FAQ
Where is my Sandbox?
Your Sandbox environment is a dedicated testing space where you can safely experiment with our API without affecting live data or production environments.
How to Access Your Sandbox:
If you cannot locate your Sandbox, or if you have any trouble accessing it, please refer to our support team for assistance.
Where is my Bearer token?
A Bearer token is a key element in authenticating API requests, allowing secure communication between your application and our API.
How to Obtain Your Bearer Token.
What does base_url mean?
The base_url is a fundamental part of working with APIs. It represents the root URL for all API endpoints that you’ll be interacting with.
Understanding base_url:
Root Address: The base_url serves as the root or main address for the API. All the specific API endpoints you interact with will be appended to this root URL.
For example, if the base_url is https://api.payarc.net/v1, and you want to access the users endpoint, your full request URL would be:
https://api.payarc.net/v1/users
Consistency: The base_url provides a consistent starting point for all your API requests. You don’t need to repeat the root part of the URL for every request—just append the specific endpoint path.
Environment-Specific: Often, the base_url can vary depending on the environment you're working in:
Production Environment: This is the live environment where real data is processed. The base_url might look something like https://api.payarc.net/v1.
Sandbox or Development Environment: For testing purposes, you might have a different base_url, such as https://testapi.payarc.net/v1, which points to a test environment with simulated data.
How to Use base_url:
API Requests: When making an API request, you combine the base_url with the specific endpoint path you want to access. For example:
GET https://api.payarc.net/v1/users
Dynamic Handling: In many API client libraries or frameworks, you set the base_url once, and then simply specify the endpoint paths in your requests. The library automatically combines the base_url with the endpoint paths.
Example:
If you're fetching user data, your request might look like this:
GET https://api.payarc.net/v1/users/12345
Here, https://api.payarc.net/v1 is the base_url, and /users/12345 is the endpoint path.
Test Cards
The table below contains PANs that fit both the respective card ranges. They will not work in Production to produce non-declines. They are ONLY for testing purposes with the TSYS Cert box.
Note the AVS data is in the table below.
| Card Type | Card Brand | Card Number | Exp Date | CVV/CID |
|---|---|---|---|---|
| Visa | V | 4012 0000 9876 5439 | 12/25 | 999 |
| 4012 8818 8881 8888 | 12/25 | 999 | ||
| MasterCard - Unclassified TIC | M | 5146 3150 0000 0055 | 12/25 | 998 |
| MasterCard - Swipe TIC | M | 5146 3122 0000 0035 | 12/25 | 998 |
| MasterCard - Keyed TIC | M | 5146 3126 2000 0053 | 12/25 | 998 |
| MasterCard 2 BIN | M | 2223 0000 4840 0011 | 12/25 | 998 |
| Amex | X | 3714 4963 5392 376 | 12/25 | 9997 |
| Discover | R | 6011 0009 9302 6909 | 12/25 | 996 |
| Discover CUP | R | 6282 0001 2384 2342 | 12/25 | 996 |
| 6221 2611 1111 2650 | 12/25 | 9 | ||
| Diners | R | 3055 1555 1516 0018 | 12/25 | 996 |
| JCB | J | 3530 1420 1994 5859 | 12/25 | 996 |
| Debit | 4012 0000 9876 5439 | |||
| Debit PIN Block | 623F36B53CC18393000000008F000021 |
AVS data
- Address: 8320
- Zip: 85284
Traditional Response Codes
The Traditional response code indicates the status of a transaction. The table below identifies the response code and the description.
| Response Code | Description |
|---|---|
| A0000 | Success |
| A0002 | Partially Approved |
| D0001 | Duplicate Request (Approved previously). |
| D0003 | Duplicate Request (Declined previously). |
| D0004 | Reversal Not Allowed |
| D0008 | Possible Duplicate Request |
| D0050 | Inactive terminal (Backend) |
| D0092 | Re-enter transaction |
| D1006 | Processor Code is incorrect Error |
| D2001 | Refer to Issuer |
| D2002 | Suspected Card |
| D2004 | Invalid Amount |
| D2005 | Invalid Card |
| D2006 | No such issuer |
| D2008 | Incorrect Pin |
| D2009 | Pin attempts exceeded |
| D2010 | Key synchronization failed from the host |
| D2011 | Expired Card |
| D2012 | Insufficient Funds |
| D2013 | Invalid From Account |
| D2015 | Withdrawal Limit exceeded |
| D2020 | CVV2 verification failed |
| D2021 | Issuer or Switch inoperative |
| D2022 | Duplicate transaction |
| D2026 | Do not honor |
| D2028 | Invalid Date |
| D2029 | Invalid Service/Suspected Fraud |
| D2030 | Host Validation Error |
| D2031 | Activity Limit exceeded |
| D2032 | Cannot complete because of Violation |
| D2999 | General Card Auth Decline |
| D9099 | Invalid 3D Secure Code, must be equal to 40 bytes or 80 bytes |
| D9503 | Decryption not Successful |
| D9506 | Certificate To Decrypt Data Not Available |
| D9507 | Invalid certificate. Unable to extract key |
| E0010 | Inactive Device (Terminal) |
| E0016 | Functionality currently not available |
| E0200 | System Error (Tran) |
| E0300 | System Error (UTran) |
| E0350 | System Error (UTranStatus) |
| E0910 | Timeout |
| E0911 | System Error |
| E0912 | Error on Host |
| E6057 | Customer requested stop of specific recurring payment |
| E6058 | Customer requested stop of all recurring payments from specific merchant |
| E7015 | Invalid Transaction Key |
| E7260 | DeTokenization UnSuccessful |
| E9292 | Mandatory Tags are Missing. |
| F9901 | The value of the element is invalid. Ex. The value of element track2Data is not valid. |
| F9908 | Sum of elements of group additionalCharges should not be greater than transactionAmount |
| 000000 | APPROVED OFFLINE / Approved |
| 100 | This response code applies to the following categories of issues: 1. Chip/Card Reading Errors 2. Card Authorization Declines 3. System/Host Issues 4. User and Account Problems 5. Timeout or User Aborted 6. Invalid/Unsupported Configurations 7. Miscellaneous Errors 8. Fraud and Security |
| 0911 | System Error |
| 000002 | PARTIALLY APPROVED |
| 100001 | This response code applies to the following categories of issues: 1. Timeout/Authentication and Validation Errors 2. Host or System Issues 3. Card Authorization Declines 4. Device or Terminal Issues 5. User/Account Problems |
| 100002 | Aborted |
| 100003 | This response code applies to the following categories of issues: 1. Card or Transaction Reading Issues 2. Transaction or Authorization Errors 3. Account or Card Data Issues 4. System or Configuration Problems 5. User Interaction or Process Issues |
| 100005 | UNSUPPORT EDC |
| 100009 | HOST UserName/Password/Mid NOT SET |
| 100010 | COMM ERROR / Network Unavailable |
| 100011 | Success/Approved |
| 100019 | TRACK INVALID |
| 100021 | ALREADY COMPL. |
| 100023 | INCORRECT CVV/CVV2 |
| 100025 | PLEASE SETTLE / |
| 100511 | SERVICE BUSY / |
| 100513 | EULA DISAGREED |
Payfac Response Codes
The Payfac response code indicates the status of a transaction. The table below identifies the response code and the description.
| Response Code | Description |
|---|---|
| DECLINED-005 | Decline associated with DO NOT HONOR |
| DECLINED-051 | Decline associated with INSUFFICIENT FUNDS |
| DECLINED-182 | Decline associated with generic DECLINE |
| DECLINED-XXX | Decline associated with generic DECLINE |
| EXPIRED CARD | Decline associated with EXPIRED CARD |
| RESTRICTED CARD | Decline associated with RESTRICTED CARD |
What is an Idempotency Key and when should I use it?
An Idempotency Key is a unique value used in the Idempotency-Key header to prevent duplicate operations, such as creating the same charge more than once. If a request is retried due to a timeout or error, the same key can be used to ensure the server processes it only once, returning the original result instead of performing the operation again.
Updated 17 days ago