Edenred Direct Payment Services icon

Edenred Direct Payment Services

2.0.x
(0 reviews)

Use Case: Romania

1. Generalities

In Romania, with the Ticket Restaurant Card, a user can spend the amount requested without any limitation (in the limit of the balance available on his account), i.e. balance can’t be negative.

The regulation(s) are handled on the Edenred side. Please note that all amounts in our API are given in cents (example: 9RON = 900).

2. User Security Tokens

Please refer to this section for more details about security tokens.

2.1. Login Process

Edenred Connect v4 Url:

https://sso.sbx.edenred.io/connect/authorize?response_type=code&client_id=e3707e2c2aa34407b54a47d0d993f188&scope=openid%20edg-xp-mealdelivery-api%20offline_access&redirect_uri=http://nowhere.edenred.net/oauth/callback&state=abc123&nonce=456azerty&acr_values=tenant:ro-ben&ui_locales=en

Example of account that can be used to test the API:

  Username: erro-edps03@edenred.com
  Password: Edenred2021*
  PAN: 2937

2.2. Logout Process

Logout the Edenred account from your platform. All tokens are then invalid

GET /connect/endsession?id_token_hint=<idToken>=<postLogoutRedirectUri> HTTP/1.1
Host: {{authentication-URL}}

Where

'authentication-url' = sso.sbx.edenred.io

And idToken is retrieved from the refreshing token response

And postLogoutRedirectUri is a callback URL whitelisted on our side (to be provided in the configuration request)

eg: postLogoutRedirectUri = http://nowhere.edenred.net/oauth/callback

3. Direct Payment API

3.1. Postman Collection

Postman Collection Link:

Run in Postman

3.2. User Balance

Get Balances

Gets all the available user vouchers including the full sum of their values.

The authorization header is mandatory for this request.

Request:

 GET /v2/users/{username}/balances HTTP/1.1
 Host: directpayment.stg.eu.edenred.io
 Authorization: Bearer {token}
 X-Client-Id: {payment-clientId}
 X-Client-Secret: {payment-clientSecret}

Response:

{
  "meta": {
    "status": "succeeded",
    "messages": []
  },
  "data": [
    {
      "available_amount": 305418,
      "currency": "RON"
    }
  ]
}

Estimate Charge

Check if an amount can be spent and answer the possible amount that can be spent. If the requested amount is above the available balance, the service will provide the available amount in the response.

The authorization header is mandatory for this request.

Request:

 POST /v2/users/{username}/actions/estimate-charge HTTP/1.1
 Host: directpayment.stg.eu.edenred.io
 Authorization: Bearer {token}
 X-Client-Id: {payment-clientId}
 X-Client-Secret: {payment-clientSecret}
 Content-Type: application/json
 {
   "amount": 1900
 }

Response:

 {
   "meta": {
      "status": "succeeded",
      "messages": []
    },
   "data": {
      "available_amount": 1500,
      "currency": "RON"
    }
 }

3.3. User Transactions

Capture Mode: Auto

Step 1: Auto Capture a payment

An auto capture can be requested with an amount and/or a voucher array.

The authorization header should be set for this operation.

The field tstamp MUST be set in order to manage idempotency

Request:

 POST /v2/transactions HTTP/1.1
 Host: directpayment.stg.eu.edenred.io
 Authorization: Bearer {token}
 X-Client-Id: {payment-clientId}
 X-Client-Secret: {payment-clientSecret}
 Content-Type: application/json
 {
  "order_ref": "order-002",
  "mid": "00176631098",
  "amount": 1,
  "currency": "RON",
  "capture_mode": "auto",
  "extra_field": "order-002",
  "tstamp": "2019-05-23T14:02:50Z"
 }

Response:

{
   "meta": {
        "status": "succeeded",
        "messages": []
    }
    "data": {
        "order_ref": "order-002",
        "mid": "00176631098",
        "authorization_id": "455211",
        "authorized_amount": 1,
        "capture_id": "455211",
        "capture_amount": 1,
        "status": "captured"
    }
}
Step 2: Refund a captured payment

Once captured, a transaction can't be cancelled but have to be refunded.

The authorization_id provided during the payment process must be provided in this request.

The authorization header should not be set for this operation.

The field tstamp MUST be set in order to manage idempotency

Refund Request:

 POST /v2/transactions/{authorization_id}/actions/refund HTTP/1.1
 Host: directpayment.stg.eu.edenred.io
 X-Client-Id: {payment-clientId}
 X-Client-Secret: {payment-clientSecret}
 Content-Type: application/json
 {
   "amount": 1,
   "currency": "RON",
   "tstamp": "2019-05-23T14:02:50Z"
 }

Refund Response:

 {
   "meta": {
     "status": "succeeded",
     "messages": []
   },
   "data": {
      "refund_id": "786653",
      "refunded_amount": 1,
      "status": "refunded"
    }
 }

3.4. Get transactions

Please refer to this section for more details about this API.

3.5. Get transaction by ID

Please refer to this section for more details about this API.

4. Error Codes

Status CodeStatusCodeLevelDescription
200succededOKSuccessOK
200succededAUTHSuccessThe transaction has been authorized.
200succededAUTH_PENDINGSuccessThe transaction authorization is pending.
200succededPARTIAL_AUTHSuccessThe transaction has been partially authorized.
400failedINVALID_CARDErrorINVALID CARD SERIAL NUMBER
400failedCARDHOLDER_ALREADY_EXISTSErrorCARDHOLDER ALREADY EXISTS
400failedREFERENCE_ALREADY_EXISTSErrorREFERENCE ALREADY EXISTS
400failedINVALID_ACTIVATION_CODEErrorINVALID ACTIVATION CODE
400failedINVALID_ACCOUNTErrorINVALID ACCOUNT NUMBER
400failedBAD_REQUESTErrorINVALID DATE RANGE
400failedBAD_REQUESTErrorINVALID PAGE OFFSET
400failedBAD_REQUESTErrorDATE FROM TOO OLD
400failedINVALID_CARDHOLDERErrorINVALID CARDHOLDER
400failedINVALID_EMAILErrorINVALID EMAIL
400failedINVALID_PHONEErrorINVALID PHONE
400failedNON_UNIQUE_MOBILE_NUMBERErrorNON-UNIQUE MOBILE NUMBER
400failedCARD_NOT_BLOCKEDErrorCANNOT RESUME(Card not blocked or already blocked)
400failedCARD_ALREADY_REGISTEREDErrorCARD ALREADY REGISTERED
400failedREGISTRATION_NOT_ALLOWEDErrorREGISTRATION NOT ALLOWED
400failedDUPLICATE_CARDHOLDERErrorDUPLICATE CARDHOLDER
400failedCARD_BLOCKEDErrorCard is not in valid state
400failedBAD_REQUESTErrorPIN REQUIRED
400failedCARDHOLDER_STATUS_INVALIDErrorCARDHOLDER STATUS INVALID
400failedCARD_BLOCKEDErrorCARD/ACCOUNT BLOCKED
400failedBAD_REQUESTErrorINVALID PRODUCT BALANCE
400failedBAD_REQUESTErrorINVALID ACCOUNT EXTERNAL REFERENCE
400failedBAD_REQUESTErrorPIN ERROR
400failedBAD_REQUESTErrorPIN LOCKED
400failedBAD_REQUESTErrorPIN STATUS NOT BLOCKED
400failedBAD_REQUESTErrorCARD NOT FULFILLED
400failedCARD_ALREADY_ACTIVATEDErrorCard is already activated
400failedBAD_REQUESTErrorPIN STATUS NOT ACTIVE ACTIVATING
400failedBAD_REQUESTErrorMAX PIN TRIES EXCEEDED
400failedBAD_REQUESTErrorCARD NOT ACTIVE
400failedINVALID_MERCHANTErrorInvalid Merchant
400failedINVALID_AMOUNTErrorINSUFFICIENT FUNDS
400failedINVALID_AMOUNTErrorInvalid Amount
400failedDECLINEDErrorDeclined
400failedTRANSACTION_DUPLICATEDErrorTransaction Duplicated
400failedLIMIT_EXCEEDEDErrorLimit exceeded
400failedPARTIAL_REVERSALS_NOT_ALLOWEDErrorPartial resversals not allowed
400failedINVALID_VOUCHERErrorInvalid Voucher
400failedLOCKOUTErrorlockout
400failedTEMPORARY_HOLDErrorTemporary hold
400failedPARTIAL_AUTH_NOT_SUPPORTEDErrorPartial authorization not supported
400failedCARD_NOT_ACTIVATEDErrorCard is not activated
400failedCARD_BLOCKEDErrorCard blocked
400failedINVALID_ACCOUNTErrorInvalid account
400failedINCORRECT_PINErrorIncorrect PIN
400failedACCOUNT_BLOCKEDErrorAccount blocked
400failedINVALID_CURRENCY_CODEErrorInvalid currency
400failedINVALID_CARDErrorInvalid card
400failedTOPTP_VALIDATION_FAILEDErrortoptp validation failed
400failedINVALID_TRANSACTION_TYPEErrorInvalid transaction type
400failedINVALID_CAPTURE_MODEErrorYou are not allowed to capture transaction
400failedINVALID_VERIFICATION_CODEErrorThe verification code is invalid
400failedCARD_NOT_REGISTEREDErrorCard not registered
400failedACCOUNT_ALREADY_ACTIVATEDErrorUser already activated
400failedINVALID_EMAILErrorEmail already registered
400failedINVALID_TOKENErrorWrong token
400failedEXPIRED_TOKENErrorExpired link
400failedOTHER_REGISTERED_CARDSErrorAccount cannot be deleted because there are other registered cards
400failedWRONG_PHONE_NUMBER_FORMATErrorThe Mobile Phone Number has an incorrect format
400failedTOO_MANY_REGISTRATIONErrorToo many account registrations for the same card
400failedWRONG_EMAIL_FORMATErrorEmail address is invalid
400failedINVALID_CARDErrorInvalid card information provided
400failedACCOUNT_NOT_EXISTEDErrorAccount does not exist or has been deleted
400failedIMPOSSIBLE_ASSOCIATIONErrorCard already linked
400failedWRONG_PHONE_NUMBER_FORMATErrorPhoneNumberWithCountryCode must begin with plus, followed by up to 3 digits, a space and 3 to 12 digits!
400failedWRONG_PHONE_NUMBER_FORMATErrorPhone number should have between 3 and 12 digits, without the leading zero!
400failedWRONG_PHONE_NUMBER_FORMATErrorPhone Country Code must have 1 to 3 digits!
400failedWRONG_PHONE_NUMBER_FORMATErrorThe Romanian phone numbers should have 8 digits after zero!
400failedINVALID_EMAILErrorSpecified email adress is missing from database
400failedIMPOSSIBLE_ASSOCIATIONErrorVirtual cards must use pending associations
400failedIMPOSSIBLE_ASSOCIATIONErrorVirtual Cards cannot be registered with this application!
400failedASSOCIATION_MUST_BE_RESTARTEDErrorThe card doesn't have a pending association with the current user
400failedBAD_REQUESTErrorPlease select the county
400failedINVALID_VERIFICATION_CODEErrorThe verification code is invalid.
400failedBAD_REQUESTErrorINVALID PARAMETERS
400failedACCOUNT_LIMIT_EXCEEDEDErrorAccount has reached the maximun allowed limit
400failedINSUFFICIENT_FUNDSErrorInsufficient funds to complete the request
400failedINACTIVE_ACCOUNTErrorThe account is not active
400failedREQUEST_DENIEDErrorRequest has been rejected due to business rule
400failedDAILY_LIMIT_EXCEEDEDErrorDaily limit on trasferring funds has been reached
400failedINVALID_CUSTOMERErrorThe customer code provided was invalid
400failedINVALID_PAYMENT_REFERENCEErrorPayment reference does not conform to the validation rules
400failedBANKING_NOT_SUPPORTEDErrorBanking is not configured for this Product Class
400failedINACTIVE_BANK_ACCOUNTErrorThe bank account is not active
400failedINVALID_PAYEE_DETAILSErrorThe payee details provided are invalid
400failedPAYEE_REFERENCE_NOT_FOUNDErrorPayee with the given reference does not exist on system
400failedBANK_ACCOUNT_RESTRICTEDErrorBanking functionality has been restricted for this card holder or this account
400failedFIXED_PERIOD_LIMIT_EXCEEDEDErrorA spend limit will be exceeded if the payment is processed
400failedBAD_REQUESTErrorThe input doesn't respect the contract expected (required fields, type, etc.)
400failedEMPTY_AUTHORIZATION_TOKENErrorUnable to retrieve the OpenId token from the request. Please verify your request and, if required, contact the API administrator for assistance.
400failedINVALID_SEARCH_PERIODErrorThe search period is longer than 3 months.
400failedBAD_REQUESTErrorThe server cannot or will not process the request due to an apparent client error. Check messages field for more details.
400failedDECLINEDErrorTransaction declined.
400failedINVALID_REQUESTErrorThe configuration allows only single/dual messaging requests.
400failedCARD_NOT_ACTIVEErrorNo active card found for the username.
400failedINVALID_AMOUNTErrorInsufficient funds or amount too small/big.
400failedINVALID_MERCHANTErrorThe merchant is not valid, please check the given mid.
400failedINVALID_VOUCHERErrorVoucher not valid.
400failedLIMIT_EXCEEDEDErrorThe amount is incorrect according your past orders.
400failedLOCKOUTErrorMax PIN tries exceeded.
400failedPARTIAL_REVERSALS_NOT_ALLOWEDErrorPartial refunds are not allowed.
400failedTEMPORARY_HOLDErrorTransaction temprorary hold.
400failedTRANSACTION_DUPLICATEDErrorA same transaction already exists.
400failedTRANSACTION_STATUS_MUST_BE_AUTHORIZEDErrorInvalid operation, the status of the transaction must be authorized
400failedINVALID_AMOUNTErrorEnsure that the amount you want to cancel matches the authorized amount.
400failedTRANSACTION_NOT_AUTHORISEDErrorTransaction not authorised.
400failedTRANSACTION_STATUS_MUST_BE_CAPTUREDErrorInvalid operation, the status of the transaction must be captured
401failedUNAUTHORIZEDErrorSSL CONNECTION REQUIRED
401failedUNAUTHORIZEDErrorINVALID CREDENTIALS
401failedUNAUTHORIZEDErrorINVALID SSL CERTIFICATE
401failedBAD_CREDENTIALSErrorIncorrect username or password or account is locked-out
401failedINVALID_TOKENErrorInvalid, revoked or expired token. You should try to re-authenticate the user.
401failedUNAUTHORIZEDErrorMissing, invalid or expired token. To fix, you should re-authenticate the user.
401failedUSER_INACTIVEErrorUser Inactive.
401failedINVALID_TOKEN_ISSUERErrorThe token has not been issued (tokenUsername) for the current user (username)
403failedFORBIDDENErrorINVALID IP
403failedFORBIDDENErrorINVALID MAC
403failedINVALID_PASSWORDErrorWrong password
403failedFORBIDDENErrorThe session has expired
403failedFORBIDDENErrorUser not activated
403failedLAST_CARDErrorAfter removing the last registered card, the account should be deleted
403failedFORBIDDENErrorToo many failed Add Card attempts
403failedFORBIDDENErrorToo many card unblock attempts
403failedFORBIDDENErrorToo many Reset Password attempts
403failedFORBIDDENErrorThe request was valid, but the server is refusing action. The user might not have the necessary permissions for this resource.
404failedNOT_FOUNDErrorUser not found
404failedTRANSACTION_NOT_FOUNDErrorNo transaction found for the given transaction_id.
404failedORIGIN_TRANSACTION_ID_NOT_FOUNDErrorThe origin transaction_id is not found.
404failedNOT_FOUNDErrorIf no transaction is linked to the transaction_id given as input.
405failedMETHOD_NOT_ALLOWEDErrorA request was made of a resource using a request method not supported by that resource; for example, using GET on a form which requires data to be presented via POST, or using PUT on a read-only resource.
405failedMETHOD_NOT_ALLOWEDErrorA request was made of a resource using a request method not supported by that resource.
406failedNOT_ACCEPTABLEErrorThe requested resource is only capable of generating content not acceptable according to the Accept headers sent in the request.
409failedCONFLICTErrorThe card is already linked to a beneficiary
412failedPRECONDITION_FAILEDErrorA business precondition has not been; for example, the user has no active cards.
412failedPRECONDITION_FAILEDErrorA business precondition has not been.
415failedUNSUPPORTED_MEDIA_TYPEErrorThe request entity has a media type which the server or resource does not support.
429failedTOO_MANY_REQUESTErrorYour request has been rejected due to rate limitation. Please check your subscribed service level agreement.
500failedINVALID_POST_CODEErrorINVALID POST CODE
500failedCOMPLIANCE_DATA_NOT_ALLOWEDErrorCOMPLIANCE DATA NOT ALLOWED
500failedINTERNAL_ERRORErrorInternal Server Error
500failedCARD_EXPIREDErrorCard expired
500failedINTERNAL_ERRORErrorInvalid Message :Field: [value.amt] must be numeric
500failedINACTIVE_USERErrorInactive user
500failedINTERNAL_ERRORErrorWe had a problem with our server. Please to try again later.
500failedTRANSACTION_MUST_BE_AUTHORIZEDErrorInvalid operation, the status of the transaction must be authorized
501failedNOT_IMPLEMENTEDErrorFor the context of the current business unit, this feature is not supported.
502failedBAD_GATEWAYErrorINVALID ORIGINATING SYSTEM
502failedBAD_GATEWAYErrorERROR
502failedBAD_GATEWAYErrorOups... Something wrong on one of the underlying servers! Please contact the administrator to report the issue.
502failedBAD_GATEWAYErrorThe database is being updated
502failedBAD_GATEWAYErrorToo many active sessions
502failedBAD_GATEWAYErrorEmail not registered
502failedBAD_GATEWAYErrorThe email of the cardholder was changed in the last 24 hours
502failedBAD_GATEWAYErrorWe had a problem with one of our backends that returns a http 500 status. Please to try again later.

Reviews