The payment card number entered in an initial authorization/sale request. This field will always be masked when returned in a response.
Shift4 Payment API (1.7.43)
Overview
Languages
Servers
Host Direct Test URL
https://api.shift4test.com/api/rest/v1/
Host Direct Production URL
https://api.shift4api.net/api/rest/v1/
Request
Used to check the level of risk before processing a transaction. Risk assessment returns four possible values: approve, deny, escalate and review. If the risk transaction is approved or review, you will be able to make a payment call with the risk assessment, risk id and transaction id you get in response.
Integration Methods:
- Host Direct
See the Integration Methods and URLs Section sections of the Development Quick Start guide for details regarding each processing option.
See the JSON Body Schemas for more details on the various JSON body formats.
Security
AccessToken
Headers
Bodyapplication/jsonrequiredRefers to the version of the program or application that is sending requests to Shift4. The following special characters are not allowed: $ % : ^ - ~ < > , ? “ ” ‘ ’ { } [ ] \ + =
Example: 2.1
Refers to the name of the program or application that is sending requests to Shift4. This should be the name of the program that you purchased or created. The following special characters are not allowed: $ % : ^ - ~ ` < > , ? “ ” ‘ ’ { } [ ] \ + =
Example: ForwardPOS
Refers to the vendor or partner that designed and certified the interface. The information you use in this field should match what Shift4 has on file or what was agreed upon in your Integration Plan. The following special characters are not allowed: $ % : ^ - ~ ` < > , ? “ ” ‘ ’ { } [ ] \ + =
Example: PAWS
A security credential used to authenticate API requests and all i4Go® authorizeClient/preauthorizeClient requests. An Access Token is the alias for the merchant account and interface being used. The Access Token is required in all requests except an Access Token Exchange request, which generates an Access Token using an authToken and clientGuid.
Example: EA79FB05-3AA7-4500-AF9A-73F986FF2C1D
One of:
The date and time in ISO 8601 format including the timezone offset (yyyy-mm-ddThh:mm:ss.nnn+hh:mm).
Must be sent as the local date/time of the merchant. For example, a request processed at a merchant in the Pacific time zone at 9:18am on April 15th 2021 would be sent as 2021-04-15T09:18:23.283-07:00
Example: "2022-02-07T12:36:42.948061-05:00"
Example: {"type":"CC","number":"342877777777705","expirationDate":"1123,","entryMode":"M","present":"N"}
Payment Type submitted by merchant:
| Value | Description |
|---|---|
| AP | Apple Pay |
| CC | Credit Card |
| PP | PayPal |
| GC | Gift Card |
Enum"AP""CC""PP""GC"
Example: "CC"
Conditional: Send only when card data is manually entered or when using a token. This field should not be specified when using an encrypted device.
Card expiration date in MMYY format. This value should only be populated in the initial sale/authorization request.
Example: "1123,"
Conditional: The Card Entry Mode should be sent in an initial request; in subsequent requests, it should be left blank or not sent. When using a Universal Transaction Gateway® (UTG®)-controlled PIN pad, this field should be left blank or not sent in a request; the UTG will capture the card entry mode and return it in the response. When P2PE data is being sent from a non-UTG controlled device, this field is not needed
The method used to capture a payment card in an authorization/sale request.
| Value | Description |
|---|---|
| 1 | Track 1 Only or Dual Track (Track 1 & 2) |
| 2 | Track 2 Only |
| C | EMV Contactless |
| E | EMV Chip |
| M | Manual Entry |
| Q | QR Code |
| R | Contactless MSD via card or mobile wallet |
Enum"1""2""C""E""M""Q""R"
Example: "M"
Conditional: Send in the initial authorization/sale request
Indicates whether a card was present (‘Y’) or not (‘N’) at the time a transaction took place. This should be set appropriately in the initial authorization/sale request. In subsequent requests, this field should be left blank or should not be sent.
Note: Subsequent request here does not apply to the secondary request for card on file type transactions or reuse of the same card. An example of a subsequent request would be a capture after an authorization. You would not include card.present in the capture, which is the subsequent request. Another example is when performing an incremental authorization where you perform an authorization, followed by an incremental authorization then a capture. The second authorization (incremental) and the capture are the subsequent requests where you would not include card.present.
Enum"Y""N"
Example: "N"
Example: {"toShip":"Y","orderId":"orderId","invoice":"0207123502","vendorReference":"simulator1.0:0207123502"}
10-digit invoice number assigned by the interface to identify a transaction. An invoice number serves as a unique key that identifies a transaction within a batch in Shift4's Gateway.
Note: For US and Canadian processing: Although the invoice number is sent as a JSON string it is a numeric value. No alpha characters are allowed.
For processing outside of the US and Canada alpha characters are allowed.
Example: "0207123502"
Merchants acknowledgement to ship/process the order.
Enum"Y""N"
Example: "Y"
Optional field for information that can be searched in the merchant portal.
Example: "simulator1.0:0207123502"
Object containing information regarding the amount being requested. The total field within the object is required and specifies the amount being requested. All other fields are for informational purposes and must also be included in the total field. For example, a purchase of $100 with $8 tax would be “108.00” in the total field and "8.00" in the tax field.
Note: For merchants that are configured to allow multiple currencies, the amount fields can specify up to three decimal places. However, the number of decimal places can not exceed the number allowed for the specified currency. See the Currency Codes section for details.
Example: {"total":76001.99}
The amount being charged for a particular transaction. If other amount fields are sent, they must be included in the total amount. Amount cannot be zero.
Example: 76001.99
The amount of sales tax charged for a transaction. The tax amount is used by businesses to track tax expenses for accounting purposes. Identifying the tax amount also helps consumers understand the total amount that they were billed. This field is part of Level 2 card data.
Transaction currency code. See the Currency Codes section for details.
Note: This is currently supported when processing for a merchant outside of the US and Canada. If processing for a US or Canadian merchant then this field will be ignored and the transaction will process in the merchant's configured currency.
Example: "USD"
Example: {"sessionId":"123420552ab34024b461455de4bcb482"}
Public source IP Address where the request originates, not the IP Address of the web server.
Example: "10.249.11.239"
- Host Direct Test URL
https://api.shift4test.com/api/rest/v1/risk/assess
- Host Direct Production URL
https://api.shift4api.net/api/rest/v1/risk/assess
- Payload
- curl
- JavaScript
- Node.js
- Python
- Java
- C#
- PHP
- Go
- Ruby
- R
application/json
{ "dateTime": "2022-02-07T12:36:42.948061-05:00", "transaction": { "toShip": "Y", "orderId": "orderId", "invoice": "0207123502", "vendorReference": "simulator1.0:0207123502" }, "card": { "type": "CC", "number": "342877777777705", "expirationDate": "1123,", "entryMode": "M", "present": "N" }, "amount": { "total": 76001.99 }, "currencyCode": "USD", "risk": { "sessionId": "123420552ab34024b461455de4bcb482" }, "sourceIp": "10.249.11.239", "customer": { "emailAddress": "firstname.lastname@email.com" }, "shoppingCart'": [ { "type": "Deodarant", "description": "New Spice Fiji", "sku": "579446588", "quantity": "5", "price": 4 }, { "type": "Toothbrush", "description": "Electric Model", "sku": "135488945", "quantity": "1", "price": 104.99 } ] }
Response
application/json
{ "result": [ { "dateTime": "2021-04-15T09:18:23.283-07:00", "amount": { "total": 76001.99 }, "card": { "token": { … } }, "merchant": { "mid": 15877, "name": "Merchant XYZ" }, "risk": { "tranId": "DDWT0P3LG6LL", "assessment": "A" }, "transaction": { "s4RiskId": "EC52377F-5A8E-4534-BE7A-CF779A35BE45", "invoice": "0207123502", "orderId": "orderId" } } ] }