Ifthenpay integrates with numerous e-commerce platforms, invoicing software, and others.


Before developing, check if there is already integration with the platform you use, developed by ifthenpay, the platform manufacturer or a third party.


Related topics:


If you need to develop the integration from scratch, below is a description of our API for integrating credit/debit card payments into your platform.




Replace the [CCARD_KEY] with the one sent by Ifthenpay.

* If you want to carry out tests in our Sandbox, ask us for a CCARD_KEY.


POST method

Request format in Json (Body)


    "orderId": "order_45678",

    "amount": "11.55",

    "successUrl": "https://youraddress.com/sucess.php",

    "errorUrl": "https://youraddress.com/error.php",

    "cancelUrl": "https://youraddress.com/cancel.php",

    "language" : "en" 



orderId: (required) Maximum 15 alphanumeric characters.

amount: (required) Decimal separator "." (ex: "11.55")

successUrl: (required) Functions as payment confirmation. Redirect the customer to the success page. Payment is confirmed.

errorUrl: (required) Redirect the customer if there is an error that makes the transaction impossible. There was no payment.

cancelUrl: (required) Redirect the customer if the transaction is canceled on the data entry page.

language: (optional) Language presented to the customer when entering card details. Default "en".


Response format

All request have the following response:


    "Message": "Success",

    "PaymentUrl": "https://webkit.lemonway.fr/mb/ifthenpay/prod/?moneyintoken=2505319216xvju0GqcbrgEftsACpognW2aa",

    "RequestId": "36jvlEhUYeknQ8PHKprR",

    "Status": "0"



Message: Message associated with the Status

PaymentUrl: Whenever status="0" a url is returned to redirect the customer to enter credit card details. It is from this point that Payment begins. This redirection must always be carried out using the GET method.

RequestId: Token associated with the request, as in MB WAY and PAYSHOP. It must be saved to identify the payment.

Status: Indicates the initialization status of the request. In case of Status <> "0" analyze the error message.


Example of response in case of failure:


    "Message": "Unauthorized request",

    "PaymentUrl": "",

    "RequestId": "",

    "Status": "-1"



In case of error, it returns empty PaymentUrl and RequestId.


Important note:


Three parameters will be added to all addresses sent in the request (Success, Error or Cancel): id, amount and requestId.

  •  id - OrderId sent at startup.
  •  amount - Amount paid.
  •  requestId - Token associated with the request


In the case of successful payment, an additional parameter is added: sk (signature key)

- sk (signature for order authentication)




In the example order above and in any of the scenarios (Error or Cancel)



In case of (Success) it would be:



The signature key (sk) value is calculated using SHA-256 HASH.



The parameter values (id, amount and requestId) are encrypted with your CCKey.

message: order_4567811.5536jvlEhUYeknQ8PHKprR


Secret key/Ccard Key used for testing: AAA-000000 (credit card data may be requested to be used in the sandbox)

Signature key generated: d7d2fd272233f0102e6dd0e50969025481cdfe3abb87cc3f135f74cfb47b2561


Note: You can send parameters to the addresses, but you should never pass parameters with the same names that will be added later.