Integration Flow
PagFast seeks to simplify and streamline the integration processes. We focus on a quick and secure REST API, with communication performed via HTTPS protocol, assuring a highly performant and secure access to your operation.
The Integration Environments
We strongly suggest integrating into our Sandbox environment, then changing URL and keys configurations to Production. This should be enough to guarantee the full functioning of your integrated system.
Sandbox Test Environment
You must get your company's credentials with PagFast's Technology team. Some important informatoin about the sandbox follows:
- Administrative Panel - Site for managing Sandbox accounts and transactions, where you can generate your API access credentials.
- Sandbox REST API url address: https://api.sandbox.pagfast.com/v1.
- Webhook notification server IP (for whitelisting, if needed): 54.210.130.238 / 184.73.181.219.
- Link for our Postman Collection for Sandbox.
Production Environment
The transactions conducted in the Production environment run on your real PagFast account and the financial transactions will use real money.
PagFast team should provide the production enviroment configurations in private, to help you finish the integration.
We have the Sandbox environment as an initial implementation reference. To integrate PagFast, the following steps must be followed.
Next, you will access a full step-by-step guide to help you achieve the integration.
API Access Key Creation
First, you need to create an API Access key. To do so, follow the steps bellow:
- Access the Administrative Panel and notice that your key will be created for an specific account, seen in the top bar.
- Click on the Integration > Access Key menu.
- Input the access key generation data and click on Generate Keys.
- View and store the Key and Secret information in a secure place, they will be used in the PagFast's authentication API.
The generated API Key will be created on a Pending status, and submitted for PagFast approval. The generated key will be initially inactive for operation. Please contact a PagFast member to approved it and activate it.
Getting an API Token
All API calls are secured through a Bearer access token which uses the JWT (JSON Web Tokens) specification. This technology allows the token to be verified using multiple security criteria such as: expiration, access privileges, integrity check and issuer signature.
The token's default expiration time is 60 minutes, which can be checked by reading
JWT'sexpattribute. In your integration, schedule a new token request before this expiration window closes.
Use your Access Key to get the access token as described in the API Authentication section.
Your technical contact for supports
- E-mail [email protected]
- Skype PagFast Technology
Updated 7 months ago