Skip to main content
POST
/
v1
/
payment-method-sessions
/
{id}
/
confirm
Payment Method Session - Confirm a payment method session
curl --request POST \
  --url https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --header 'X-Profile-Id: <x-profile-id>' \
  --data '
{
  "payment_method_data": {
    "card": {
      "card_cvc": "123",
      "card_exp_month": "10",
      "card_exp_year": "30",
      "card_number": "4242424242424242"
    }
  },
  "payment_method_subtype": "credit",
  "payment_method_type": "card"
}
'
import requests

url = "https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm"

payload = {
"payment_method_data": { "card": {
"card_cvc": "123",
"card_exp_month": "10",
"card_exp_year": "30",
"card_number": "4242424242424242"
} },
"payment_method_subtype": "credit",
"payment_method_type": "card"
}
headers = {
"X-Profile-Id": "<x-profile-id>",
"Authorization": "<api-key>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {
'X-Profile-Id': '<x-profile-id>',
Authorization: '<api-key>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
payment_method_data: {
card: {
card_cvc: '123',
card_exp_month: '10',
card_exp_year: '30',
card_number: '4242424242424242'
}
},
payment_method_subtype: 'credit',
payment_method_type: 'card'
})
};

fetch('https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'payment_method_data' => [
'card' => [
'card_cvc' => '123',
'card_exp_month' => '10',
'card_exp_year' => '30',
'card_number' => '4242424242424242'
]
],
'payment_method_subtype' => 'credit',
'payment_method_type' => 'card'
]),
CURLOPT_HTTPHEADER => [
"Authorization: <api-key>",
"Content-Type: application/json",
"X-Profile-Id: <x-profile-id>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm"

payload := strings.NewReader("{\n \"payment_method_data\": {\n \"card\": {\n \"card_cvc\": \"123\",\n \"card_exp_month\": \"10\",\n \"card_exp_year\": \"30\",\n \"card_number\": \"4242424242424242\"\n }\n },\n \"payment_method_subtype\": \"credit\",\n \"payment_method_type\": \"card\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("X-Profile-Id", "<x-profile-id>")
req.Header.Add("Authorization", "<api-key>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm")
.header("X-Profile-Id", "<x-profile-id>")
.header("Authorization", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"payment_method_data\": {\n \"card\": {\n \"card_cvc\": \"123\",\n \"card_exp_month\": \"10\",\n \"card_exp_year\": \"30\",\n \"card_number\": \"4242424242424242\"\n }\n },\n \"payment_method_subtype\": \"credit\",\n \"payment_method_type\": \"card\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://sandbox.hyperswitch.io/v1/payment-method-sessions/{id}/confirm")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["X-Profile-Id"] = '<x-profile-id>'
request["Authorization"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"payment_method_data\": {\n \"card\": {\n \"card_cvc\": \"123\",\n \"card_exp_month\": \"10\",\n \"card_exp_year\": \"30\",\n \"card_number\": \"4242424242424242\"\n }\n },\n \"payment_method_subtype\": \"credit\",\n \"payment_method_type\": \"card\"\n}"

response = http.request(request)
puts response.read_body
{
  "id": "0a_pms_01926c58bc6e77c09e809964e72af8c8",
  "expires_at": "2023-01-18T11:04:09.922Z",
  "client_secret": "cs_9wcXDRVkfEtLEsSnYKgQ",
  "keep_alive": true,
  "customer_id": "0a_cus_01926c58bc6e77c09e809964e72af8c8",
  "billing": {
    "address": {
      "city": "New York",
      "line1": "123, King Street",
      "line2": "Powelson Avenue",
      "line3": "Bridgewater",
      "zip": "08807",
      "state": "New York",
      "first_name": "John",
      "last_name": "Doe",
      "origin_zip": "08807"
    },
    "phone": {
      "number": "9123456789",
      "country_code": "+1"
    },
    "email": "<string>"
  },
  "network_tokenization": {},
  "tokenization_data": "<unknown>",
  "return_url": "https://merchant-website.com/return",
  "next_action": {
    "redirect_to_url": "https://example.com/redirect",
    "type": "redirect_to_url"
  },
  "authentication_details": {
    "error": {
      "code": "card_declined",
      "message": "The card was declined.",
      "reason": "The card was declined.",
      "unified_code": "card_declined",
      "unified_message": "The card was declined.",
      "network_advice_code": "01",
      "network_decline_code": "05",
      "network_error_message": "Do not retry"
    }
  },
  "associated_payment_methods": [
    {
      "payment_method_token": {
        "type": "payment_method_session_token",
        "data": "token_9wcXDRVkfEtLEsSnYKgQ"
      }
    }
  ],
  "associated_token_id": "0a_tok_01926c58bc6e77c09e809964e72af8c8",
  "card_cvc_token_storage": {
    "is_stored": true,
    "expires_at": "2024-02-24T11:04:09.922Z"
  },
  "payment_method_data": {
    "card": {
      "saved_to_locker": true,
      "last4_digits": "4242",
      "expiry_month": "10",
      "expiry_year": "25",
      "card_holder_name": "John Doe",
      "card_fingerprint": "fingerprint_12345",
      "nick_name": "Card",
      "card_isin": "4567890",
      "card_issuer": "Issuer Bank",
      "card_type": "Credit"
    }
  },
  "sdk_authorization": "cHJvZmlsZV9pZD0uLi4=",
  "network_tokenization_data": {
    "payment_method_data": {
      "last4_digits": "4242",
      "network_token_expiry_month": "05",
      "network_token_expiry_year": "27",
      "nick_name": "Card",
      "card_holder_name": "John Doe",
      "card_isin": "16712672",
      "card_issuer": "Bank of America",
      "card_type": "Credit",
      "saved_to_locker": true,
      "par": "522134KAVJ1JPZ8L77N0Z2LRYZS7J"
    }
  },
  "external_vault_details": {
    "vgs": {
      "external_vault_id": "<string>",
      "sdk_env": "<string>"
    }
  }
}

Authorizations

Authorization
string
header
required

Format: publishable-key=<publishable-key>,client-secret=<client-secret>

Publishable keys are a type of keys that can be public and have limited scope of usage. Client Secret provide temporary access to singular data, such as access to a single customer object for a short period of time. This authentication scheme is used by the SDK.

Headers

X-Profile-Id
string
required

Profile ID associated to the payment intent

Path Parameters

id
string
required

The unique identifier for the Payment Method Session

Body

application/json
payment_method_type
enum<string>
required

Indicates the type of payment method. Eg: 'card', 'wallet', etc.

Available options:
card,
card_redirect,
pay_later,
wallet,
bank_redirect,
bank_transfer,
crypto,
bank_debit,
reward,
real_time_payment,
upi,
voucher,
gift_card,
open_banking,
mobile_payment,
network_token
payment_method_data
Card · object
required

The payment method information provided for making a payment

payment_method_subtype
enum<string> | null

Indicates the sub type of payment method. Eg: 'google_pay' & 'apple_pay' for wallets.

Available options:
ach,
affirm,
afterpay_clearpay,
alfamart,
ali_pay,
ali_pay_hk,
alma,
amazon_pay,
paysera,
apple_pay,
atome,
bacs,
bancontact_card,
becs,
benefit,
bizum,
blik,
bluecode,
boleto,
bca_bank_transfer,
bni_va,
breadpay,
bri_va,
bhn_card_network,
card_redirect,
cimb_va,
classic,
credit,
crypto_currency,
cashapp,
dana,
danamon_va,
debit,
duit_now,
efecty,
eft,
eft_debit_order,
eps,
flexiti,
fps,
evoucher,
giropay,
givex,
google_pay,
go_pay,
gcash,
ideal,
interac,
indomaret,
klarna,
kakao_pay,
local_bank_redirect,
mandiri_va,
knet,
mb_way,
mobile_pay,
momo,
momo_atm,
multibanco,
online_banking_thailand,
online_banking_czech_republic,
online_banking_finland,
online_banking_fpx,
online_banking_poland,
online_banking_slovakia,
oxxo,
pago_efectivo,
permata_bank_transfer,
open_banking_uk,
pay_bright,
payjustnow,
paypal,
paze,
pix,
pix_key,
pix_emv,
pix_qr,
pix_automatico_qr,
pix_automatico_push,
pay_safe_card,
przelewy24,
prompt_pay,
pse,
qris,
red_compra,
red_pagos,
samsung_pay,
sepa,
sepa_bank_transfer,
sepa_guarenteed_debit,
skrill,
sofort,
swish,
touch_n_go,
trustly,
twint,
upi_collect,
upi_intent,
upi_qr,
vipps,
viet_qr,
venmo,
walley,
we_chat_pay,
seven_eleven,
lawson,
mini_stop,
family_mart,
seicomart,
pay_easy,
local_bank_transfer,
mifinity,
open_banking_pis,
direct_carrier_billing,
instant_bank_transfer,
instant_bank_transfer_finland,
instant_bank_transfer_poland,
revolut_pay,
indonesian_bank_transfer,
open_banking,
network_token
return_url
string | null

The return url to which the customer should be redirected to after adding the payment method

customer_acceptance
object | null

This "CustomerAcceptance" object is passed during Payments-Confirm request, it enlists the type, time, and mode of acceptance properties related to an acceptance done by the customer. The customer_acceptance sub object is usually passed by the SDK or client.

Response

Payment Method created

id
string
required
Example:

"0a_pms_01926c58bc6e77c09e809964e72af8c8"

expires_at
string<date-time>
required

The iso timestamp when the session will expire Trying to retrieve the session or any operations on the session after this time will result in an error

Example:

"2023-01-18T11:04:09.922Z"

client_secret
string
required

Client Secret

Example:

"cs_9wcXDRVkfEtLEsSnYKgQ"

storage_type
enum<string>
required
Available options:
volatile,
persistent
keep_alive
boolean
required

Whether the card with new status should be listed in the session

customer_id
string | null

The customer id for which the payment methods session is to be created

Example:

"0a_cus_01926c58bc6e77c09e809964e72af8c8"

billing
object | null
network_tokenization
object | null

The network tokenization configuration for creating the payment method session

tokenization_data
any | null

Contains data to be passed on to tokenization service ( if present ) to create token_id for given JSON data

return_url
string | null

The return url to which the user should be redirected to

Example:

"https://merchant-website.com/return"

next_action
object

Contains the url for redirection flow

authentication_details
object | null
associated_payment_methods
object[] | null

The payment method that was created using this payment method session

associated_token_id
string | null

The token-id created if there is tokenization_data present

Example:

"0a_tok_01926c58bc6e77c09e809964e72af8c8"

card_cvc_token_storage
object | null
payment_method_data
object
sdk_authorization
string | null

SDK authorization token for client SDK usage Contains encoded authentication details for subsequent API calls

Example:

"cHJvZmlsZV9pZD0uLi4="

network_tokenization_data
object | null
external_vault_details
object