Dubius API Documentation

Introduction

This API provides access to the dubius paygate that merchants can use to process and track their payments. This means merchants can create payments, list all their payments and view detailed information of specific payments. To create an account refer to your dubius payment counterpart.

Authorization

This API is secured using OAUTH2 with resource owner credential flow. The login credentials of a merchant are passed to the authorization server alongside with the client credentials of your client application. In case of a successful login an access and a refresh token are returned. Access tokens are required by the API for authorization and expire after 15 minutes. To get a new one you can pass the received refresh token to the authorization server, so the merchant does not need to login again.

To test the API you can use our test account test_merchant:test_password as well as our test client credentials test_client:test_client_secret

RESTful API-Routes

Authorization

Request

API Base URL
Headers Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded
Body * required
Key Value Description
grant_type * password Determines OAuth2-Flow to be used. Must be 'password' in this case.
scope admin merchant Requested scope is set to 'admin merchant'. Will only grant those scopes that were previously assigned to the merchant by an administrator.
username * A merchant's username for authentication.
password * A merchant's password for authentication.
Request Example

Response

200 OK
{
  "access_token": "{access token}",
  "expires_in": 900,
  "token_type": "Bearer",
  "scope": "merchant",
  "refresh_token": "{refresh token}"
}
400 Bad Request
{
  "error": "unsupported_grant_type"
}
401 Unauthorized
{
  "error": "invalid_client"
}
401 Unauthorized
{
  "error": "invalid_grant"
}

Request

API Base URL
Headers Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded
Body * required
Key Value Description
grant_type * refresh_token Determines OAuth2-Flow to be used. Must be 'refresh_token' in this case.
scope admin merchant Requested scope is set to 'admin merchant'. Will only grant those scopes that were previously assigned to the merchant by an administrator.
refresh_token * Refresh token previously received together with access token during initial authentication.
Request Example

Responses

200 OK
{
  "access_token": "{new access token}",
  "expires_in": 900,
  "token_type": "Bearer",
  "scope": "merchant",
  "refresh_token": "{new refresh token}"
}
400 Bad Request
{
  "error": "unsupported_grant_type"
}
400 Bad Request
{
  "error_description": "Missing refresh token parameter.",
  "error": "invalid_request"
}
401 Unauthorized
{
  "error": "invalid_client"
 }
401 Unauthorized
{
 "error": "invalid_grant"
}

Request

API Base URL
Headers Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded
Body * required
Key Value Description
token * Token to revoke
Request Example

Responses

200 OK
{
  "success": "token revoked"
}
400 Bad Request
{
  "error": "token not defined"
}
401 Unauthorized
{
  "error": "invalid_client"
 }

Payments

Request

API Base URL
Headers Authorization: Bearer
Content-Type: application/json
Body * required
Key Value Description
subject *
amount *
currency * Choose from 'EUR' and 'USD'
payment_type * Choose from 'once','weekly','monthly','quarterly','annually',
cc_token * Enter a previously used creditcard's token or enter creditcard information in the according fields
cc_no *
cc_cvv *
cc_exp_mm *
cc_exp_yyyy *
cc_givenname *
cc_surname *
company
givenname
surname
street
street_no
postal_code
city
state
country
email
phone
mobile
Request Example
curl -X POST '{{ api_base }}/payments'\
  -H 'Authorization: Bearer {{ access_token }}'\
  -H "Content-Type: application/json"\
  -d '{
        "{{ key }}":"{{ value }}",
}'\ -i
Status: {{ response_data.post_payment.status }} {{ response_data.post_payment.statusText }}
{{ response_data.post_payment.response }}

Responses

201 OK
{
    "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa"
}
400 Bad Request
{
  "error": "bad request"
}
400 Bad Request
{
  "error": "creditcard number not valid"
}
400 Bad Request
{
  "error": "creditcard expired"
}
401 Unauthorized
{
  "error":"unauthorized"
}

Request

API Base URL
Headers Authorization: Bearer
Request Example

Responses

200 OK
[
    {
        "amount": "123.45",
        "currency": "EUR",
        "payment_status": "open",
        "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa",
        "subject": "socks",
        "date":"2017-12-12T11:55:26.000Z"
    }
]
400 Bad Request
{
  "error": "bad request"
}
401 Unauthorized
{
  "error":"unauthorized"
}

Request

API Base URL
Payment Token
Headers Authorization: Bearer
Request Example

Responses

200 OK
{
    "amount": "123.45",
    "city": Some City,
    "company": "Some Company",
    "country": "Germany",
    "email": "admin@domain.de",
    "givenname": "Max",
    "surname": "Mustermann",
    "mobile": "015987654321",
    "phone": "043211234567",
    "postal_code": "54321",
    "state": "Hessen",
    "street": "Hauptstra├če",
    "street_no": "3a",
    "cc_exp_mm": "04",
    "cc_exp_yyyy": "2020",
    "cc_givenname": "Max",
    "cc_surname": "Mustermann",
    "cc_no": "xxxx xxxx xxxx 1111",
    "currency": "EUR",
    "merchant_id": 2,
    "payment_status": "open",
    "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa",
    "payment_type": "once",
    "subject": "socks",
    "date":"2017-12-12T11:55:26.000Z"
}
400 Bad Request
{
  "error": "bad request"
}
401 Unauthorized
{
  "error":"unauthorized"
}
404 Not Found
{
  "error":"not found"
}

Request

API Base URL
Headers Authorization: Bearer
Request Example
200 OK
[
    {
        "cc_exp_mm": "05",
        "cc_exp_yyyy": "2018",
        "cc_givenname": "Max",
        "cc_surname": "Mustermann",
        "cc_no": "xxxx xxxx xxxx 4242",
        "cc_token": "2b282d92-6132-425e-b7ee-db235ad07270"
    }
]
400 Bad Request
{
  "error": "bad request"
}
401 Unauthorized
{
  "error":"unauthorized"
}

Request

API Base URL
Credit Card Token
Headers Authorization: Bearer
Request Example
200 OK
{
    "cc_exp_mm": "05",
    "cc_exp_yyyy": "2018",
    "cc_givenname": "Max",
    "cc_surname": "Mustermann",
    "cc_no": "xxxx xxxx xxxx 4242",
    "cc_token": "2b282d92-6132-425e-b7ee-db235ad07270"
}
400 Bad Request
{
  "error": "bad request"
}
401 Unauthorized
{
  "error":"unauthorized"
}
404 Not Found
{
  "error":"not found"
}

Others

Request

API Base URL
Filename
Request Example
200 OK
400 Bad Request
{
  "error": "bad request"
}
404 Not Found
{
  "error":"not found"
}