Getting Started With Your API

Introduction

The CartGateway API is a HTTP REST API. It accepts JSON encoded bodies, and returns JSON encoded responses. It uses standard HTTP response codes. The API can be accessed at <https://api.cartgateway.com/>

Authentication

You will need to use your API Key to authenticate all your requests to the CartGateway API. You will also need to pass your Account ID as an additional header.

Authentication is done via Bearer auth and you will need to use your Private Key. The additional header for the Account ID is the CARTGATEWAY-ACCOUNT-ID header, and you will need to use your Account ID.

Both of these values can be found on the CartGateway Merchant Portal. Screenshots

For example, if our Account ID is 123 and our API Secret is abc123, we would use the following headers:

curl -X POST \
  'https://api.cartgateway.com/payment/lookup' \
  --header 'Accept: application/json' \
  --header 'Authorization: Bearer abc123' \
  --header 'CARTGATEWAY-ACCOUNT-ID: 123' \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "payment_id": "1234"
}'

Country Codes

When submitting the address for charge and authorize endpoints, you should use the 2 Digit Country Codes instead of the full name of the country.

Testing

To find out more about how to test the API, read the Testing Environment documentation.

Response Codes and Errors

The CartGateway API will return standard HTTP response codes depending on whether the transaction was successful or not. The following is a summary of the response codes you can expect:

Error responses will give more information about the error in the JSON encoded body of the response. For example:

{
  "error": "401 - Unauthorized. The access token is not valid (invalid-passed-privatekey)."
}