Throughout this document and the Velo platform the following terms are used:
The Velo Payments API allows a payor to perform a number of operations. The following is a list of the main capabilities in a natural order of execution:
This document describes the main concepts and APIs required to get up and running with the Velo Payments platform. It is not an exhaustive API reference. For that, please see the separate Velo Payments API Reference.
The Velo Payments API is REST based and uses the JSON format for requests and responses.
Most calls are secured using OAuth 2 security and require a valid authentication access token for successful operation. See the Authentication section for details.
Where a dynamic value is required in the examples below, the {token} format is used, suggesting that the caller needs to supply the appropriate value of the token in question (without including the { or } characters).
Where curl examples are given, the –d @filename.json approach is used, indicating that the request body should be placed into a file named filename.json in the current directory. Each of the curl examples in this document should be considered a single line on the command-line, regardless of how they appear in print.
Once Velo backoffice staff have added your organization as a payor within the Velo platform sandbox, they will create you a payor Id, an API key and an API secret and share these with you in a secure manner.
You will need to use these values to authenticate with the Velo platform in order to gain access to the APIs. The steps to take are explained in the following:
create a string comprising the API key (e.g. 44a9537d-d55d-4b47-8082-14061c2bcdd8) and API secret (e.g. c396b26b-137a-44fd-87f5-34631f8fd529) with a colon between them. E.g. 44a9537d-d55d-4b47-8082-14061c2bcdd8:c396b26b-137a-44fd-87f5-34631f8fd529
base64 encode this string. E.g.: NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ==
create an HTTP Authorization header with the value set to e.g. Basic NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ==
perform the Velo authentication REST call using the HTTP header created above e.g. via curl:
Docs
Main site
Need help?
Participate
Resources curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Basic NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ==" \
'https://api.sandbox.velopayments.com/v1/authenticate?grant_type=client_credentials'
If successful, this call will result in a 200 HTTP status code and a response body such as:
{
"access_token":"19f6bafd-93fd-4747-b229-00507bbc991f",
"token_type":"bearer",
"expires_in":1799,
"scope":"..."
}
Following successful authentication, the value of the access_token field in the response (indicated in green above) should then be presented with all subsequent API calls to allow the Velo platform to validate that the caller is authenticated.
This is achieved by setting the HTTP Authorization header with the value set to e.g. Bearer 19f6bafd-93fd-4747-b229-00507bbc991f such as the curl example below:
-H "Authorization: Bearer 19f6bafd-93fd-4747-b229-00507bbc991f "
If you make other Velo API calls which require authorization but the Authorization header is missing or invalid then you will get a 401 HTTP status response.
Use this page to mock Velo Payments APIs in your testing and development.
Run our mock API sample using the open source WireMock library, or in the free edition of WireMock Cloud. You'll have a working API server simulating the behavior of Velo Payments APIs, which will allow you to keep building and testing even if the actual API you isn't currently available.
