Card
Compliance Required
Using direct card charge involves handling some very sensitive customer data, so a PCI DSS compliance certificate is required. When you've got one, contact your Relationship Manager or reach out to [email protected] to enable this feature on your account.
Direct card charge allows you to charge both local cards (issued in your country of operation) and international cards. This is useful if your customers are predominantly credit/debit card users, and you'd prefer for them to manage payments via your app.
Your country of operation is the country you selected when you created your Flutterwave account. If you accept payments from cards issued in other countries, or you charge in currencies apart from your local currency, the payment will be considered "international".
Charge Card
Request
{{baseUrl}/production/chargecurl --request POST \
--url https://e59kqicjn1.execute-api.us-east-2.amazonaws.com/production/charge \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"transactionId": "Flick-1b5a8273-7f2c-4a6b-8d9e-6d2f12c3a5e9-xyz",
"cardDetails": "pXj4L9yzYbcHIWDrQtSv6GoVuxPNtaGdZlQ7rK6JHgT2EhUNFAVzTdqfoL4zkxXkcGtYK3P2eNyJVSCD1LrWFkof9FoGmRzP0lI8/DKxRsO9g3Si2aRtnOejFrOB85JyLNObgHlEwh9bsNmXkuyUyBnaJyJqWv3RtTPvXgKadss56FadclI8ojgfW54bQyr8d5rSipZ
}
'Query Parameters
| getParameter | type | Description | |
|---|---|---|---|
| transactionId | string | unique identifier associated with the transaction | required |
| cardDetails | string | information associated with the payment card | required |
Response
Successful Response
{
"status": 200,
"data": {
"status": "success",
"requireAuth": "true",
"transactionId": "Flick-1b5a8273-7f2c-4a6b-8d9e-6d2f12c3a5e9-xy",
"authorizationMode": "otp",
"authorizationFields": "otp",
"amount": "12345",
"message": "Waiting for OTP",
"otpmessage": "Kindly enter the OTP sent to your phone number ending with ********175"
}
}Failed Response
{
status:400,
message:"Unauthroized Access",
}Verify PIN
To verify a PIN with Flick, follow these steps:
- Make a Verification Request
Send a POST request to Flick's OTP verification endpoint, providing the PIN and other necessary parameters.
Request
{{baseUrl}}/production/verify-pincurl --request POST \
--url https://e59kqicjn1.execute-api.us-east-2.amazonaws.com/production/verify-pin \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"pin": "123456",
"transactionId": "Flick-4a2111111117-12ed-adc2-a3514a54591f-eee"
}
'Query Parameters
| Parameter | type | Description | |
|---|---|---|---|
| transactionId | string | unique identifier associated with the transaction | required |
| pin | string | unique secured pin for transaction | required |
- Receive Verification Response
Flick's OTP verification API will respond with the verification result.
Example Response (Success):
Successful Response
{
"status": 200,
"data": {
"redirecturl": "?",
"trxref": "Flick-4a2111111117-12ed-adc2-a3514a54591f-eee",
"trans": "3137834558",
"reference": "Flick-4a2111111117-12ed-adc2-a3514a54591f-eee",
"status": "success",
"message": "Waiting for OTP",
"response": "123456"
}
}Failed Response
{
status:400,
message:"Unauthroized Access",
}- Handle the Verification Result
- If the response indicates success, the provided PIN matches the generated PIN, and the user can proceed with the intended action (e.g., login, transaction).
- If the response indicates an error, the PIN verification failed, and access should be denied.
Verify OTP
To generate OTPs using Flick, you need to make a POST request to Flick's OTP generation endpoint with the necessary parameters.
Request
{{baseUrl}/production/verify-otpcurl --request POST \
--url https://e59kqicjn1.execute-api.us-east-2.amazonaws.com/production/verify-otp \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"otp": "983467",
"transactionId": "Flick-4a28be60-9087-12ed-adc2-a3514a54591f-aab"
}
'Query Parameters
| Parameter | type | Description | |
|---|---|---|---|
| transactionId | string | unique identifier associated with the transaction | required |
| otp | string | one time password authentication | required |
Successful Response
{
"status": 200,
"data": {
"redirecturl": "?",
"trxref": "Flick-4a28be60-9087-12ed-adc2-a3514a54591f-aaa",
"trans": "3137834558",
"reference": "Flick-4a28be60-9087-12ed-adc2-a3514a54591f-aaa",
"status": "success",
"message": "Waiting for OTP",
"response": "12345"
}
}Failed Response
{
status:400,
message:"Unauthroized Access",
}Updated 2 months ago