Freedom Pay
  1. Card API
Freedom Pay
  • Overview
  • Gateway API
    • Overview
    • Sync API
      • Overview
      • Purchase
        • Overview
        • Create payment
        • Any amount
        • Card
        • 3DSecure
        • Recurrent
        • Cancel
        • Clearing
        • Refund
        • Status
      • Payout
        • Overview
        • Card
        • IBAN
        • Balance
        • Status
      • Transfer
        • Overview
        • Card
        • 3DSecure
        • Rates
        • Status
      • Card
        • Overview
        • Add
        • 3DSecure
        • List
        • Remove
        • Status
      • Token
        • Overview
        • Token Pay
        • Apple Pay
        • Google Pay
        • Token Payout
        • Status
    • Async API
      • Overview
      • create
        • create payment
      • read
        • read payment
        • read request
      • edit
        • edit payment.refund
        • edit payment.reverse
        • edit payment.clearing
  • Merchant API
    • Overview
    • Purchase
      • Overview
      • Checkout
      • Card token
        • Overview
        • Tokenize card
        • Delete token
        • Card token list
        • Create payment (with CVC)
        • Confirm payment (with CVC)
        • Create payment
        • Confirm payment
      • Create payment
      • Any amount
      • Reccuring payment
      • Cancel payment
      • Clearing
      • Refund payment
      • Status
    • Payout
      • Overview
      • Card token
        • Tokenize card
        • Delete token
        • Card token list
        • Create payment
      • Create payment
      • IBAN
      • Balance status
      • Status by order_id
      • Status by Payment ID
      • Status
    • Mobile balance
      • Overview
      • Init
      • Pay
      • Approve
      • Resend code
      • Status
    • Invoice
      • Overview
      • Init
      • Info
      • Pay
      • Status
    • SDK
      • JS SDK
      • Google Pay
      • Freedom QR
        • Reader SDK (Android)
        • Provider SDK (Android)
      • Payment SDK
        • iOS
        • Android
      • Merchant SDK
        • Android
    • CMS
      • Overview
      • Get Merchant ID and key
      • WordPress
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
        • Update
      • Tilda
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
      • InSales
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
      • Ecwid
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
      • Bitrix
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
      • PrestaShop
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
      • OpenCart
        • Overview
        • Installation
        • Configuration
        • Test
        • Live payments
    • Redirect back
      POST
    • Result notify
      POST
    • Payout notify
      POST
    • Check request
      POST
  • Card API
    • Overview
    • Client
      • Create client
      • Edit client
      • Update client
      • Verify client
      • Client info
    • Transactions
      • Create transaction
      • Clearing transaction
      • Refund transaction
      • Transaction info
      • Transaction status
    • Activate card
      POST
    • Block card
      POST
    • Balance
      POST
    • Bulk issue
      POST
    • Card info
      POST
    • Сards' list
      POST
    • Card tokenization
      POST
    • Cardholder validation
      POST
    • Close card
      POST
    • Issue card
      POST
    • Issue plastic card
      POST
    • Limits list
      POST
    • Operations' list
      POST
    • Reset PIN counter
      POST
    • Request' status
      POST
    • Secret data
      POST
    • Set limits
      POST
    • Set PIN
      POST
    • Statement extended
      POST
    • Unblock card
      POST
  • Partner API
    • Rates
      • Overview
      • Rates
    • Products
      • Overview
      • Dictionaries
      • Add client with product
      • Request status
      • Create terminal
    • E-Money
      • Overview
      • Add
      • Owner identification
      • Info
      • Close
      • Block
      • Balance
      • Statement
      • Request Status
    • Device ID
      • Android SDK
      • iOS SDK
    • Implement SuperApp
      • Overview
      • Pay
      • Refund
    • Account
      • Settlement
        • Overview
        • Create payment
        • Payment status
        • Batch statuses
    • Invoice
  1. Card API

Overview

Enviroments#

ENVURL
Producationhttps://api.freedompay.kz
Testhttps://test-api.freedompay.kz

Request header#

NameValueDescription
Content-typeapplication/jsonRequest body format
X-JWS-SignaturestringRequest signature
request-id must be unique. If duplicates are found, an error will be returned and the request will not be processed.

API field formats#

TypeFormat
string[a-zA-Z0-9`*()@#$!~-_,.|/+=^&]
string(datetime)ISO 8601 YYYY-MM-DDThh:mm:ss±hh:mm
string(uuid)uuid
string(date)ISO 8601 YYYY-MM-DD

Authorization#

Request authorization occurs by generating and passing the JWS token in the X-JWS-Signature header.
The JWS is the part of the JWT token that contains only the header and signature.
Request type application/json.

Signature#

To generate the request signature, you must have the secret and perform the following steps:
minify the request body
create an HS256 JWT signature
remove the payload from the generated JWT
add the resulting signature to the request header X-JWT-Signature

Signature example#

Request Body:
{
    "request_id":"828cf71d-a447-4a67-a149-c1df8bc197ca",
    "card_id":"828cf71d-a447-4a67-a149-c1df8bc197ca"
}
JWT token header:
{
    "alg": "HS256",
    "typ": "JWT",
    "auth_id": "56155",
    "uri": "/v5/card-api/card/info",
    "method": 'POST',
    "params": ""
}
JWT token with HS256 signatire
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImF1dGhfaWQiOiI1NjE1NSIsInVyaSI6Ii92NS9jYXJkLWFwaS9jYXJkL2luZm8iLCJtZXRob2QiOiJQT1NUIiwicGFyYW1zIjoiIn0.eyJyZXF1ZXN0X2lkIjoiODI4Y2Y3MWQtYTQ0Ny00YTY3LWExNDktYzFkZjhiYzE5N2NhIiwiY2FyZF9pZCI6IjgyOGNmNzFkLWE0NDctNGE2Ny1hMTQ5LWMxZGY4YmMxOTdjYSJ9.4dVsi1MsimSiwSaCayifqQpuDbg5sCh6Q155cw58TaI
Result signature:
You have to cut out the part containing payload from the JWT token and get the following line:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImF1dGhfaWQiOiI1NjE1NSIsInVyaSI6Ii92NS9jYXJkLWFwaS9jYXJkL2luZm8iLCJtZXRob2QiOiJQT1NUIiwicGFyYW1zIjoiIn0..4dVsi1MsimSiwSaCayifqQpuDbg5sCh6Q155cw58TaI
Result string is the signature of the request and must be passed in the X-JWS-Signature request header parameter.

Signature postman script#

Test parameters#

ParameterValue
card-id

Timeouts#

If you do not receive a response to the request within 30 seconds, you must query its status using your request-id. If the response indicates that such a request does not exist, you may resend the request.
Synchronous methods support repeated requests with identical parameters.

Error response#

API requests may return errors with HTTP codes 400, 401, 404, 422, or 500
The error response format is as follows:
response.error

Previous
Check request
Next
Create client