API Features

Transactive's API has several features that make it easy to integrate with.

ReSTful

Transactive's API conforms to ReST principles, making it simple and predictable. Its functionality centres around its key entities and the operations they support, and it responds synchronously to requests with a standard set of HTTP responses.

Event-Driven

Much of the payment-related communication with Transactive is asynchronous in nature: payment events happen in Transactive and Transactive issues notifications via webhooks.

Webhooks

A webhook is a URL endpoint in your own system. You should specify webhooks for every Transactive event for which you have your own processing requirements.

See webhooks for the complete list of events you can choose to handle.

See Reference for the complete list of endpoints.

Not all Transactive entities/endpoint support all actions. For example, payments can be created via a POST, but not updated directly via PUT.

Secure

Transactive's API is only accessible over HTTPS, using TLS 1.2 and select secure ciphers. Transactive's domain is additionally configured with HSTS and is included on preload lists, where available.

Authentication

API calls are authenticated using cryptographically random credentials issued in the form of API keys.

Authorization

API calls are checked to ensure that calling contacts and applications have the appropriate authority, and contacts and applications are assigned one or more authorities that cumulatively determine what operations they are allowed to perform.

  • Reporting - can view payments
  • Payments - can make payments
  • Admin - can perform admin tasks such as creating new contacts

Safe

Transactive has several features to help ensure only valid payments are processed.

Duplicate Detection

Transactive will never process payments twice, even if it receives them.

Every payment request must include a unique reference number, in support of duplicate detection.

Account Whitelisting

Transactive can determine on an account-by-account basis which accounts may be sent payments.

Financial Limits

At both the contract and individual contact level, daily and one-time limits for outbound payments can be specified, while at the contract level there is a cumulative account limit.

High Fidelity Testing

During your development and integration efforts, you will work with a test system that has perfect fidelity to the live environment.

If something works in test, it will work in production.