openapi: 3.0.3 info: title: ConnectUP API Interface Specification description: | # Introduction ConnectUP is a RESTful web API that exposes various payments-related services. This API is documented in **OpenAPI format**. # Authentication ConnectUP utilizes a secure authentication mechanism that combines a bearer token and entityID to verify incoming requests. When requesting new user credentials from ACI, the access-token and its corresponding entityID are included. version: 1.0.5 servers: - url: '{protocol}://{hostname}:{port}/paymentsapi' variables: protocol: enum: - http - https default: http hostname: enum: - localhost - api.aciworldwide.com - api.uat.aciworldwide.com - api.ist.aciworldwide.com default: localhost port: enum: - '443' - '8443' - '80' - '8080' default: '8080' tags: - name: Remote Key Distribution description: >- The RKD service distributes cryptographic material (P2PE encryption keys) to terminals. - name: Tokenization description: The Tokenization service creates a token based on card data and retrieves card data based on a token. - name: APM Decryption description: >- The APM (Alternative Payment Method) Decrypt service is used to decrypt payment tokens generated by alternative payment methods such as Apple Pay and Google Pay. - name: Payments Service description: >- The Payments service performs payments and runs other payment-related operations. - name: Network Management description: This service is used for network management operations. - name: Appendix A- Format Element Descriptions description: >-
Format | Description |
---|---|
A | Alphabetic characters, A through Z, and a through z |
N | Numeric digits, 0 through 9 |
S | Special characters, including the ASCII printable characters (character codes 32-127) and the extended ASCII codes (character codes 128-255) |
AN | Alphabetic and numeric characters |
AS | Alphabetic and special characters |
NS | Numeric and special characters |
ANS | Alphabetic, numeric, and special characters |
YY | Year, 00 through 99 |
MM | Month, 01 through 12 |
DD | Day, 01 through 31 |
Result codes are part of the response body’s JSON (field result) containing a code and a description explaining the code. A result code has the format ddd.ddd.ddd, that is, 3 groups of 3-digit numbers. The codes are split into rough groups by the first number, then into more detailed sub-groups by the second number, then into the exact code by the third number.
Example:Result Code | Result Description | Special Notes |
---|---|---|
000.000.000 | Transaction succeeded | |
000.000.099 | Transaction Succeeded (partial approval) | |
000.100.201 | Account or Bank Details Incorrect | |
000.100.206 | Revocation or Dispute | |
000.100.220 | Fraudulent Transaction | |
000.200.000 | Transaction pending | |
100.100.101 | Invalid credit card, bank account number, or bank name | |
100.100.305 | Invalid expiration date format | |
100.150.200 | Registration does not exist | |
100.150.202 | Registration is already deregistered | |
100.300.501 | Invalid response ID | |
100.300.600 | Invalid or missing user login | |
100.396.101 | Cancelled by user | |
100.396.106 | User did not agree to payment method terms | |
100.550.401 | Invalid currency | |
100.800.501 | Invalid country | |
200.100.501 | Invalid or missing customer | |
200.100.603 | Alternative payment method token (ApplePay/GooglePay) could not be decrypted Cryptographic configuration might be outdated. | |
200.200.106 | Duplicate transaction. Please verify that the UUID is unique. | |
200.300.404 | Invalid or missing parameter | |
300.100.100 | Transaction declined (additional customer authentication required) | |
300.100.190 | Transaction declined (Issuer Requires PIN [SCA]) | |
300.100.191 | Transaction declined (SCA exemption is invalid) | |
300.100.192 | Transaction declined (additional customer authentication required) | |
500.100.401 | Connector is unavailable (no processing possible) | |
600.100.100 | Unexpected Integrator Error (Request could not be processed) | |
600.200.400 | Unsupported Payment Type | |
600.200.500 | Invalid payment data. You are not configured for this currency or sub-type (country or brand). | |
700.100.200 | Non-matching reference amount | |
800.100.100 | Transaction declined for unknown reason | |
800.100.151 | Transaction declined (invalid card) | |
800.100.153 | Transaction declined (invalid CVV) | |
800.100.154 | Transaction declined (transaction marked as invalid) | |
800.100.155 | Transaction declined (amount exceeds credit) | |
800.100.156 | Transaction declined (format error) | |
800.100.157 | Transaction declined (wrong expiry date) | |
800.100.159 | Transaction declined (stolen card) | |
800.100.160 | Transaction declined (card blocked) | |
800.100.161 | Transaction declined (too many invalid tries) | |
800.100.162 | Transaction declined (limit exceeded) | |
800.100.163 | Transaction declined (maximum transaction frequency exceeded) | |
800.100.165 | Transaction declined (card lost) | |
800.100.166 | Transaction declined (incorrect personal identification number) | |
800.100.167 | Transaction declined (referencing transaction does not match) | |
800.100.168 | Transaction declined (restricted card) | |
800.100.170 | Transaction declined (transaction not permitted) | |
800.100.174 | Transaction declined (invalid amount) | |
800.100.178 | Transaction declined (PIN entered incorrectly too many times) | |
800.100.190 | Transaction declined (invalid configuration data) | |
800.100.199 | Transaction declined (routing error) | |
800.100.402 | CC/bank account holder not valid | |
800.900.303 | No token created | |
800.800.800 | The payment system is currently unavailable, please contact support in case this happens again. | |
900.100.300 | Timeout, uncertain result | Send a Reversal to reverse the request |
900.100.400 | Timeout at the connectors/acquirer side | |
900.100.600 | Connector/acquirer currently down | |
999.999.999 | Undefined connector/acquirer error |
HTTP Status Code | Description |
---|---|
200 | OK This is the standard response for a successful request. Check the result.code and result.description response fields for the reason the request succeeded. |
400 | Declined / Bad Request This means that the server cannot process the request. This might either point to invalid field values or processing/connectivity failures. It is also returned if the payment failed, for example, because the acquirer declined the request. Check the result.code and result.description fields for the reason the request failed. |
403 | Auth Error / Forbidden This means that the request contained valid data, but the server is refusing action. This usually means incorrect authentication information was provided. One or more of the authentication parameters are incorrect or not supplied. It is also returned if the user has been disabled on the system. |