Welcome to Orchestra!

This API will allow you to perform all of the functions, tasks and queries that you require on credit and debit cards. With our API, you can choose whether you prefer to keep the cards stored locally and simply process the raw card details or tokenize and store them in our PCI vault and outsource your PCI compliance.

To get started, simply sign up to our service and set up your first API key . Thats it - you are ready to start using the API. It's that easy.

To make it even easier, our documentation pages include a fully functional API client which allows you to test our APIs directly and see for yourself how they work without writing a single line of code.

API Sections

We tried to arrange the API in logical way in to different sections. The API is made up of the following segments:

Collecting Cards

Custom Forms
Card Operations
CVV Operations
This set of methods allows you to upload, store and manage your custom forms for collecting cards in your website.This set of methods allows you to collect card details from your customers and perform all necessary validation, authentication and processing activities that your workflow requires.This set of methods allows you to collect the CVV (card security code) from your customers and perform a charge on the card.

Authenticating Cards

3DS Merchants
3DS Sessions
This set of methods allows you to create, store and manage the merchant details of your customers in order to use for the purpose of 3D Secure authenticationThis set of methods allows you to perform 3D Secure authentication within your own hosted card capture form.

Processing Cards

Payment Gateway Accounts
Universal Payment Gateway
This set of methods allows you to create, store and manage the credentials to the merchant accounts of your customers with the payment gateways.This set of methods allows you to perform different charge requests to the payment gateway of choice.

Tokenizing Cards

Network Tokens
String Tokens
This set of methods allows you to store and tokenize cards with the card brands (networks) and use their token for further actions on the card.This set of methods allows you to store strings as tokens in our vault and edit and manage them within our secure storage.

Utilities

Tools
Validating API
This set of methods allows you to perform different types of verification and validation of the credit card data provided.The API offers a method to validate an ApiKey. This allows you to both verify that the ApiKey that you have is valid and also check that the Orchestra API is operational.

Lastly, if there are any additional tasks that you need to perform on a credit card and would like us to support them, please do not hesitate to contact us and provide us with details on what you are trying to achieve -> We would be happy to learn your needs and see if we can enhance our system to support them.

API Authentication

For most of the API methods, the authentication is done with your API key (which you create through our portal ). The API key should be submitted within the header parameter X-Api-Key.

However, some methods, particularly in the CardOperations and ThreeDsSessions sections are based on a JWS bearer token which you will create through the API. The documentation of each method will indicate which authentication method should be used.

Context and Format

The base URL for all API requests is https://api.epaytools.com. You would use the same URL whether you are using the live system or testing our sandbox environment.

All request and response bodies are in JSON format. Required fields in the JSON are described as such in the documentation.