# API Overview

The PayFlexi API provides you access to your resources on the PayFlexi servers over mostly RESTful endpoints. Before you proceed, you may want to get yourself a free PayFlexi merchant account you can test the API against. You would also be able to access your test API credential and keys from your API keys & integrations page.

# HTTP Request Sample

We would provide cURL request samples on each API endpoint reference page, just so you can quickly test each endpoint on your terminal or command line. Need a quick how-to for making cURL requests? This tutorial on cURL can help. Or just use an HTTP client such as Postman, like the rest of us!

# Requests and Responses

Both request body data and response data are formatted as JSON. Content type for responses are always of the type application/json.

You can use the PayFlexi API in test mode, which does not affect your live data or interact with the banking networks. The API key you use to authenticate the request determines whether the request is live mode or test mode.

TIP

While in test mode or just fine-tuning your integrations, please only use a sandbox or test customer belonging to one of your business accounts on PayFlexi, do not use your real customer data. Learn more about testing.

Our responses are of the shape below:

{
    "status": true,
    "message": "A text describing the status of each response - never to be used as checks.",
    "data": "This is either an object or an array - this is the actual body of the response, everything you need would be here.",
}

# Authentication

The PayFlexi API uses API keys to authenticate requests. You can view and manage your API keys on your merchant settings page.

Test mode secret keys have the prefix pf_test_sk_ and live mode secret keys have the prefix pf_live_sk_.

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed via bearer auth passed to us through an Authorization Header

-H "Authorization: Bearer pf_test_sk_J1EJ9dAqtPOMwsluamG9Jyn7qUJXNSqday5nlkQW"

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

# Errors

PayFlexi uses conventional HTTP response codes to indicate the success or failure of an API request. In general: Codes in the 2xx range indicate success. Codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, a charge failed, etc.). Codes in the 5xx range indicate an error with PayFlexi's servers (these are rare but can happen occasionally, be sure to promptly point our attention to it, should you run into one - thanks in advance).