount that you must reach before 2Checkout pays you.

View your accounting summary

To get an overview of your payments, go to the Payments section. The accounting summary page aggregates financial details about your account. You can see details about the last payment received from 2Checkout and generate reports based on your account's financial activity.

Last payments

The Last payments area shows you the most recent 10 payments that you have received from 2Checkout.

More info

If you want to see detailed information about what the total amount includes, click the More info button at the right side of the table row. Once you expand the row, you can see what the total amount includes.

Export

You can also export detailed transfers lists by clicking the corresponding link.

Run financial activity reports

1. Use the Filter transactions section to choose the type of transactions to be included in the report. You can select the transaction status, the invoice date, when it was paid and the transaction type.
2. Once you have finished configuring your filters, click Search. The report is displayed below and it contains 10 results/page. You can extend the displayed results number to 20 results/page.
3. Click the More info button to see more information about a specific transaction.
4. You can also download the transaction's invoice in either HTML or XML format, by selecting the desired format from the Actions column.

Payments history

1. Use the Transfers history tab to run reports on all the payments that you received from 2Checkout. Configure the filters in the Transfer history searchsection and click Search when you're ready to generate the report. The reports include the payment type, date and the amount.
2. Click the More info button to see more information about a specific payment, such as the payments that are included in it.
3. Export the report in CSV format by clicking the Export detailed transfers link.

Network cross-sell commissions

1. The Accounting -> Payments section also provides you information related to the commissions that you have earned from network cross-selling campaigns.
2. Go to the Network cross-sell commissions tab and use the Payment date and Payment currency filters to generate reports.
3. Once you have finished configuring your filters, click Search. The report is displayed below and it contains 10 results/page. You can extend the displayed results number to 200 results/page.
4. Click the More info button to see more information about a specific payment.
5. Download the full report that includes all payments in CSV format by clicking Export as CSV. Alternately, you can download reports for each payment by clicking the Export detailed transfers link.

Overview

Use the deletePromotionSources method to define new sources for an existing promotion.

Parameters

Response

Request

<?php

require ('PATH_TO_AUTH');

// Promotion code corresponding to the promotion you want to remove sources from
$promotionCode = '';

// Sources array with the source values 
$sources = ['source1', 'source2'];

try {
    $updatedPromotion = $client->deletePromotionSources($promotionCode,$sources);
}

catch (SoapFault $e) {
    echo "UpdatedPromotion: " . $e->getMessage();
    exit;
}

var_dump("UpdatedPromotion", $updatedPromotion);

Overview

Refunds' processing time frames depend on the payment method used by the shopper.

If the refund request is granted by 2Checkout/Merchant, payments are refunded to shoppers as follows:

1. Credit/Debit Cards payments will be refunded within one (1) business day;
2. Wire Transfer and check payments will be refunded within seven (7) business days and the cost of the transfer will be borne by the end user;
3. PayPal payments will be refunded within one (1) business day;
4. Other payment methods will be refunded between five (5) to seven (7) days.
5. In cases of Direct Debit, the refund request can be processed only after 6 weeks from the payment date, the period needed for your bank to process the settlement. 2Checkout will only review and respond to your refund request after the 6-week period ends.

Refunds' processing time frames for online payment methods

Refunds' processing time frames for offline payment methods

Overview

Use the getAvailableCountries method to get the list of available countries for the current merchant. If the language parameter is provided, all the returned countries will be translated into that language.

Request Parameters

Request Example

class Configuration
{
    public const MERCHANT_CODE = '';
    public const MERCHANT_KEY = '';
    public const URL = 'http://api.2checkout.com/soap/6.0';
    public const ACTION = 'getAvailableCountries';
    public const ADDITIONAL_OPTIONS = null;
    public const PAYLOAD = "nl";
}

class Client
{
    public function call(
        string $url = Configuration::URL,
        $payload = Configuration::PAYLOAD,
        string $action = Configuration::ACTION
    ) {
        if (is_array($payload)) {
            $payload = json_encode($payload);
        }
        
        $soapClient = $this->getClient($url);
        $sessionId = $this->getSession($soapClient);
        $args = array_filter([$sessionId, $payload]);

        return $soapClient->$action(...$args);
    }

    public function getClient(string $url): SoapClient
    {
        return new SoapClient(
            $url.'?wsdl',
            [
                'location' => $url,
                'cache_wsdl' => WSDL_CACHE_NONE,
            ]
        );
    }

    public function getSession(SoapClient $client)
    {
        $date = gmdate('Y-m-d H:i:s');
        $merchantCode = Configuration::MERCHANT_CODE;
        $key = Configuration::MERCHANT_KEY;
        $string = strlen($merchantCode).$merchantCode.strlen($date).$date;
        $hash = hash_hmac('md5', $string, $key);
        $client->__setCookie('XDEBUG_SESSION', 'PHPSTORM');

        return $client->login($merchantCode, $date, $hash);
    }
}

try {
    $client = new Client();
    var_dump($client->call());
} catch (Exception $ex) {
    var_dump($ex);
}

Response

Response Example

[
    {
    “Code”: “AE”,
    “Label”: “Verenigde Arabische Emiraten”
},
{
    “Code”: “AF”,
    “Label”: “Afghanistan”
}
]

Overview

Perform easy account management via API Requests. The 2Checkout API portfolio contains extended capabilities that can help you automate processes as: creating products or promotions, placing orders (both with catalog and dynamic product information), issuing refunds, retrieving the shipping price for an order, handling subscriptions and many others.

Overview

Use this section to handle the renewal of your subscriptions.

Overview

Use the searchCustomers method via SOAP API 6.0 to be able to identify customers by applying a set of filters.

Request parameters

Request example

<?php

declare(strict_types=1);

class Configuration
{
    public const MERCHANT_CODE = '';
    public const MERCHANT_KEY = '';
    public const URL = 'http://api.2checkout.com/soap/6.0';
    public const ACTION = 'searchCustomers';
    public const ADDITIONAL_OPTIONS = null;
    //array or JSON
    public const PAYLOAD = <<<JSON
{
  "Email": "test@email.com",
  "Language": "en",
  "CountryCode": "us",
  "Trial": true,
  "Status": "ACTIVE",
  "Phone": "403324433234",
  "Pagination": {
    "Limit": 1,
    "Page": 1
  }
}
JSON;
}

class Client
{
    public function call(
        string $url = Configuration::URL,
        $payload = Configuration::PAYLOAD,
        string $action = Configuration::ACTION
    ): ?object
    {
        if (is_array($payload)) {
            $payload = json_encode($payload);
        }
        if (!empty($payload)) {
            // SoapClient works with objects(StdClass)
            $payload = json_decode($payload);
        }

        $soapClient = $this->getClient($url);
        $sessionId = $this->getSession($soapClient);
        $args = array_filter([$sessionId, $payload]);
        return $soapClient->$action(...$args);
    }

    public function getClient(string $url): SoapClient
    {
        return new SoapClient(
            $url . '?wsdl',
            [
                'location' => $url,
                'cache_wsdl' => WSDL_CACHE_NONE,
            ]
        );
    }

    public function getSession(SoapClient $client)
    {
        $date = gmdate('Y-m-d H:i:s');
        $merchantCode = Configuration::MERCHANT_CODE;
        $key = Configuration::MERCHANT_KEY;
        $string = strlen($merchantCode) . $merchantCode . strlen($date) . $date;
        $hash = hash_hmac('md5', $string, $key);
       // $client->__setCookie('XDEBUG_SESSION', 'PHPSTORM');
        return $client->login($merchantCode, $date, $hash);
    }
}

try {
    $client = new Client();
    var_dump($client->call());
} catch (Exception $ex) {
    var_dump($ex);
}

Response 

Overview

Payment receipt shopper emails can be customized according to your own business needs. You can do so by using the variables in the list below. Check the 'Mandatory' column to see the variables that are required in your customized version of the e-mail.