Server-to-Server network tokens
Last updated: 2026-03-26
This guide explains how to store data, provision a network token with card network involvement, and use the network token authorisation data for payment.
- To better understand network tokens, read the Tokenisation guide.
- To check which acquirers support network tokenisation, contact support.
- To collect card data, you must follow PCI-DSS. To reduce compliance requirements, use COPYandPAY network tokens.
You can use Server-to-Server network tokens in the below ways ways:
- Tokenisation during payment
- Standalone tokenisation
- Switching to network token
- CIT payment with network token
- MIT payment with network token
- One-Time Payment
- Proactive tokenisation
- Use your network token
Tokenisation during payment
The merchant collects card data from the customer and initiates tokenisation along with an account verification (zero-amount authorisation) or initial purchase. The system synchronously provisions and returns a merchant token after the payment completes. The merchant can use this token in subsequent payments.
In the background, the card network provisions a network token, with the issuer approving the token. The payment authorises using real card data or the network token if available and active.
Create the token during payment
To create a token during payment, perform a server-to-server POST request with createRegistration=true and all required payment and customer data, including payment type, amount, and currency. A successful request returns a registrationId, which the merchant should store and use in subsequent payments.
Tokenisation response
The response includes a token transaction history, indicating that the card network has started the network token provisioning process. In the test environment, a simulated 2-second delay keeps the network token provisioning request in progress, allowing the payment to proceed using the original PAN. The system attempts to fetch the network token, but the response indicates that the provisioning request has not completed.
After the network token is available, the response also provides the original PAN BIN. This information appears in the payment response as part of the card.bin parameter. The network token BIN differs from the original PAN BIN. This distinction is crucial for post-authorisation issuer BIN management, ensuring accurate transaction handling.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=15.99" \
-d "currency=EUR" \
-d "createRegistration=true" \
-d "testMode=EXTERNAL" \
-d "card.number=5555558598680549" \
-d "card.holder=John Smith" \
-d "card.expiryMonth=12" \
-d "card.expiryYear=2031" \
-d "card.cvv=123" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=RECURRING" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"**&createRegistration=true**" +
"&testMode=EXTERNAL" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"**&createRegistration=true**" +
"&testMode=EXTERNAL" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=15.99"
+ "¤cy=EUR"
+ "**&createRegistration=true**"
+ "&testMode=EXTERNAL"
+ "&card.number=5555558598680549"
+ "&card.holder=John Smith"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.cvv=123"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path='/v1/payments';
const data = querystring.stringify({
'entityId':'8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand':'MASTER',
'paymentType':'DB',
'amount':'15.99',
'currency':'EUR',
**'createRegistration':'true',**
'testMode':'EXTERNAL',
'card.number':'5555558598680549',
'card.holder':'John Smith',
'card.expiryMonth':'12',
'card.expiryYear':'2031',
'card.cvv':'123',
'customer.email':'[email protected]',
'customer.givenName':'Smith',
'customer.ip':'192.168.0.0',
'customer.surname':'John',
'customer.language':'DE',
'billing.city':'MyCity',
'billing.country':'DE',
'billing.postcode':'712121',
'billing.state':'DE',
'billing.street1':'MyStreet',
'standingInstruction.type':'RECURRING',
'standingInstruction.mode':'INITIAL',
'standingInstruction.source':'CIT',
'threeDSecure.eci':'05',
'threeDSecure.authenticationStatus':'Y',
'threeDSecure.version':'2.2.0',
'threeDSecure.dsTransactionId':'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId':'2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId':'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount':'19.99',
'threeDSecure.currency':'EUR',
'threeDSecure.flow':'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization':'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function(res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=MASTER" .
"&paymentType=DB" .
"&amount=15.99" .
"¤cy=EUR" .
"&createRegistration=true**" .
"&testMode=EXTERNAL" .
"&card.number=5555558598680549" .
"&card.holder=John Smith" .
"&card.expiryMonth=12" .
"&card.expiryYear=2031" .
"&card.cvv=123" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=RECURRING" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/payments"
data = {
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '15.99',
'currency': 'EUR',
'**createRegistration**': 'true',
'testMode': 'EXTERNAL',
'card.number': '5555558598680549',
'card.holder': 'John Smith',
'card.expiryMonth': '12',
'card.expiryYear': '2031',
'card.cvv': '123',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '15.99',
'currency' => 'EUR',
'**createRegistration**' => 'true',
'testMode' => 'EXTERNAL',
'card.number' => '5555558598680549',
'card.holder' => 'John Smith',
'card.expiryMonth' => '12',
'card.expiryYear' => '2031',
'card.cvv' => '123',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'RECURRING',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()import java.net.URL
import javax.net.ssl.HttpsURLConnection
import org.apache.commons.io.IOUtils
def initialPayment(): String = {
val url = "https://sandbox-card.peachpayments.com/v1/payments"
val data = (""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=15.99"
+ "¤cy=EUR"
+ "&createRegistration=true**"
+ "&testMode=EXTERNAL"
+ "&card.number=5555558598680549"
+ "&card.holder=John Smith"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.cvv=123"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge"
)
val conn = new URL(url).openConnection().asInstanceOf[HttpsURLConnection]
conn.setRequestMethod("POST")
conn.setDoInput(true)
conn.setDoOutput(true)
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
val outputStream = conn.getOutputStream
outputStream.write(data.getBytes("UTF-8"))
outputStream.flush()
outputStream.close()
val responseStream =
if (conn.getResponseCode >= 400 && conn.getErrorStream != null)
conn.getErrorStream
else
conn.getInputStream
IOUtils.toString(responseStream, "UTF-8")
}
println(initialPayment())Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"&createRegistration=true**" +
"&testMode=EXTERNAL" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description"){
"id":"8ac7a4a19d29b03d019d29b7f73e1039",
"registrationId":"8ac7a4a19d29b03d019d29b7f341100a",
"paymentType":"DB",
"paymentBrand":"MASTER",
"amount":"15.99",
"currency":"EUR",
"descriptor":"6738.2227.1524 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"cvvResponse":"M",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745214167096466604806",
"AcquirerReconciliationId":"7745214167096466604806",
"ConnectorTxID3":"7745214167096466604806",
"CardVerification.resultCode":"M",
"ConnectorTxID2":"8ac7a4a19d29b03d019d29b7f73e1039",
"retrievalReferenceNumber":"608510498397",
"CardholderInitiatedTransactionID":"0326MCC466159",
"ApprovalCode":"831000",
"TransactionId":"0326MCC466159",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"15.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a4a19d29b03d019d29b7f73e1039",
"NetworkTransactionId":"0326MCC466159"
},
"card":{
"bin":"555555",
"last4Digits":"6108",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true",
"OPP_card.bin":"555555"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:36:56+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_5799f9a68a594532963bc57259cb1ca6",
"standingInstruction":{
"source":"CIT",
"type":"RECURRING",
"mode":"INITIAL",
"initialTransactionId":"0326MCC466159"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a4a19d29b03d019d29b7f3791018",
"clearingInstituteName":"TokenVault",
"paymentType":"TK",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
},
{
"reason":"tokenization",
"transactionId":"8ac7a4a19d29b03d019d29b7f7501041",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"800.100.311",
"description":"Network token transaction declined (network token request in-flight)"
}
}
]
}
}Standalone tokenisation
The merchant collects card data from the customer and initiates tokenisation. This process does not involve a payment request or flow. The system provisions a merchant token and returns it to the merchant. The merchant can then use the token in subsequent payments. In the background, the card network provisions a network token, with the issuer approving the token to activate it for payments.
1. Create the token
To start network token provisioning, perform a server-to-server POST request with the required customer data, excluding paymentType. A successful request returns an ID. The merchant should store and use it in subsequent payments.
Tokenisation response
The response includes a token transaction history, indicating that the card network has started the network token provisioning process. This process involves the issuer and may take time for approval. In the test environment, a simulated 2-second delay mirrors possible production conditions. The system retrieves the network token during the next payment attempt.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/registrations \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "testMode=EXTERNAL" \
-d "paymentBrand=MASTER" \
-d "card.number=5555558598680549" \
-d "card.holder=John Smith" \
-d "card.expiryMonth=12" \
-d "card.expiryYear=2031" \
-d "card.cvv=123" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&testMode=EXTERNAL" +
"&paymentBrand=MASTER" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet";
string url = "https://sandbox-card.peachpayments.com/v1/registrations";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&testMode=EXTERNAL" +
"&paymentBrand=MASTER" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet"
def url = "https://sandbox-card.peachpayments.com/v1/registrations".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&testMode=EXTERNAL"
+ "&paymentBrand=MASTER"
+ "&card.number=5555558598680549"
+ "&card.holder=John Smith"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.cvv=123"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'testMode': 'EXTERNAL',
'paymentBrand': 'MASTER',
'card.number': '5555558598680549',
'card.holder': 'John Smith',
'card.expiryMonth': '12',
'card.expiryYear': '2031',
'card.cvv': '123',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&testMode=EXTERNAL" .
"&paymentBrand=MASTER" .
"&card.number=5555558598680549" .
"&card.holder=John Smith" .
"&card.expiryMonth=12" .
"&card.expiryYear=2031" .
"&card.cvv=123" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations"
data = {
'entityId' : '8ac7a4c98ab5c40a018ab80db0f303f8',
'testMode' : 'EXTERNAL',
'paymentBrand' : 'MASTER',
'card.number' : '5555558598680549',
'card.holder' : 'John Smith',
'card.expiryMonth' : '12',
'card.expiryYear' : '2031',
'card.cvv' : '123',
'customer.email' : '[email protected]',
'customer.givenName' : 'Smith',
'customer.ip' : '192.168.0.0',
'customer.surname' : 'John',
'customer.language' : 'DE',
'billing.city' : 'MyCity',
'billing.country' : 'DE',
'billing.postcode' : '712121',
'billing.state' : 'DE',
'billing.street1' : 'MyStreet'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'testMode' => 'EXTERNAL',
'paymentBrand' => 'MASTER',
'card.number' => '5555558598680549',
'card.holder' => 'John Smith',
'card.expiryMonth' => '12',
'card.expiryYear' => '2031',
'card.cvv' => '123',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations"
val data = (""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&testMode=EXTERNAL"
+ "&paymentBrand=MASTER"
+ "&card.number=5555558598680549"
+ "&card.holder=John Smith"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.cvv=123"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
IOUtils.toString(conn.getErrorStream())
} else {
IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&testMode=EXTERNAL" +
"&paymentBrand=MASTER" +
"&card.number=5555558598680549" +
"&card.holder=John Smith" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.cvv=123" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29b8534b08d4",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"card":{
"bin":"555555",
"last4Digits":"6108",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:37:19+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_442e6d0d02f4496fb3058a8ddda911a6",
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29b8538b08e1",
"clearingInstituteName":"TokenVault",
"paymentType":"TK",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
}
]
}
}2. Send payment using the token
To send a payment using the network token, perform a server-to-server POST request using the merchant token retrieved in the previous step.
Payment response
The response includes a token transaction history, indicating that the system attempted to fetch the network token from the card network. If no network token is active for payments, the system authorises the payment using the real card data.
When fetching the network token, the response also provides the original PAN BIN. This information appears in the payment response as part of the card.bin parameter. The network token BIN differs from the original PAN BIN. This distinction is crucial for post-authorisation issuer BIN management, ensuring accurate transaction handling.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a49f9d29b052019d29b8534b08d4/payments
curl https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=17.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=RECURRING" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()import javax.net.ssl.HttpsURLConnection;
import java.io.*;
import java.net.URL;
import org.apache.commons.io.IOUtils;
private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=17.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{id}/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, (res) => {
const buf = [];
res.on('data', (chunk) => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=MASTER" .
"&paymentType=DB" .
"&amount=17.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=RECURRING" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
data = {
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '17.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'RECURRING',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
res = http.request(req)
JSON.parse(res.body)
end
puts requestimport java.net.{HttpsURLConnection, URL}
import org.apache.commons.io.IOUtils
def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
val data = Seq(
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8",
"paymentBrand=MASTER",
"paymentType=DB",
"amount=17.99",
"currency=EUR",
"testMode=EXTERNAL",
"[email protected]",
"customer.givenName=Smith",
"customer.ip=192.168.0.0",
"customer.surname=John",
"customer.language=DE",
"billing.city=MyCity",
"billing.country=DE",
"billing.postcode=712121",
"billing.state=DE",
"billing.street1=MyStreet",
"standingInstruction.type=RECURRING",
"standingInstruction.mode=INITIAL",
"standingInstruction.source=CIT",
"threeDSecure.eci=05",
"threeDSecure.authenticationStatus=Y",
"threeDSecure.version=2.2.0",
"threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e",
"threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"threeDSecure.amount=19.99",
"threeDSecure.currency=EUR",
"threeDSecure.flow=challenge"
).mkString("&")
val conn = new URL(url).openConnection() match {
case secureConn: HttpsURLConnection =>
secureConn.setRequestMethod("POST")
secureConn
case _ =>
throw new ClassCastException("Connection is not an HttpsURLConnection")
}
conn.setDoInput(true)
conn.setDoOutput(true)
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
IOUtils.write(data, conn.getOutputStream, "UTF-8")
conn.connect()
if (conn.getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream, "UTF-8")
} else {
IOUtils.toString(conn.getInputStream, "UTF-8")
}
}Imports System.Net
Imports System.IO
Imports System.Text
Imports System.Web.Script.Serialization
Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream As Stream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29b92db20bd8",
"registrationId":"8ac7a49f9d29b052019d29b8534b08d4",
"paymentType":"DB",
"paymentBrand":"MASTER",
"amount":"17.99",
"currency":"EUR",
"descriptor":"2455.2721.0020 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745214962316527204806",
"AcquirerReconciliationId":"7745214962316527204806",
"ConnectorTxID3":"7745214962316527204806",
"ConnectorTxID2":"8ac7a49f9d29b052019d29b92db20bd8",
"retrievalReferenceNumber":"608510498554",
"CardholderInitiatedTransactionID":"0326MCC282710",
"ApprovalCode":"831000",
"TransactionId":"0326MCC282710",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"17.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a49f9d29b052019d29b92db20bd8",
"NetworkTransactionId":"0326MCC282710"
},
"card":{
"bin":"555555",
"last4Digits":"6108",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:38:16+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_a66086ad836d4250bfcd66dcdfe4b6e7",
"standingInstruction":{
"source":"CIT",
"type":"RECURRING",
"mode":"INITIAL",
"initialTransactionId":"0326MCC282710"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29b92dc30be0",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
}
]
}
}Switching to network token
A merchant-initiated (MIT) payment uses the existing card-on-file agreement with the customer. The system processes the payment using real card data because the card has not been network tokenised. This payment triggers the provisioning of a network token.
For subsequent payments, the system attempts to fetch a network token from the card network before authorising the payment.
Switch to network token
To switch to a network token, perform a server-to-server POST request using the stored merchant token with all required payment and customer data, including payment type, amount, and currency.
Payment response
The response includes a token transaction history, indicating that the network token provisioning process has started with the card network. While the card network provisions the network token and involves the issuer in the approval process, the payment authorisation continues using real card data.
In the test environment, a simulated 2-second delay keeps the network token provisioning request in flight. The system prepares the network token for subsequent payment authorisations.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a49f9d21da8e019d295ee6632ca1/payments
curl https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=18.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=RECURRING" \
-d "standingInstruction.mode=REPEATED" \
-d "standingInstruction.source=MIT" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=18.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream postData = request.GetRequestStream();
postData.Write(buffer, 0, buffer.Length);
postData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var serializer = new JavaScriptSerializer();
responseData = serializer.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=18.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization",
"Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization",
"Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=18.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=MIT";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{id}/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '18.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'MIT'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, (res) => {
const buf = [];
res.on('data', (chunk) => buf.push(Buffer.from(chunk)));
res.on('end', () => {
try {
resolve(JSON.parse(Buffer.concat(buf).toString('utf8')));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request()
.then(console.log)
.catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
$data = http_build_query([
"entityId" => "8ac7a4c98ab5c40a018ab80db0f303f8",
"paymentBrand" => "MASTER",
"paymentType" => "DB",
"amount" => "18.99",
"currency" => "EUR",
"testMode" => "EXTERNAL",
"customer.email" => "[email protected]",
"customer.givenName" => "Smith",
"customer.ip" => "192.168.0.0",
"customer.surname" => "John",
"customer.language" => "DE",
"billing.city" => "MyCity",
"billing.country" => "DE",
"billing.postcode" => "712121",
"billing.state" => "DE",
"billing.street1" => "MyStreet",
"standingInstruction.type" => "RECURRING",
"standingInstruction.mode" => "REPEATED",
"standingInstruction.source" => "MIT"
]);
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => $url,
CURLOPT_HTTPHEADER => [
"Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="
],
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $data,
CURLOPT_SSL_VERIFYPEER => false, // Set to true in production
CURLOPT_RETURNTRANSFER => true
]);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
$error = curl_error($ch);
curl_close($ch);
return $error;
}
curl_close($ch);
return $responseData;
}
$responseData = request();import json
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
data = {
"entityId": "8ac7a4c98ab5c40a018ab80db0f303f8",
"paymentBrand": "MASTER",
"paymentType": "DB",
"amount": "18.99",
"currency": "EUR",
"testMode": "EXTERNAL",
"customer.email": "[email protected]",
"customer.givenName": "Smith",
"customer.ip": "192.168.0.0",
"customer.surname": "John",
"customer.language": "DE",
"billing.city": "MyCity",
"billing.country": "DE",
"billing.postcode": "712121",
"billing.state": "DE",
"billing.street1": "MyStreet",
"standingInstruction.type": "RECURRING",
"standingInstruction.mode": "REPEATED",
"standingInstruction.source": "MIT"
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode("utf-8"))
request.add_header("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
request.get_method = lambda: "POST"
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return {"error": str(e)}
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path, {
'Authorization' => 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=',
'Content-Type' => 'application/x-www-form-urlencoded'
})
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '18.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'RECURRING',
'standingInstruction.mode' => 'REPEATED',
'standingInstruction.source' => 'MIT'
})
begin
res = http.request(req)
JSON.parse(res.body)
rescue StandardError => e
{ 'error' => e.message }
end
end
puts requestimport java.net.{URL, HttpURLConnection}
import java.io.{BufferedReader, InputStreamReader, OutputStream}
import javax.net.ssl.HttpsURLConnection
import org.apache.commons.io.IOUtils
object PaymentRequest {
def initialPayment: String = {
val url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments")
val data = Seq(
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8",
"paymentBrand=MASTER",
"paymentType=DB",
"amount=18.99",
"currency=EUR",
"testMode=EXTERNAL",
"[email protected]",
"customer.givenName=Smith",
"customer.ip=192.168.0.0",
"customer.surname=John",
"customer.language=DE",
"billing.city=MyCity",
"billing.country=DE",
"billing.postcode=712121",
"billing.state=DE",
"billing.street1=MyStreet",
"standingInstruction.type=RECURRING",
"standingInstruction.mode=REPEATED",
"standingInstruction.source=MIT"
).mkString("&")
val conn = url.openConnection() match {
case httpsConn: HttpsURLConnection => httpsConn
case _ => throw new IllegalArgumentException("Expected HttpsURLConnection")
}
conn.setRequestMethod("POST")
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded")
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.setDoOutput(true)
val outputStream: OutputStream = conn.getOutputStream
IOUtils.write(data, outputStream, "UTF-8")
outputStream.flush()
outputStream.close()
val responseCode = conn.getResponseCode
val inputStream = if (responseCode >= 400) conn.getErrorStream else conn.getInputStream
val response = IOUtils.toString(inputStream, "UTF-8")
inputStream.close()
response
}
def main(args: Array[String]): Unit = {
println(initialPayment)
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
Dim data As String = "" &
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" &
"&paymentBrand=MASTER" &
"&paymentType=DB" &
"&amount=18.99" &
"¤cy=EUR" &
"&testMode=EXTERNAL" &
"&[email protected]" &
"&customer.givenName=Smith" &
"&customer.ip=192.168.0.0" &
"&customer.surname=John" &
"&customer.language=DE" &
"&billing.city=MyCity" &
"&billing.country=DE" &
"&billing.postcode=712121" &
"&billing.state=DE" &
"&billing.street1=MyStreet" &
"&standingInstruction.type=RECURRING" &
"&standingInstruction.mode=REPEATED" &
"&standingInstruction.source=MIT"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29ba1ad60e25",
"paymentType":"DB",
"amount":"18.99",
"currency":"EUR",
"descriptor":"8886.9856.2596 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745215574106767704805",
"AcquirerReconciliationId":"7745215574106767704805",
"ConnectorTxID3":"7745215574106767704805",
"ConnectorTxID2":"8ac7a49f9d29b052019d29ba1ad60e25",
"retrievalReferenceNumber":"608510981369",
"CardholderInitiatedTransactionID":"0326MCC882400",
"ApprovalCode":"831000",
"TransactionId":"0326MCC882400",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"18.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a49f9d29b052019d29ba1ad60e25",
"NetworkTransactionId":"0326MCC882400"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:39:17+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_c960d7493a884523bc3385d37dca79ec",
"standingInstruction":{
"source":"MIT",
"type":"RECURRING",
"mode":"REPEATED",
"initialTransactionId":"0326MCC882400"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29ba1ae70e2c",
"clearingInstituteName":"TokenVault",
"paymentType":"TK",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
},
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29ba1db20e35",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"800.100.311",
"description":"Network token transaction declined (network token request in-flight)"
}
}
]
}
}CIT payment with network token
A customer returns to the merchant's website with a tokenised card. The system provisions the network token and activates it for payment. An unscheduled purchase uses the saved token. The acquirer authorises a cardholder-initiated (CIT) payment with the active network token if supported.
Send payment initiated by the cardholder
To send a payment initiated by the cardholder, perform a server-to-server POST request using the stored merchant token with all required payment and customer data, including payment type, amount, and currency.
Payment response
The response includes a token transaction history, indicating that the system attempted to fetch the network token from the card network. If no active network token exists for payments, the system authorises the payment using the real card data.
When the system fetches the network token, the response provides the original PAN BIN. The payment response includes this information in the card.bin parameter. The network token BIN differs from the original PAN BIN. This distinction plays a crucial role in post-authorisation issuer BIN management, ensuring that you have the necessary details to handle the transaction accurately.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a4a29d21e3c1019d295ee86f0e34/payments
curl https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=16.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=UNSCHEDULED" \
-d "standingInstruction.mode=REPEATED" \
-d "standingInstruction.source=CIT" \
-d "standingInstruction.initialTransactionId=016153570198200" \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=16.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.initialTransactionId=016153570198200" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=16.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.initialTransactionId=016153570198200" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=16.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=CIT"
+ "&standingInstruction.initialTransactionId=016153570198200"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{id}/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '16.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'CIT',
'standingInstruction.initialTransactionId': '016153570198200',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=MASTER" .
"&paymentType=DB" .
"&amount=16.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=UNSCHEDULED" .
"&standingInstruction.mode=REPEATED" .
"&standingInstruction.source=CIT" .
"&standingInstruction.initialTransactionId=016153570198200" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
data = {
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '16.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'CIT',
'standingInstruction.initialTransactionId': '016153570198200',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '16.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'UNSCHEDULED',
'standingInstruction.mode' => 'REPEATED',
'standingInstruction.source' => 'CIT',
'standingInstruction.initialTransactionId' => '016153570198200',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
val data = (""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=16.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=CIT"
+ "&standingInstruction.initialTransactionId=016153570198200"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
} else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=16.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.initialTransactionId=016153570198200" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a4a09d29b6e0019d29baf9050036",
"registrationId":"8ac7a4a29d21e3c1019d295ee86f0e34",
"paymentType":"DB",
"paymentBrand":"MASTER",
"amount":"16.99",
"currency":"EUR",
"descriptor":"8019.9879.2740 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745216146766576804806",
"AcquirerReconciliationId":"7745216146766576804806",
"ConnectorTxID3":"7745216146766576804806",
"ConnectorTxID2":"8ac7a4a09d29b6e0019d29baf9050036",
"retrievalReferenceNumber":"608510981487",
"CardholderInitiatedTransactionID":"0326MCC544813",
"ApprovalCode":"831000",
"TransactionId":"0326MCC544813",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"16.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a4a09d29b6e0019d29baf9050036",
"NetworkTransactionId":"0326MCC544813"
},
"card":{
"bin":"555555",
"last4Digits":"2957",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:40:14+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_4524f9166a054776bf1421fba301790b",
"standingInstruction":{
"source":"CIT",
"type":"UNSCHEDULED",
"mode":"REPEATED",
"initialTransactionId":"0326MCC544813"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a4a09d29b6e0019d29baf994003e",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
}
]
}
}MIT payment with network token
A merchant submits a merchant-initiated (MIT) payment based on the available card-on-file agreement with the customer. The system has already tokenised the card and provisioned the network token, keeping it active for payment. The acquirer authorises the MIT payment with the network token if supported.
Send payment initiated by the merchant
To send a payment initiated by the merchant, perform a server-to-server POST request using the stored merchant token with all required payment and customer data, including payment type, amount, and currency.
Payment response
The response includes a token transaction history, indicating that the system attempted to fetch the network token from the card network. If no active network token exists for payments, the system authorises the payment using the real card data.
When the system fetches the network token, the response provides the original PAN BIN. The payment response includes this information in the card.bin parameter. The network token BIN differs from the original PAN BIN. This distinction plays a crucial role in post-authorisation issuer BIN management, ensuring that you have the necessary details to handle the transaction accurately.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a4a29d21e3c1019d295ee86f0e34/payments
curl https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=17.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=RECURRING" \
-d "standingInstruction.mode=REPEATED" \
-d "standingInstruction.source=MIT" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream postData = request.GetRequestStream();
postData.Write(buffer, 0, buffer.Length);
postData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=17.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=MIT";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{id}/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'MIT'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function(res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=MASTER" .
"&paymentType=DB" .
"&amount=17.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&standingInstruction.type=RECURRING" .
"&standingInstruction.mode=REPEATED" .
"&standingInstruction.source=MIT";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
data = {
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'MIT'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.request_uri)
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '17.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'RECURRING',
'standingInstruction.mode' => 'REPEATED',
'standingInstruction.source' => 'MIT'
})
begin
res = http.request(req)
return JSON.parse(res.body)
rescue StandardError => e
return { 'error' => e.message }
end
end
puts requestdef initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
val data = ("" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
IOUtils.toString(conn.getErrorStream())
} else {
IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=MIT"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a4a29d29b86a019d29bbee6e0517",
"registrationId":"8ac7a4a29d21e3c1019d295ee86f0e34",
"paymentType":"DB",
"paymentBrand":"MASTER",
"amount":"17.99",
"currency":"EUR",
"descriptor":"5226.8986.5764 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745216764716822104805",
"AcquirerReconciliationId":"7745216764716822104805",
"ConnectorTxID3":"7745216764716822104805",
"ConnectorTxID2":"8ac7a4a29d29b86a019d29bbee6e0517",
"retrievalReferenceNumber":"608510498934",
"CardholderInitiatedTransactionID":"0326MCC674329",
"ApprovalCode":"831000",
"TransactionId":"0326MCC674329",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"17.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a4a29d29b86a019d29bbee6e0517",
"NetworkTransactionId":"0326MCC674329"
},
"card":{
"bin":"555555",
"last4Digits":"2957",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:41:16+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_be5dcde3302a4c939c639cb6fdadc6e2",
"standingInstruction":{
"source":"MIT",
"type":"RECURRING",
"mode":"REPEATED",
"initialTransactionId":"0326MCC674329"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a4a29d29b86a019d29bbee8e051e",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
}
]
}
}One-time payment
The merchant collects card data from the customer and initiates the one-time payment. The card network provisions a network token, and the issuer approves the token. The payment uses real card data or the active network token if available.
Send one-time payment
To send a one-time payment, perform a server-to-server POST request with all the required payment and customer data, including payment type, amount, and currency.
Payment response
The response includes a token transaction history, showing an attempt to fetch the network token from the card network. If no network token is active for payments, the payment authorisation proceeds using the real card data.
When your server fetches the network token, the response provides the original PAN BIN in the card.bin parameter. The network token BIN differs from the original PAN BIN, which is crucial for post-authorisation issuer BIN management.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "card.number=4242423695065775" \
-d "card.expiryMonth=12" \
-d "card.expiryYear=2031" \
-d "card.holder=John Smith" \
-d "card.cvv=123" \
-d "paymentBrand=VISA" \
-d "paymentType=DB" \
-d "amount=19.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&card.number=4242423695065775" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.holder=John Smith" +
"&card.cvv=123" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&card.number=4242423695065775" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.holder=John Smith" +
"&card.cvv=123" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&card.number=4242423695065775"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.holder=John Smith"
+ "&card.cvv=123"
+ "&paymentBrand=VISA"
+ "&paymentType=DB"
+ "&amount=19.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path='/v1/payments';
const data = querystring.stringify({
'entityId':'8ac7a4c98ab5c40a018ab80db0f303f8',
'card.number':'4242423695065775',
'card.expiryMonth':'12',
'card.expiryYear':'2031',
'card.holder':'John Smith',
'card.cvv':'123',
'paymentBrand':'VISA',
'paymentType':'DB',
'amount':'19.99',
'currency':'EUR',
'testMode':'EXTERNAL',
'customer.email':'[email protected]',
'customer.givenName':'Smith',
'customer.ip':'192.168.0.0',
'customer.surname':'John',
'customer.language':'DE',
'billing.city':'MyCity',
'billing.country':'DE',
'billing.postcode':'712121',
'billing.state':'DE',
'billing.street1':'MyStreet',
'threeDSecure.eci':'05',
'threeDSecure.authenticationStatus':'Y',
'threeDSecure.version':'2.2.0',
'threeDSecure.dsTransactionId':'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId':'2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId':'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount':'19.99',
'threeDSecure.currency':'EUR',
'threeDSecure.flow':'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization':'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function(res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&card.number=4242423695065775" .
"&card.expiryMonth=12" .
"&card.expiryYear=2031" .
"&card.holder=John Smith" .
"&card.cvv=123" .
"&paymentBrand=VISA" .
"&paymentType=DB" .
"&amount=19.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/payments"
data = {
'entityId' : '8ac7a4c98ab5c40a018ab80db0f303f8',
'card.number' : '4242423695065775',
'card.expiryMonth' : '12',
'card.expiryYear' : '2031',
'card.holder' : 'John Smith',
'card.cvv' : '123',
'paymentBrand' : 'VISA',
'paymentType' : 'DB',
'amount' : '19.99',
'currency' : 'EUR',
'testMode' : 'EXTERNAL',
'customer.email' : '[email protected]',
'customer.givenName' : 'Smith',
'customer.ip' : '192.168.0.0',
'customer.surname' : 'John',
'customer.language' : 'DE',
'billing.city' : 'MyCity',
'billing.country' : 'DE',
'billing.postcode' : '712121',
'billing.state' : 'DE',
'billing.street1' : 'MyStreet',
'threeDSecure.eci' : '05',
'threeDSecure.authenticationStatus' : 'Y',
'threeDSecure.version' : '2.2.0',
'threeDSecure.dsTransactionId' : 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' : '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' : 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' : '19.99',
'threeDSecure.currency' : 'EUR',
'threeDSecure.flow' : 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'card.number' => '4242423695065775',
'card.expiryMonth' => '12',
'card.expiryYear' => '2031',
'card.holder' => 'John Smith',
'card.cvv' => '123',
'paymentBrand' => 'VISA',
'paymentType' => 'DB',
'amount' => '19.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment : String = {
val url = "https://sandbox-card.peachpayments.com/v1/payments"
val data = (""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&card.number=4242423695065775"
+ "&card.expiryMonth=12"
+ "&card.expiryYear=2031"
+ "&card.holder=John Smith"
+ "&card.cvv=123"
+ "&paymentBrand=VISA"
+ "&paymentType=DB"
+ "&amount=19.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
}
else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&card.number=4242423695065775" +
"&card.expiryMonth=12" +
"&card.expiryYear=2031" +
"&card.holder=John Smith" +
"&card.cvv=123" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29bdd9e41641",
"paymentType":"DB",
"paymentBrand":"VISA",
"amount":"19.99",
"currency":"EUR",
"descriptor":"7405.2219.0884 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"cvvResponse":"M",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745218028066658804806",
"AcquirerReconciliationId":"7745218028066658804806",
"ConnectorTxID3":"7745218028066658804806",
"CardVerification.resultCode":"M",
"ConnectorTxID2":"8ac7a49f9d29b052019d29bdd9e41641",
"retrievalReferenceNumber":"608510981897",
"ApprovalCode":"831000",
"TransactionId":"016153570198200",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"19.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a49f9d29b052019d29bdd9e41641",
"NetworkTransactionId":"016153570198200"
},
"card":{
"bin":"424242",
"last4Digits":"2025",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031",
"omniToken":"4242426674872025"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:43:23+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_a8af8d8059774f10a879bd1be03ad15a",
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29bdd9f7164a",
"clearingInstituteName":"TokenVault",
"paymentType":"TK",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
},
{
"reason":"tokenization",
"transactionId":"8ac7a49f9d29b052019d29bddca21651",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"800.100.311",
"description":"Network token transaction declined (network token request in-flight)"
}
}
]
}
}Proactive tokenisation
You proactively trigger network token provisioning for a stored card, without initiating a payment. This is useful when the card is nearing expiry and no payment is expected before expiration — ensuring a network token is available for future continuity (for example, MITs, renewals). The endpoint allows the merchant to refresh the token life cycle independently of transaction flows.
1. Refresh the token
To proactively initiate network token provisioning for a stored card, perform a server-to-server POST request using a merchant token where that stores a card about to expire. This request does not involve a payment.
Tokenisation response
The response indicates whether a network token was successfully requested. If a token already exists, the system returns 100.350.317 Network token already requested. If the feature is not enabled, it returns 100.350.318 Network tokenisation not enabled. When triggered, the network token provisioning process begins with the card network and issuer. The token is available for use in future payments once approved.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a49f9d21da8e019d295eebe82cc4/provisionNetworkToken
curl https://sandbox-card.peachpayments.com/v1/registrations/{registrationId} \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "createOmniToken=true" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&createOmniToken=true";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&createOmniToken=true"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&createOmniToken=true";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{registrationId}';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'createOmniToken': 'true'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&createOmniToken=true";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}"
data = {
'entityId' : '8ac7a4c98ab5c40a018ab80db0f303f8',
'createOmniToken' : 'true'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'createOmniToken' => 'true'
})
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment : String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}"
val data = ("" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&createOmniToken=true"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
}
else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{registrationId}"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&createOmniToken=true"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29bf0aae18c4",
"referencedId":"8ac7a49f9d21da8e019d295eebe82cc4",
"paymentType":"TK",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:44:39+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_6a5eb4cd78a145549107106e565fa3fa"
}2. Send payment using the token
To send a payment using the network token, perform a server-to-server POST request using the merchant token retrieved in the previous step.
Payment response
The response includes a token transaction history, indicating that an attempt was made to fetch the network token from the card network. If no network token is active for payments, the payment authorisation proceeds using the real card data.
When the network token is fetched, the response also provides the original PAN BIN. This information is exposed in the payment response as part of the card.bin parameter. It's important to note that the network token BIN is different from the original PAN BIN. This distinction is crucial for post-authorisation issuer BIN management, ensuring that you have the necessary details to handle the transaction accurately.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a49f9d21da8e019d295eebe82cc4/payments
curl https://sandbox-card.peachpayments.com/v1/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=MASTER" \
-d "paymentType=DB" \
-d "amount=15.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=RECURRING" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=MASTER"
+ "&paymentType=DB"
+ "&amount=15.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=RECURRING"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'MASTER',
'paymentType': 'DB',
'amount': '15.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'RECURRING',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=MASTER" .
"&paymentType=DB" .
"&amount=15.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=RECURRING" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/payments"
data = {
'entityId' : '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' : 'MASTER',
'paymentType' : 'DB',
'amount' : '15.99',
'currency' : 'EUR',
'testMode' : 'EXTERNAL',
'customer.email' : '[email protected]',
'customer.givenName' : 'Smith',
'customer.ip' : '192.168.0.0',
'customer.surname' : 'John',
'customer.language' : 'DE',
'billing.city' : 'MyCity',
'billing.country' : 'DE',
'billing.postcode' : '712121',
'billing.state' : 'DE',
'billing.street1' : 'MyStreet',
'standingInstruction.type' : 'RECURRING',
'standingInstruction.mode' : 'INITIAL',
'standingInstruction.source' : 'CIT',
'threeDSecure.eci' : '05',
'threeDSecure.authenticationStatus' : 'Y',
'threeDSecure.version' : '2.2.0',
'threeDSecure.dsTransactionId' : 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' : '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' : 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' : '19.99',
'threeDSecure.currency' : 'EUR',
'threeDSecure.flow' : 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'MASTER',
'paymentType' => 'DB',
'amount' => '15.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'RECURRING',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment : String = {
val url = "https://sandbox-card.peachpayments.com/v1/payments"
val data = ("" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
}
else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=MASTER" +
"&paymentType=DB" +
"&amount=15.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=RECURRING" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a4a09d29b6e0019d29bfb0bd0aa4",
"registrationId":"8ac7a49f9d21da8e019d295eebe82cc4",
"paymentType":"DB",
"paymentBrand":"MASTER",
"amount":"17.99",
"currency":"EUR",
"descriptor":"8900.4562.2308 NetworkTokenChannel ",
"result":{
"avsResponse":"U",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745219227486805504807",
"AcquirerReconciliationId":"7745219227486805504807",
"ConnectorTxID3":"7745219227486805504807",
"ConnectorTxID2":"8ac7a4a09d29b6e0019d29bfb0bd0aa4",
"retrievalReferenceNumber":"608510499462",
"CardholderInitiatedTransactionID":"0326MCC621621",
"ApprovalCode":"831000",
"TransactionId":"0326MCC621621",
"ExtendedDescription":"Successful approval.",
"authorizedAmount":"17.99",
"avs.code":"1",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a4a09d29b6e0019d29bfb0bd0aa4",
"NetworkTransactionId":"0326MCC621621"
},
"card":{
"bin":"555555",
"last4Digits":"1405",
"holder":"John Smith",
"expiryMonth":"12",
"expiryYear":"2031"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:45:23+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_28de434bbbb6458db8d44bb30e89c040",
"standingInstruction":{
"source":"CIT",
"type":"RECURRING",
"mode":"INITIAL",
"initialTransactionId":"0326MCC621621"
},
"processingDetails":{
"transactions":[
{
"reason":"tokenization",
"transactionId":"8ac7a4a09d29b6e0019d29bfb0ce0aab",
"clearingInstituteName":"TokenVault",
"paymentType":"TF",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
}
}
]
}
}Payment with your network token
A merchant with its own Token Service Provider (TSP) submits payments using existing network token authorisation data. The merchant provides all required network token data, including dynamic cryptographic data when necessary. The acquirer authorises the payment with the network token if supported.
1. Send CIT using your network token
To send a payment using your network token, perform a server-to-server POST request with your available network token and the required payment and customer data, including payment type, amount, and currency.
Using tokenAccount.* data parameters
tokenAccount.* data parametersWhen provisioning network tokens and obtaining cryptograms through your own Token Service Provider (TSP), pass the network token authorisation data points in the request using the tokenAccount.* data parameters. This ensures the request includes all necessary information for network token authorisation.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=VISA" \
-d "paymentType=DB" \
-d "amount=19.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=UNSCHEDULED" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d **"tokenAccount.type=NETWORK"** \
-d **"tokenAccount.number=4149011500000147"** \
-d **"tokenAccount.expiryMonth=12"** \
-d **"tokenAccount.expiryYear=2030"** \
-d **"tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA="** \
-d "threeDSecure.eci=05" \
-d "threeDSecure.authenticationStatus=Y" \
-d "threeDSecure.version=2.2.0" \
-d "threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" \
-d "threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" \
-d "threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" \
-d "threeDSecure.amount=19.99" \
-d "threeDSecure.currency=EUR" \
-d "threeDSecure.flow=challenge" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
**"&tokenAccount.type=NETWORK"** +
**"&tokenAccount.number=4149011500000147"** +
**"&tokenAccount.expiryMonth=12"** +
**"&tokenAccount.expiryYear=2030"** +
**"&tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA="** +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge";
string url = "https://sandbox-card.peachpayments.com/v1/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
**"&tokenAccount.type=NETWORK"** +
**"&tokenAccount.number=4149011500000147"** +
**"&tokenAccount.expiryMonth=12"** +
**"&tokenAccount.expiryYear=2030"** +
**"&tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA="** +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
def url = "https://sandbox-card.peachpayments.com/v1/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=VISA"
+ "&paymentType=DB"
+ "&amount=19.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ **"&tokenAccount.type=NETWORK"**
+ **"&tokenAccount.number=4149011500000147"**
+ **"&tokenAccount.expiryMonth=12"**
+ **"&tokenAccount.expiryYear=2030"**
+ **"&tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA="**
+ "&threeDSecure.eci=05"
+ "&threeDSecure.authenticationStatus=Y"
+ "&threeDSecure.version=2.2.0"
+ "&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e"
+ "&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8"
+ "&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="
+ "&threeDSecure.amount=19.99"
+ "&threeDSecure.currency=EUR"
+ "&threeDSecure.flow=challenge";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'VISA',
'paymentType': 'DB',
'amount': '19.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'**tokenAccount.type**': '**NETWORK**',
'**tokenAccount.number**': '**4149011500000147**',
'**tokenAccount.expiryMonth**': '**12**',
'**tokenAccount.expiryYear**': '**2030**',
'**tokenAccount.cryptogram**': '**AgAAxy4Kg73MuXwAmcixg1QAAAA=**',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=VISA" .
"&paymentType=DB" .
"&amount=19.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=UNSCHEDULED" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"**&tokenAccount.type=NETWORK**" .
"**&tokenAccount.number=4149011500000147**" .
"**&tokenAccount.expiryMonth=12**" .
"**&tokenAccount.expiryYear=2030**" .
"**&tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA=**" .
"&threeDSecure.eci=05" .
"&threeDSecure.authenticationStatus=Y" .
"&threeDSecure.version=2.2.0" .
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" .
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" .
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" .
"&threeDSecure.amount=19.99" .
"&threeDSecure.currency=EUR" .
"&threeDSecure.flow=challenge";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // This should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/payments"
data = {
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'VISA',
'paymentType': 'DB',
'amount': '19.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'**tokenAccount.type**': '**NETWORK**',
'**tokenAccount.number**': '**4149011500000147**',
'**tokenAccount.expiryMonth**': '**12**',
'**tokenAccount.expiryYear**': '**2030**',
'**tokenAccount.cryptogram**': '**AgAAxy4Kg73MuXwAmcixg1QAAAA=**',
'threeDSecure.eci': '05',
'threeDSecure.authenticationStatus': 'Y',
'threeDSecure.version': '2.2.0',
'threeDSecure.dsTransactionId': 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId': '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId': 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount': '19.99',
'threeDSecure.currency': 'EUR',
'threeDSecure.flow': 'challenge'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'VISA',
'paymentType' => 'DB',
'amount' => '19.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'UNSCHEDULED',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'**tokenAccount.type**' => '**NETWORK**',
'**tokenAccount.number**' => '**4149011500000147**',
'**tokenAccount.expiryMonth**' => '**12**',
'**tokenAccount.expiryYear**' => '**2030**',
'**tokenAccount.cryptogram**' => '**AgAAxy4Kg73MuXwAmcixg1QAAAA=**',
'threeDSecure.eci' => '05',
'threeDSecure.authenticationStatus' => 'Y',
'threeDSecure.version' => '2.2.0',
'threeDSecure.dsTransactionId' => 'c75f23af-9454-43f6-ba17-130ed529507e',
'threeDSecure.acsTransactionId' => '2c42c553-176f-4f08-af6c-f9364ecbd0e8',
'threeDSecure.verificationId' => 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=',
'threeDSecure.amount' => '19.99',
'threeDSecure.currency' => 'EUR',
'threeDSecure.flow' => 'challenge'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/payments"
val data = ("" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&tokenAccount.type=NETWORK**" +
"&tokenAccount.number=4149011500000147**" +
"&tokenAccount.expiryMonth=12**" +
"&tokenAccount.expiryYear=2030**" +
"&tokenAccount.cryptogram=AgAAxy4Kg73MuXwAmcixg1QAAAA=**" +
"&threeDSecure.eci=05" +
"&threeDSecure.authenticationStatus=Y" +
"&threeDSecure.version=2.2.0" +
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" +
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" +
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" +
"&threeDSecure.amount=19.99" +
"&threeDSecure.currency=EUR" +
"&threeDSecure.flow=challenge"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
IOUtils.toString(conn.getErrorStream())
} else {
IOUtils.toString(conn.getInputStream())
}
}Imports System
Imports System.IO
Imports System.Net
Imports System.Text
Imports System.Web.Script.Serialization
Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/payments"
Dim data As String = "" &
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" &
"&paymentBrand=VISA" &
"&paymentType=DB" &
"&amount=19.99" &
"¤cy=EUR" &
"&testMode=EXTERNAL" &
"&[email protected]" &
"&customer.givenName=Smith" &
"&customer.ip=192.168.0.0" &
"&customer.surname=John" &
"&customer.language=DE" &
"&billing.city=MyCity" &
"&billing.country=DE" &
"&billing.postcode=712121" &
"&billing.state=DE" &
"&billing.street1=MyStreet" &
"&standingInstruction.type=UNSCHEDULED" &
"&standingInstruction.mode=INITIAL" &
"&standingInstruction.source=CIT" &
"&threeDSecure.eci=05" &
"&threeDSecure.authenticationStatus=Y" &
"&threeDSecure.version=2.2.0" &
"&threeDSecure.dsTransactionId=c75f23af-9454-43f6-ba17-130ed529507e" &
"&threeDSecure.acsTransactionId=2c42c553-176f-4f08-af6c-f9364ecbd0e8" &
"&threeDSecure.verificationId=MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=" &
"&threeDSecure.amount=19.99" &
"&threeDSecure.currency=EUR" &
"&threeDSecure.flow=challenge"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream As Stream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New JavaScriptSerializer()
Return jss.Deserialize(Of Dictionary(Of String, Object))(response)
End Function
Dim responseData As Dictionary(Of String, Object) = Request()
Console.WriteLine(responseData("result")("description")){
"id":"8ac7a4a29d29b86a019d29c0610d0d74",
"paymentType":"DB",
"paymentBrand":"VISA",
"amount":"19.99",
"currency":"EUR",
"descriptor":"4249.7935.9780 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745219672226827204807",
"AcquirerReconciliationId":"7745219672226827204807",
"ConnectorTxID3":"7745219672226827204807",
"ConnectorTxID2":"8ac7a4a29d29b86a019d29c0610d0d74",
"retrievalReferenceNumber":"608510499557",
"CardholderInitiatedTransactionID":"016153570198200",
"ApprovalCode":"831000",
"TransactionId":"016153570198200",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"19.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a4a29d29b86a019d29c0610d0d74",
"NetworkTransactionId":"016153570198200"
},
"tokenAccount":{
"number":"4149011500000147",
"type":"NETWORK",
"expiryMonth":"12",
"expiryYear":"2030"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"threeDSecure":{
"eci":"05",
"verificationId":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=",
"version":"2.2.0",
"dsTransactionId":"c75f23af-9454-43f6-ba17-130ed529507e",
"acsTransactionId":"2c42c553-176f-4f08-af6c-f9364ecbd0e8",
"flow":"challenge",
"authenticationStatus":"Y",
"amount":"19.99",
"currency":"EUR"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:46:07+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_1b9fc412dbfc4c248272c0b44325d25a",
"standingInstruction":{
"source":"CIT",
"type":"RECURRING",
"mode":"INITIAL",
"initialTransactionId":"016153570198200"
}
}2. Send MIT using your network token
To send a merchant initiated (MIT) payment, perform a server-to-server POST request using the network token and the required payment and customer data, including payment type, amount, and currency.
Cryptogram usage for MIT payments
MIT payments generally do not require a cryptogram, as the cardholder is not present. However, there are exceptions based on card network rules and the history of the agreement:
- If the CIT was authorised with a network token and cryptogram, subsequent MITs can be sent without a cryptogram.
- If the CIT was authorized with real PAN, and the network token was provisioned, the first MIT using the network token must include a cryptogram.
- All future MITs in the same agreement can be sent with network token only, without cryptogram.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/payments \
-d "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" \
-d "paymentBrand=VISA" \
-d "paymentType=DB" \
-d "amount=19.99" \
-d "currency=EUR" \
-d "testMode=EXTERNAL" \
-d "[email protected]" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-d "standingInstruction.type=UNSCHEDULED" \
-d "standingInstruction.mode=RECURRING" \
-d "standingInstruction.source=MIT" \
-d "tokenAccount.type=NETWORK" \
-d "tokenAccount.number=4149011500000147" \
-d "tokenAccount.expiryMonth=12" \
-d "tokenAccount.expiryYear=2030" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data="entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=RECURRING" +
"&standingInstruction.source=MIT" +
"&tokenAccount.type=NETWORK" +
"&tokenAccount.number=4149011500000147" +
"&tokenAccount.expiryMonth=12" +
"&tokenAccount.expiryYear=2030";
string url = "https://sandbox-card.peachpayments.com/v1/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=RECURRING" +
"&standingInstruction.source=MIT" +
"&tokenAccount.type=NETWORK" +
"&tokenAccount.number=4149011500000147" +
"&tokenAccount.expiryMonth=12" +
"&tokenAccount.expiryYear=2030"
def url = "https://sandbox-card.peachpayments.com/v1/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization","Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8ac7a4c98ab5c40a018ab80db0f303f8"
+ "&paymentBrand=VISA"
+ "&paymentType=DB"
+ "&amount=19.99"
+ "¤cy=EUR"
+ "&testMode=EXTERNAL"
+ "&[email protected]"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&standingInstruction.mode=RECURRING"
+ "&standingInstruction.source=MIT"
+ "&tokenAccount.type=NETWORK"
+ "&tokenAccount.number=4149011500000147"
+ "&tokenAccount.expiryMonth=12"
+ "&tokenAccount.expiryYear=2030";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) is = conn.getErrorStream();
else is = conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/payments';
const data = querystring.stringify({
'entityId': '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand': 'VISA',
'paymentType': 'DB',
'amount': '19.99',
'currency': 'EUR',
'testMode': 'EXTERNAL',
'customer.email': '[email protected]',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'RECURRING',
'standingInstruction.source': 'MIT',
'tokenAccount.type': 'NETWORK',
'tokenAccount.number': '4149011500000147',
'tokenAccount.expiryMonth': '12',
'tokenAccount.expiryYear': '2030'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/payments";
$data = "entityId=8ac7a4c98ab5c40a018ab80db0f303f8" .
"&paymentBrand=VISA" .
"&paymentType=DB" .
"&amount=19.99" .
"¤cy=EUR" .
"&testMode=EXTERNAL" .
"&[email protected]" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet" .
"&standingInstruction.type=UNSCHEDULED" .
"&standingInstruction.mode=RECURRING" .
"&standingInstruction.source=MIT" .
"&tokenAccount.type=NETWORK" .
"&tokenAccount.number=4149011500000147" .
"&tokenAccount.expiryMonth=12" .
"&tokenAccount.expiryYear=2030";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/payments"
data = {
'entityId' : '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' : 'VISA',
'paymentType' : 'DB',
'amount' : '19.99',
'currency' : 'EUR',
'testMode' : 'EXTERNAL',
'customer.email' : '[email protected]',
'customer.givenName' : 'Smith',
'customer.ip' : '192.168.0.0',
'customer.surname' : 'John',
'customer.language' : 'DE',
'billing.city' : 'MyCity',
'billing.country' : 'DE',
'billing.postcode' : '712121',
'billing.state' : 'DE',
'billing.street1' : 'MyStreet',
'standingInstruction.type' : 'UNSCHEDULED',
'standingInstruction.mode' : 'RECURRING',
'standingInstruction.source' : 'MIT',
'tokenAccount.type' : 'NETWORK',
'tokenAccount.number' : '4149011500000147',
'tokenAccount.expiryMonth' : '12',
'tokenAccount.expiryYear' : '2030'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8ac7a4c98ab5c40a018ab80db0f303f8',
'paymentBrand' => 'VISA',
'paymentType' => 'DB',
'amount' => '19.99',
'currency' => 'EUR',
'testMode' => 'EXTERNAL',
'customer.email' => '[email protected]',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet',
'standingInstruction.type' => 'UNSCHEDULED',
'standingInstruction.mode' => 'RECURRING',
'standingInstruction.source' => 'MIT',
'tokenAccount.type' => 'NETWORK',
'tokenAccount.number' => '4149011500000147',
'tokenAccount.expiryMonth' => '12',
'tokenAccount.expiryYear' => '2030'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment : String = {
val url = "https://sandbox-card.peachpayments.com/v1/payments"
val data = ("" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=RECURRING" +
"&standingInstruction.source=MIT" +
"&tokenAccount.type=NETWORK" +
"&tokenAccount.number=4149011500000147" +
"&tokenAccount.expiryMonth=12" +
"&tokenAccount.expiryYear=2030"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
}
else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/payments"
Dim data As String = "" +
"entityId=8ac7a4c98ab5c40a018ab80db0f303f8" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=19.99" +
"¤cy=EUR" +
"&testMode=EXTERNAL" +
"&[email protected]" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=RECURRING" +
"&standingInstruction.source=MIT" +
"&tokenAccount.type=NETWORK" +
"&tokenAccount.number=4149011500000147" +
"&tokenAccount.expiryMonth=12" +
"&tokenAccount.expiryYear=2030"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a49f9d29b052019d29c0fec71ba8",
"paymentType":"DB",
"paymentBrand":"VISA",
"amount":"19.99",
"currency":"EUR",
"descriptor":"5778.5030.4548 NetworkTokenChannel ",
"result":{
"avsResponse":"F",
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"resultDetails":{
"Status":"AUTHORIZED",
"ResponseCode":"00",
"ConnectorTxID1":"7745220075786978104805",
"AcquirerReconciliationId":"7745220075786978104805",
"ConnectorTxID3":"7745220075786978104805",
"ConnectorTxID2":"8ac7a49f9d29b052019d29c0fec71ba8",
"retrievalReferenceNumber":"608510499629",
"CardholderInitiatedTransactionID":"016153570198200",
"ApprovalCode":"831000",
"TransactionId":"016153570198200",
"ExtendedDescription":"Successful approval.",
"avs.codeRaw":"Y",
"authorizedAmount":"19.99",
"avs.code":"Y",
"AcquirerResponse":"AUTHORIZED",
"reconciliationId":"8ac7a49f9d29b052019d29c0fec71ba8",
"NetworkTransactionId":"016153570198200"
},
"tokenAccount":{
"number":"4149011500000147",
"type":"NETWORK",
"expiryMonth":"12",
"expiryYear":"2030"
},
"customer":{
"givenName":"Smith",
"surname":"John",
"email":"[email protected]",
"ip":"192.168.0.0",
"language":"DE"
},
"billing":{
"street1":"MyStreet",
"city":"MyCity",
"state":"DE",
"postcode":"712121",
"country":"DE"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-26 10:46:47+0000",
"ndc":"8ac7a4c98ab5c40a018ab80db0f303f8_f67c96cc84b948ad8f31b1f3d2389adc",
"standingInstruction":{
"source":"MIT",
"type":"RECURRING",
"mode":"REPEATED",
"initialTransactionId":"016153570198200"
}
}Updated about 7 hours ago