Introduction
The Trust My Travel Payment Modal allows you to process 3DS transactions in multiple currencies with no API use required. It is PCI Level 1 compliant with all sensitive credit card data tokenised by a PCI approved third party vendor.
You have the option of completing the transaction process in the app using a purchase transaction, or retaining control of the transfer of funds by using the app to authorize the customer's card and following this up with a capture request to our API.
- Latest version: 3.6.1
- View Demo
Quickstart
To test the modal implementation in a sandbox environment, you will need to include the following script on your checkout page. This script must always be loaded from tmtprotects.com
<script src="https://payment.tmtprotects.com/tmt-payment-modal.3.6.1.js"></script>
Authentication String
If you don't want to use the TmtAuthstring class you can write your own authentication string generation method based on the example below
// Get current time in GMT.
$time_now = new DateTime('now', new DateTimeZone('GMT'));
// Create timestamp in 'YmdHis' format. E.g. 20190812055213
$timestamp = $time_now->format('YmdHis');
// Concatenate the values for channels, currencies, total and your timestamp in that order.
$booking_vars = [
'channels' => 2,
'currencies' => 'USD',
'total' => 9999,
'timestamp' => $timestamp,
];
$string = implode('&', $booking_vars);
// SHA256 the string.
$auth_string = hash( 'sha256', $string );
// Fetch your channel secret and concatenate to string.
$secret = 'MYCHANNELSECRET123';
$salted_auth_string = hash( 'sha256', $auth_string . $secret );
// Concatenate with timestamp.
$final_auth_string = $salted_auth_string . $timestamp;
// Coming soon
// Coming soon
// Get current time in GMT.
const date = new Date();
const utcDate = new Date(date.getUTCFullYear(), date.getUTCMonth(), date.getUTCDate(), date.getUTCHours(), date.getUTCMinutes(), date.getUTCSeconds());
// Create timestamp in 'YYYYMMDDHHmmss' format. E.g. 20190812055213
const timestamp = format(utcDate, 'YYYYMMDDHHmmss')
// Concatenate the values for channels, currencies, total and your timestamp in that order.
const bookingVars = {
channels: 2,
currencies: 'USD',
total: 9999,
timestamp: timestamp
}
let string = []
for (const key in bookingVars) {
string.push(bookingVars[key])
}
string = string.join('&')
// SHA256 the string.
const encode = crypto.createHash('sha256').update(string).digest('hex')
// Fetch your channel secret and concatenate to string.
const { CHANNEL_SECRET } = 'MYCHANNELSECRET123'
const authString = crypto.createHash('sha256').update(
Buffer.concat([
new Buffer(encode),
new Buffer(CHANNEL_SECRET)
])
).digest('hex')
// Concatenate with timestamp.
const appAuthString = authString + timestamp;
Make sure to replace
MYCHANNELSECRET123with the channel secret of the channel you are transacting in.
In order for the Payment Modal to authenticate itself, it passes an authorisation string to the API.
To generate this, you will need:
- A Trust Protects account
- A channel on your Trust Protects account that is ready for processing
- A secret key for that channel.
- The base currency of the channel
- Your Trust Protects site path
These values are used to create a hashed and salted authentication string.
TMT provide a helper class for PHP users via the TmtAuthstring\Create class on the TMT Github Page.
In order to validate the string you generate, you can input your Channel Secret, Channel ID, Currency and Total values into the Auth Test page and ensure that the value you have generated is a correct match.
To further extend integrity of data by including additional fields in the auth string, please refer to the Extended Authorisation String section
Once you are confident that you are successfully generating valid authentication strings, you will need to decide on whether you wish to initialise the modal by passing in an object of required data, or if you would like the modal to injest required data from a HTML form.
Object Configuration
<script src="https://payment.tmtprotects.com/tmt-payment-modal.3.6.1.js"></script>
<script>
window.tmtPaymentModalReady = function () {
const button = document.getElementById("trigger-modal")
button.addEventListener("click", function () {
const tmtPaymentModal = new window.tmtPaymentModalSdk({
path: "SITE_PATH",
environment: "test",
data: {
// Authentication
booking_auth: "AUTHENTICATION_STRING",
// Booking Data
booking_id: "0",
channels: "10100",
country: "GB,FR",
date: "2030-05-12",
currencies: "GBP",
total: "5000",
// Lead Traveller
firstname: "John",
surname: "Smith",
email: "john.smith@example.org",
// Payment details
payee_name: "Jane Smith",
payee_email: "jane.smith@example.org",
payee_address: "123 test address",
payee_city: "Test city",
payee_postcode: "0000",
payee_country: "GB",
// Optional
reference: "FOO123",
description: "Holiday for two in London and Paris",
"pax": 2
}
})
})
}
</script>
Make sure to replace
SITE_PATHwith your site path, andAUTHENTICATION_STRINGwith the authentication string generated as instructed in the previous section.
Once you have generated a valid authentication string, it can be used along with the required values below to configure the modal for use.
In addition, the environment option must be set to test
| Key | Description |
|---|---|
booking_auth |
The hashed and salted authorisation string for the transaction |
booking_id |
Set this to 0 to create a new booking, or an existing booking ID if you preloaded a booking |
channels |
Set this to the ID of the channel you wish to use for the transaction |
country^ |
The ISO 3166-1 alpha-2 value of the country the booking takes place in. If the booking takes place in multiple countries, pass in a comma separated string as per the example |
date^ |
The end date of travel in YYYY-MM-DD format |
currencies |
The ISO 4217 value for the currency the travel item is being sold in (must match the currency of the channel in use) |
total |
The total being billed in the currency of the channel in use as a cent value (e.g. $10.00 = 1000) |
firstname^ |
The firstname of the lead traveller |
surname^ |
The surname of the lead traveller |
email^ |
The email address of the lead traveller |
payee_name |
The name of the person making payment as it appears on their credit/debit card |
payee_email |
The email of the person making payment |
payee_address |
The address of the person making payment |
payee_city |
The city of the person making payment |
payee_postcode |
The postcode/zip of the person making payment |
payee_country |
The ISO 3166-1 alpha-2 value of the country of the person making payment |
reference^^ |
Your own reference |
description^^ |
A description of the product being sold |
pax^^ |
The amount of people the product is for |
allocations^^ |
Allocations to other channels |
charge_channel^^ |
The channel to apply charges to if an allocation is used |
- ^Booking data is not required if
booking_idis set to the ID of an existing booking - ^^Optional field
Allocations
Example: £10.00 of a total of $220.00 is being allocated to a channel with the ID: 23. TMT's charges for the transaction will be deducted from this channel and not the master channel
{
booking_id: '0',
channels: 2,
currencies: 'USD',
total: '22000',
...
allocations: [{
channels: 23,
currencies: 'GBP',
operator: 'flat',
total: 1000
}],
charge_channel: 23
}
Example 5% of a total of $220.00 is being allocated to a channel with the ID: 23. TMT's charges for the transaction will be deducted from this channel and not the master channel
{
booking_id: '0',
channels: 2,
currencies: 'USD',
total: '22000',
...
allocations: [{
channels: 23,
currencies: 'GBP',
operator: 'percent',
total: 5
}],
charge_channel: 23
}
Example: £10.00 of a total of $220.00 is being allocated to a channel with the ID: 23. TMT's charges for the transaction will be deducted from the master channel with id = 2. There is no need to indicate this via the request as TMT payments are deducted from the master channel by default.
{
booking_id: '0',
channels: 2,
currencies: 'USD',
total: '22000',
...
allocations: [{
channels: 23,
currencies: 'GBP',
operator: 'flat',
total: 1000
}]
}
The Data Object implementation also allows for allocating funds to alternative channels. These allocations can be flat amounts or percentages of the transaction total. You can also nominate which channel incurs our charges.
Allocation Object Fields
| Key | Type | Description |
|---|---|---|
| channels | integer | The ID of the allocation channel |
| currencies | string | The currency of the allocation channel |
| total | integer | The total in cents or as a percentage to be allocated |
| operator | string | Either "flat" or "percent" |
Additional Request Fields
| Key | Type | Description |
|---|---|---|
| charge_channel | integer | The ID of the channel to deduct TMT's charges from. If not included, this will default to the main transaction channel |
Notes
- Allocations are only permitted via the Data Object implementation
- Allocation data can be protected from tampering via the verify option
- If you are using the verify option, ensure you order allocation objects the same in the verification as the instantiation
- The channel that incurs TMT's charges must be left with sufficient funds to cover the cost of the charges.
- The total of all allocations + TMT's charges must not be greater than the transaction total.
- Allocations are only permitted from:
- test channel to test channel
- live channel to live channel
- live channel to affiliate channel
- If you are setting the transactionType option to "authorize", you cannot include allocations.
Form Configuration
<form id="tmt-payment-form">
<!-- Authentication -->
<input type="hidden" class="tmt_booking_auth" value="AUTHENTICATION_STRING">
<!-- Booking Data -->
<input type="hidden" class="tmt_booking_id" value="0">
<input type="hidden" class="tmt_channels" value="10100">
<label for="country"label>Country Travelling Too</label>
<input name="country" class="tmt_country" value="FR">
<label for="date"label>Date of Completion</label>
<input name="date" class="tmt_date" value="2030-05-12">
<label for="currencies"label>Booking Currency</label>
<input name="currencies" class="tmt_currencies" value="GBP">
<label for="total"label>Booking Total</label>
<input name="total" class="tmt_total" value="5000">
<!-- Lead Traveller -->
<label for="firstname"label>Lead Traveller Name</label>
<input name="firstname" class="tmt_firstname" value="John">
<label for="surname"label>Lead Traveller Surame</label>
<input name="surname" class="tmt_surname" value="Smith">
<label for="email"label>Lead Traveller Email</label>
<input name="email" class="tmt_email" value="john.smith@example.org">
<!-- Payment Details -->
<label for="payee_name"label>Cardholder Name</label>
<input name="payee_name" class="tmt_payee_name" value="Jane Smith">
<label for="email">Cardholder Email</label>
<input type="email" name="email_address" class="tmt_payee_email" value="jane.smith@example.org">
<label for="address">Cardholder Address</label>
<input name="address" type="text" class="tmt_payee_address" value="123 test address">
<label for="city">Cardholder City</label>
<input name="city" type="text" class="tmt_payee_city" value="Test city">
<label for="zip">Cardholder Postcode</label>
<input name="zip" type="text" class="tmt_payee_postcode" value="0000">
<label for="country">Cardholder Country</label>
<select name="country" class="tmt_payee_country">
<option value="US">United States of America</option>
<option value="GB" selected>United Kingdom</option>
<option value="AU">Australia</option>
</select>
<!-- Payment Details -->
<input type="hidden" name="reference" class="tmt_reference" value="FOO123">
<input type="hidden" name="description" class="tmt_description" value="Holiday for two in Paris">
<input type="hidden" name="pax" class="tmt_pax" value="2">
<input type="submit" value="Pay" name="pay">
</form>
<script src="https://payment.tmtprotects.com/tmt-payment-modal.3.6.1.js"></script>
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: "SITE_PATH",
formId: "tmt-payment-form",
environment: "test"
})
}
</script>
Make sure to replace
SITE_PATHwith your site path, andAUTHENTICATION_STRINGwith the authentication string generated as instructed in the previous section.
Once you have generated a valid authentication string, it can be used along with the required values below to configure the modal for use.
In addition, the environment option must be set to test
| Class | Description |
|---|---|
tmt_booking_auth |
The hashed and salted authorisation string for the transaction |
tmt_booking_id |
Set this to 0 to create a new booking, or an existing booking ID if you preloaded a booking |
tmt_channels |
Set this to the ID of the channel you wish to use for the transaction |
tmt_country |
The ISO 3166-1 alpha-2 value of the country the booking takes place in |
tmt_date |
The end date of travel in YYYY-MM-DD format |
tmt_currencies |
The ISO 4217 value for the currency the travel item is being sold in (must match the currency of the channel in use) |
tmt_total |
The total being billed in the currency of the channel in use as a cent value (e.g. $10.00 = 1000) |
tmt_firstname |
The firstname of the lead traveller |
tmt_surname |
The surname of the lead traveller |
tmt_email |
The email address of the lead traveller |
tmt_payee_name |
The name of the person making payment as it appears on their credit/debit card |
tmt_payee_email |
The email of the person making payment |
tmt_payee_address |
The address of the person making payment |
tmt_payee_city |
The city of the person making payment |
tmt_payee_postcode |
The postcode/zip of the person making payment |
tmt_payee_country |
The ISO 3166-1 alpha-2 value of the country of the person making payment |
| tmt_reference | Your own reference |
| tmt_description | A description of the product being sold |
| tmt_pax | The amount of people the product is for |
^Booking data is not required if booking_id is set to the ID of an existing booking
Callbacks
Now that you have your modal configured and ready for use, you need to listen on the relevant callback for details on the transaction process.
In order to allow you to capture relevant API data as the modal process occurs, we provide the following callbacks:
token_error
tmtPaymentModal.on("token_error", function(data) {
// Token has expired, reload page to generate new authstring.
})
| When? | Intended Use |
|---|---|
| Modal fails to authenticate | Trigger code to generate a new authentication string as old one has expired |
booking_logged
tmtPaymentModal.on("booking_logged", function(data) {
// Booking has been created. Log ID as failover.
const bookingId = data.id;
})
| When | Intended use |
|---|---|
| Booking successfully created when modal is triggered | Log booking ID as a failover. If the transaction_logged callback isn't triggered, the booking can be looked up to establish if it has a status of paid |
booking_exists
tmtPaymentModal.on("booking_exists", function (data) {
// Preloaded booking has been validated.
})
| When | Intended use |
|---|---|
| Modal triggered with valid booking ID passed in | Debugging |
booking_error
tmtPaymentModal.on("booking_error", function (data) {
// Booking data is invalid
const error = data.message
})
| When | Intended use |
|---|---|
| Modal attempts to create a booking but fails | Obtaining further detail on why booking data is incorrect |
transaction_result_available
tmtPaymentModal.on("transaction_result_available", function (data) {
// 3DS transaction. Customer has completed 3DS auth.
const id = data.id
tmtPaymentModal.closeModal();
// redirect and poll API for outcome of 3DS.
})
| When | Intended use |
|---|---|
| Async transaction is complete but result is not yet known | Redirecting customer to a result page, while polling the TMT API for the outcome of the transaction |
transaction_logged
tmtPaymentModal.on("transaction_logged", function (data) {
// Transaction complete and successful.
const id = data.id
const hash = data.hash
tmtPaymentModal.closeModal();
// redirect to success page and validate hash
})
| When | Intended use |
|---|---|
| Transaction successful | Logging the ID of the transaction. Obtaining the transaction hash. Completing the transaction process |
transaction_failed
tmtPaymentModal.on("transaction_failed", function (data) {
// Transaction rejected by the bank.
const id = data.id
const hash = data.hash
tmtPaymentModal.closeModal();
// redirect and validate hash
})
| When | Intended use |
|---|---|
| Transaction unsuccessful | Logging the ID of the transaction. Obtaining the transaction hash. Completing the transaction process or giving the customer the option to try again |
transaction_timeout
tmtPaymentModal.on("transaction_timeout", function (data) {
// Transaction result unknown due to timeout
const bookingId = data.booking_id
// Lookup booking and check status
})
| When | Intended use |
|---|---|
| Payment gateway or API timed out | Log booking ID. Lookup booking to establish if has a status of paid |
transaction_error
tmtPaymentModal.on("transaction_error", function (data) {
// Transaction data is invalid
const error = data.message
})
| When | Intended use |
|---|---|
| Something went wrong in the transaction process | Obtaining further detail on why transaction data is incorrect |
close_window_attempted
tmtPaymentModal.on("close_window_attempted", function (data) {
alert('Please do not do that')
})
| When | Intended use |
|---|---|
| User clicks to close modal | Warning user against closing modal if transaction is in progress |
modal_closed
tmtPaymentModal.on("modal_closed", function (data) {
// Modal has been closed. Flag transaction as incomplete.
})
| When | Intended use |
|---|---|
| User closed modal | Cancel booking |
Transaction Validation
If you don't want to use the TmtAuthstring class you can write your own verification method based on the example below:
$values = [
'id' => $id,
'status' => $status,
'total' => $total
];
$varString = implode('&', $values);
$authString = hash('sha256', $varString);
$validHash = hash('sha256', $authString . $channel_secret);
if (hash_equals($hash, $validHash)) {
// Valid hash.
};
// Coming soon
// Coming soon
const values = {
id, status, total
}
let string = []
for (const key in values) {
string.push(values[key])
}
string = string.join('&')
// SHA256 the string.
const encode = crypto.createHash('sha256').update(string).digest('hex')
// Fetch your channel secret and concatenate to string.
const { CHANNEL_SECRET } = 'MYCHANNELSECRET123'
const validHash = crypto.createHash('sha256').update(
Buffer.concat([
new Buffer(encode),
new Buffer(CHANNEL_SECRET)
])
).digest('hex')
if (hash.equals(validHash))) {
// Valid hash.
};
Once the transaction process is complete, the transaction_logged or transaction_failed callbacks would have been called with the transaction response passed to them. Should you wish to validate a response, you will need to obtain the values for id, status and total as well as the channel secret for the channel you are using.
From there, you can use the TmtAuthstring\Validate class on the TMT Github Page following the example shown.
Extended Use
Existing Booking Payments
Bookings can be created in advance of prompting the user for payment. This allows you to create a booking and charge a user a deposit or balance amount rather than the full amount of the booking.
To achieve this, you will need to:
You would then use the ID of the booking as the value of the input with class tmt_booking_id if you are using the form configuration or pass it in via the booking_id field if you are using the object configuration.
Extended Authorisation String
If you don't want to use the TmtAuthstring class you can write your own authentication string generation method based on the example below
// Get current time in GMT.
$time_now = new DateTime('now', new DateTimeZone('GMT'));
// Create timestamp in 'YmdHis' format. E.g. 20190812055213
$timestamp = $time_now->format('YmdHis');
// Concatenate your values in alphabetical key order.
$booking_vars = [
'allocations' => json_encode([
[
'channels' => 23,
'currencies' => 'GBP',
'operator' => 'flat',
'total' => 1000,
],
]),
'channels' => 2,
'charge_channel' => 23,
'country' => 'GB',
'currencies' => 'USD',
'date' => '2025-01-01',
'email' => 'john.smith@example.org',
'firstname' => 'John',
'reference' => 'SOMEREFERENCE',
'surname' => 'Smith',
'total' => 9999,
];
$string = implode('&', $booking_vars);
// SHA256 the string.
$auth_string = hash( 'sha256', $string );
// Fetch your channel secret and concatenate to string.
$secret = 'MYCHANNELSECRET123';
$salted_auth_string = hash( 'sha256', $auth_string . $secret );
// Concatenate with timestamp.
$final_auth_string = $salted_auth_string . $timestamp;
// Coming soon
// Coming soon
// Get current time in GMT.
const date = new Date();
const utcDate = new Date(date.getUTCFullYear(), date.getUTCMonth(), date.getUTCDate(), date.getUTCHours(), date.getUTCMinutes(), date.getUTCSeconds());
// Create timestamp in 'YYYYMMDDHHmmss' format. E.g. 20190812055213
const timestamp = format(utcDate, 'YYYYMMDDHHmmss')
// Concatenate the values for channels, currencies, total and your timestamp in that order.
const bookingVars = {
allocations: [
{
channels: 23,
currencies: 'GBP',
operator: 'flat',
total: 1000,
}
]
channels: 2,
country: 'GB',
charge_channel: 23,
currencies: 'USD',
date: '2025-01-01',
email: 'john.smith@example.org',
firstname: 'John',
reference: 'SOMEREFERENCE',
surname: 'Smith',
total: 9999,
timestamp: timestamp
}
let string = []
for (const key in bookingVars) {
string.push(bookingVars[key])
}
string = string.join('&')
// SHA256 the string.
const encode = crypto.createHash('sha256').update(string).digest('hex')
// Fetch your channel secret and concatenate to string.
const { CHANNEL_SECRET } = 'MYCHANNELSECRET123'
const authString = crypto.createHash('sha256').update(
Buffer.concat([
new Buffer(encode),
new Buffer(CHANNEL_SECRET)
])
).digest('hex')
// Concatenate with timestamp.
const appAuthString = authString + timestamp;
Make sure to replace
MYCHANNELSECRET123with the channel secret of the channel you are transacting in.
If there are other items included in the transaction that you wish to insure against tampering, these values can also be included in the authstring.
The following fields can be included in any implementation:
countrydateemailfirstnamereferencesurname
You can also include the following in the object configuration if you are using allocations
allocationscharge_channel
IMPORTANT
- If you include additional values in the authstring, you must declare them via the verify option.
- Values must be concatenated in alphabetical order of the field they relate to with the timestamp appended afterwards
- If you are including allocations in your authstring, the order of the fields in the allocation objects must match the order of the fields passed to the init method.
- Arrays must be json encoded
Going Live
- Remove the
envirnomentoption or set to tolive - Ensure that the channel you are using is in
livemode
Options
path
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: 'test-site',
...
})
}
</script>
- The path of your Trust Protects site with no preceeding or trailing slashes.
- Mandatory
formId
<form id="myPaymentForm" action="complete.php" method="post">
// Form inputs etc...
</form>
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: 'myPaymentForm',
...
})
}
</script>
- The ID of the form containing the required booking and transaction data
- Mandatory for the Form Configuration.
data
<button id="trigger-modal" class='btn btn-primary'>Pay Now</button>
<script>
window.tmtPaymentModalReady = function () {
const data = {
booking_id: '0',
channels: '2',
country: 'GB',
// Authentication
booking_auth: authentication_string,
// Lead Traveller
firstname: 'John',
surname: 'Smith',
email: 'john.smith@example.org',
date: '2020-05-15',
// Payment details
payee_name: 'Jane Smith',
payee_email: 'jane.smith@example.org',
payee_address: '123 test address',
payee_city: 'Test city',
payee_country: 'GB',
payee_postcode: '0000',
currencies: 'GBP',
total: '9999'
}
const button = document.getElementById('trigger-modal')
button.addEventListener('click', function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: 'test-site',
data: data
})
})
}
</script>
- An object containing all required booking and transaction data
- Mandatory for the Object Configuration
environment
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: 'test-site',
formId: 'my-payment-form',
environment: 'test'
})
}
</script>
- Different versions of the third party tokenisation tool are used according to whether a channel is in test mode or not. If the channel you are implementing the modal for is in test mode, you will need to set the environment option to
test - For live channels, you do not need to define environment as it defaults to live. You can however set it to
liveif this suits your implementation
origin
Example, foo.com is an iframe that is serving up the modal within a file on bar.com:
<body>
<!--content served up by bar.com-->
<iframe src=foo.com>
<button id="trigger-modal">Pay</button>
<script>
window.tmtPaymentModalReady = function () {
const button = document.getElementById("trigger-modal");
button.addEventListener("click", function () {
const tmtPaymentModal = new window.tmtPaymentModalSdk({
path: "some-site",
origin: "foo.com,bar.com",
data: {
...
}
});
});
}
</script>
</iframe>
</body>
If you are serving up the payment modal from within an iframe, all ancestors in the chain must be defined in a comma separated list with the parent listed first, followed by the origin that will render it and so on up the chain.
debug
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
debug: true
})
}
</script>
Set debug = true to enable validation and error logs in console.
disableCloseWindowPrompt
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
disableCloseWindowPrompt: true
})
}
</script>
If you have your own means of handling user attempts to close the browser or refresh during transaction you may wish to disable the in-built onbeforeounload close window prompt.
disableLang
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
disableLang: true
})
}
</script>
If the translations you require for your customer base are not available, you can disable the translation picker.
lang
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
lang: 'ptBR'
})
}
</script>
The modal is rendered in English by default. Should you know that the user prefers an alternate language, the modal can be set to load in that language should a translation be available. Once loaded, the user is still free to switch languages should they wish. The language which the modal is in at the point of transaction determines what language the user's payment receipt shall be in.
paymentCurrency
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
paymentCurrency:'EUR'
})
}
</script>
The default behaviour of the payment modal is to offer payment in the base currency of your channel, and allow the customer to change the payment currency as required. Should you know that the customer making payment is based in a country that does not use your channel's base currency, you can improve the user experience by defining their currency to default the payment modal to.
For example, if the base currency of your channel is USD and your customer is based in Germany, you would define the paymentCurrency as EUR as shown.
Should you wish to display your prices in currencies other than your base currency, you will need to utilise your channel's forex feed
transactionType
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path:'test-site',
formId: 'my-payment-form',
transactionType: 'authorize'
})
}
</script>
We now allow for pre-authorizing a card via the modal leaving you to make a Capture request via an API call in order to capture the payment.
NB: If you intend to use this option, please note the following:
- An authorize transaction will not result in funds being removed from the customer's account. You must complete a capture request in order to complete the transaction
- Authorize transactions are subject to a per transasction fee as are capture transactions
- Authorize transactions can only be captured within a short time frame. This is generally up to 5 days but can differ according to the bank processing the payment. We would advise that you remain well inside 5 days for this to avoid losing transactions
- Allocations are not permitted on authorize transactions and must be included with the Capture request
verify
<script>
window.tmtPaymentModalReady = function () {
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: 'test-site',
data: dataObject,
verify: [
"allocations",
"country",
"charge_channel",
"date",
"email",
"firstname",
"reference",
"surname",
]
})
}
</script>
If you wish to extended the authstring to include other booking and transaction values, you will need to include the verify option in order to pass in an array of the fields that you have included in the authstring.
The following fields can be used in the verify array in any implementation:
- country
- date
- firstname
- reference
- surname
You can also include the following in the Object Configiuration
- allocations
- charge_channel
Important
- Values must be concatenated in alphabetical order of the field they relate to with the timestamp appended afterwards
- If you are including allocations in your authstring, the order of the fields in the allocation objects must match the * order of the fields passed to the init method.
- Arrays must be json encoded
Troubleshooting
If you are having difficultly integrating the Payment Modal, please read through the troubleshooting guides below.
Form Implementation
- Nothing Happens
- Form Submits
- Can't Initialise Modal
- Required Field Errors
- Token is Invalid
- Token is Expired
- Allocation Errors
- Payment Fails unexpectedly
- Invalid Data/Token
- TokenEx Failed to Load
Nothing Happens
Example of a form implementation input that has been flagged as it has not been completed
<input
name="payee_name"
class="tmt_payee_name"
style="background: yellow;"
/>
You are confident you have completed the integration, you visit your test payment page, click to pay, and nothing happens!
Please check the following:
- That you have an input with the class
tmt_payee_nameand a value - That you have an input with the class
tmt_payee_emailand a value
Note that if either or both of these inputs are visible, then a style attribute would be attached to them in the event of no value being supplied as shown in the code example to the right.
If you have set either or both of these inputs to hidden, then its not immediately obvious if no values are present. If this is the case, it is recommended that you enable debug mode. You should then see output to this effect.
Form Submits
You are confident you have completed the integration, you visit your test payment page, click to pay, and the payment form submits without triggering the modal
Please check the following
- That you have correctly included the Payment Modal scripts
- That no other javascript included on your payment page is triggering errors in console
Init Errors
Example of the path and form ID being correctly passed in for the form implementation
var tmtPaymentModal = new window.tmtPaymentModalSdk({
path: "tmt-test",
formId: "tmt-payment-form"
})
If you do not init the modal with the mandatory options for the implementation you require, then the modal will be triggered as per the screenshot below informing you which mandatory fields are missing.
This error would be resolved by passing a formId and path to the modal init call as per the example on the right
Required Field Errors
To successfully trigger the Payment Modal, required data must be present and correctly referenced depending on the implementation you are using:
If you do not include all the required fields, the modal will trigger with a error output to indicate the missing fields similar to the below. If you have debug mode enabled, the missing fields will also be output to console.
Invalid Token
To identify yourself to the modal, you need to pass it a valid authstring. Failure to do this will result in output as per the screenshot below.
Should you receive this error, please check the following:
- Are you concatenating the fields in alphabetical order for the auth string?
- Are you using the same channel ID as that passed in the form or data object?
- Are you using the base currency for the channel with the ID passed in the form or data object?
- Are you salting the authstring with the channel secret for the channel with the ID passed in the form or data object?
- Have you used the same timestamp in the authstring as the timestamp which is appended to it?
- If you are using additional fields in the authstring, have you declared them in the Verify Option?
Expired Token
To prevent reuse of tokens, they are only valid for 15 minutes. In order to prevent reuse of expired tokens, a timestamp is added to the authstring and then appended to it so that a duplicate authstring can be built API side for comparison. If you fail to append the timestamp, or if it is older than 15 minutes, you will receive output as per the screenshot below:
Should you receive this error, please check the followung:
- Are you using and appending the same timestamp?
- Are you generating a timestamp in GMT?
- Are you ouputting your timestamp in the format YYYYDDMMHIS?
Allocation Errors
Example One: Channel 23 receives allocation and incurs charges
{
booking_id: '0',
channels: 2,
currencies: 'USD',
total: '10000',
...
/* USD 2 is allocated to Channel 23 */
allocations: [{
channels: 23,
currencies: 'USD',
total: 200,
operator: 'flat'
}],
/* Channel 23 is nominated as charge_channel */
charge_channel: 23
}
/*
* Charges levied against Channel 23 would be USD 4 (3.5% of USD 100 = USD 3.50 + USD 0.50 per transaction fee)
* USD 2 is not sufficient to cover charges of USD 4, error is returned.
*/
Example Two: Channel 23 is master channel and incurs charges
{
booking_id: '0',
channels: 23,
currencies: 'USD',
total: '10000',
...
/* USD 98 is allocated to Channel 2 */
allocations: [{
channels: 2,
currencies: 'USD',
total: 9800,
operator: 'flat'
}]
/* No charge_channel defined, so defaults to main channel, which is 23 */
}
/*
* Charges levied against Channel 23 would be USD 4 (3.5% of USD 100 = USD 3.50 + USD 0.50 per transaction fee)
* USD 2 remaining after allocating USD 98 to channel 2 is not sufficient to cover charges of USD 4, error is returned
*/
If you are using the data object implementation and including allocations, you may receive output as per the screenshot below after having successfully triggered the modal and entered credit card details:
Should you receive this error, please ensure that the channel that is incurring charges has sufficient funds to meet those charges.
For example, consider a channel with ID = 23, which has a per transaction fee of USD 0.50 and has a credit card percentage of 3.5% applied. The two examples shown on the right would result in too little being available to meet those charges.
Payment Failure
If payments are failing unexpectedly, for example when testing with credit cards that should be passing, please listen on the transaction_error callback as this should give you feedback on where you are going wrong. The example below shows a transaction attempt that has failed as allocations were included on an authorize transactions.
Invalid Data Token
If you successfully run a transaction from end to end, but the transaction fails with "content": "Invalid data/token.", then you have triggered the modal in an environment that does not match that of the channel you are running the transaction in. Cards are tokenised in the environment specified in modal instantiation. API requests made via the tokeniser to the payment gateway are made in the environment of the channel (live or test). If a channel has an account_mode of "live" and the modal is instantiated with environment "test", the card will be tokenised in the test token environment where-as the request will be routed via the live environment. No token will exist in the live environment so the response of "Invalid data/token" will be returned, and the transaction will fail.
TokenEx Failed to Load
TokenEx are our third party provider for tokenising cards. When the modal is triggered, we initialise their scripts. If we can't initialise their scripts, we can't process payments and this error is displayed.
If you are serving the modal up within an iframe, this error has likely been caused by an incorrect, or no value for origin. This can be verified by checking console logs for errors like the below:
API Reference
Authentication
All API requests require an authentication header in the form of:
Authorization: Bearer %TOKEN%
where %TOKEN% is replaced with a valid api token or a token retrieved from an authentication request.
On first release of this API, all requests had to be signed with a valid JWT token. In order to facilitate two factor authentication for app users, as well as reducing the requests per round trip, we now provide endpoints for generating API tokens, which can be stored to your environment and used to sign requests. Both methods are included here, but it is recommended that you use api tokens for your integration if you are starting afresh.
Authentication (API Tokens)
Get All API Tokens
Make sure to replace
{{path}}with your site path and{{token}}with a valid API or JWT token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/api-tokens',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/api-tokens", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/api-tokens' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/api-tokens", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 19,
"tokenable_type": "Users\Models\User",
"tokenable_id": 82,
"name": "Test Token 1",
"abilities": [],
"last_used_at": "2023-09-05T14:23:00.000000Z",
"expires_at": null,
"created_at": "2023-09-05T14:22:16.000000Z",
"updated_at": "2023-09-05T14:23:00.000000Z"
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/api-tokens
Create an API Token
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/api-tokens',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"name": "Test Token 1",
"expires_at": "2030-01-01",
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"name": "Test Token 1",
"expires_at": "2030-01-01",
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/api-tokens", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/api-tokens' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"name": "Test Token 1",
"expires_at": "2030-01-01",
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"name": "Test Token 1",
"expires_at": "2030-01-01",
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/api-tokens", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"token": "17|FC2cXTvzb2dNYfgFzPOS5tQWs0pnKi5Q1N38Pfwg",
"expires_at": "2030-01-01"
}
HTTP Request
POST https://tmtprotects.com/{{path}}/api-tokens
Schema
| Parameter | Type | Description |
|---|---|---|
name* |
string | Label for the token. |
expires_at |
string | Optional expiry date for token. Format must be Y-m-d. Token expires at 23:59:59 GMT that day |
*Required
Delete A Token
Make sure to replace
{{path}}with your site path, {{token_id}} with a valid token ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/api-tokens/{{token_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("DELETE", "/{{path}}/api-tokens/{{token_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request DELETE 'https://tmtprotects.com/{{path}}/api-tokens/{{token_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'DELETE',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/api-tokens/{{token_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"message": "Token deleted"
}
HTTP Request
DELETE https://tmtprotects.com/{{path}}/api-tokens/{{token_id}}
If you have two tokens, and need to create a new one, you will have to delete one of the existing two tokens even if it has expired.
Delete All Tokens
Make sure to replace
{{path}}with your site path, and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/api-tokens',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("DELETE", "/{{path}}/api-tokens", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request DELETE 'https://tmtprotects.com/{{path}}/api-tokens' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'DELETE',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/api-tokens", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"message": "All tokens deleted"
}
HTTP Request
DELETE https://tmtprotects.com/{{path}}/api-tokens
Authentication (JWT Tokens)
Make sure to replace
{{username}}with your site username, and{{password}}with your password.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"username": "{{username}}",
"password": "{{password}}"
}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"username": "{{username}}",
"password": "{{password}}"
})
headers = {
'Content-Type': 'application/json'
}
conn.request("POST", "/wp/wp-json/jwt-auth/v1/token", payload, headers)
res = conn.getresponse()
data = res.read()
curl --location --request POST 'https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "{{username}}",
"password": "{{password}}"
}'
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
var raw = JSON.stringify({
"username": "{{username}}",
"password": "{{password}}"
});
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 69,
"name": "Elvis Sauer",
"username": "elvissauer",
"user_email": "elvissauer@example.org",
"user_nicename": "Elvis Sauer",
"user_display_name": "Elvis Sauer",
"usertype": "member_admin",
"type": "member_admin",
"read_only": false,
"can_sign_off_payout": false,
"default_site": {
"id": 3,
"name": "TMT Test Site",
"path": "/tmt-test/",
"permissions": [],
"channel_count": 108,
"usertype": "member_admin"
},
"site_count": 2,
"two_factor_confirmed_at": null,
"sites": [
{
"id": 3,
"name": "TMT Test Site"
},
{
"id": 9,
"name": "Protection Only Site"
}
],
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0L3dwL3dwLWpzb24vand0LWF1dGgvdjEvdG9rZW4iLCJpYXQiOjE3MDk1NTMwMjUsImV4cCI6MTcwOTU1NjYyNSwibmJmIjoxNzA5NTUzMDI1LCJqdGkiOiJkMkRDSFZrbXBWSUpMODQ0Iiwic3ViIjo2OSwicHJ2IjoiNjE2NzZhNjZmMmQ3MzY0ZGQxZWI0NzJiMzgzOTNmZTc4YjgyZTMzMiJ9.G-dEnNzryFbwrbFtIDCSSf2RNmHeKYiy8R7GHfcUfks",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0L3dwL3dwLWpzb24vand0LWF1dGgvdjEvdG9rZW4iLCJpYXQiOjE3MDk1NTMwMjUsImV4cCI6MTcwOTU1NjYyNSwibmJmIjoxNzA5NTUzMDI1LCJqdGkiOiI0bU1uM2NlMmpPZTlhekN4Iiwic3ViIjo2OSwicHJ2IjoiNjE2NzZhNjZmMmQ3MzY0ZGQxZWI0NzJiMzgzOTNmZTc4YjgyZTMzMiJ9.3AePbVceAukp83Og5zrIL5xdzKLfsPlJ08AKhD60Tk8"
}
HTTP Request
POST https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token
Refresh Tokens
Make sure to replace
{{path}}with your site path and{{refreshToken}}with a valid API refresh token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{refreshToken}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{refreshToken}}'
}
conn.request("POST", "/wp/wp-json/jwt-auth/v1/token/refresh", payload, headers)
res = conn.getresponse()
data = res.read()
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{refreshToken}}' \
--data-raw ''
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{refreshToken}}");
var raw = "";
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 69,
"name": "Elvis Sauer",
"username": "elvissauer",
"user_email": "elvissauer@example.org",
"user_nicename": "Elvis Sauer",
"user_display_name": "Elvis Sauer",
"usertype": "member_admin",
"type": "member_admin",
"read_only": false,
"can_sign_off_payout": false,
"default_site": {
"id": 3,
"name": "TMT Test Site",
"path": "/tmt-test/",
"permissions": [],
"channel_count": 108,
"usertype": "member_admin"
},
"site_count": 2,
"two_factor_confirmed_at": null,
"sites": [
{
"id": 3,
"name": "TMT Test Site"
},
{
"id": 9,
"name": "Protection Only Site"
}
],
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0L3RtdC10ZXN0L3dwLWpzb24vand0LWF1dGgvdjEvdG9rZW4vcmVmcmVzaCIsImlhdCI6MTcwOTU1MzAyNSwiZXhwIjoxNzA5NTU2NjI1LCJuYmYiOjE3MDk1NTMwMjUsImp0aSI6Inl1Uk5lZ0RROFNWZlRqMnEiLCJzdWIiOjY5LCJwcnYiOiI2MTY3NmE2NmYyZDczNjRkZDFlYjQ3MmIzODM5M2ZlNzhiODJlMzMyIn0.53ceFVIiHDjE6oj_PBOIox3ONnrm4WFTtnKUDSU4gz8",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0L3dwL3dwLWpzb24vand0LWF1dGgvdjEvdG9rZW4iLCJpYXQiOjE3MDk1NTMwMjUsImV4cCI6MTcwOTU1NjYyNSwibmJmIjoxNzA5NTUzMDI1LCJqdGkiOiI0bU1uM2NlMmpPZTlhekN4Iiwic3ViIjo2OSwicHJ2IjoiNjE2NzZhNjZmMmQ3MzY0ZGQxZWI0NzJiMzgzOTNmZTc4YjgyZTMzMiJ9.3AePbVceAukp83Og5zrIL5xdzKLfsPlJ08AKhD60Tk8"
}
All authentication payloads include a refresh_token in the response. This token can be retained indefinitely and used to obtain a valid JWT token via the refresh token endpoint. The token returned in the refresh token response can be used to sign subsequent API requests.
HTTP Request
POST https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token/refresh
Replace Refresh Token
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}'
}
conn.request("DELETE", "/wp/wp-json/jwt-auth/v1/token/refresh", payload, headers)
res = conn.getresponse()
data = res.read()
curl --location --request DELETE 'https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw ''
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = "";
var requestOptions = {
method: 'DELETE',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/jwt-auth/v1/token/refresh", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"deleted": true
}
You may wish to rotate your refresh token on a regular basis. To do so, make a DELETE /token/refresh request signed with a valid user token. You will receive a new refresh token the next time you complete an auth request.
HTTP Request
DELETE https://tmtprotects.com/wp/wp-json/jwt-auth/v1/token/refresh
Channels
- All bookings and transactions are created within a channel.
- When making requests to create bookings and transactions, you will need to refer to the ID of the channel they are being created in.
- Bookings can only be created with a
currenciesvalues that matches thecurrenciesvalue of the channel that they are being created in - Transactions can be paid in currencies that do not match the
currenciesvalue of the channel
Get All Channels
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/channels", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 3799,
"uuid": "df2e495f-6fff-33e1-84b3-8ce6743a33e2",
"name": "Rodriguez-Greenholt1709543672",
"slug": "rodriguez-greenholt1709543672",
"account_type": "protected-processing",
"account_mode": "live",
"protection_type": "trust-my-travel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "elvissauer@example.org",
"mail_bcc_transactional_mails": false,
"receipt_label": "TMT Test Site",
"external_id": "",
"channel_status": "full-processing",
"suppliers": [],
"beneficiary_id": "",
"settlement_currency": "GBP",
"payout_minimum": 10000,
"quote_code": "Quote1",
"forex_feed": {
"base": "GBP",
"symbol": {
"grapheme": "£",
"template": "$1",
"rtl": false
},
"rates": {
"EUR": {
"symbol": "EUR",
"quote_id": 66127563,
"rate": 1.2132,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:12:32"
},
"USD": {
"symbol": "USD",
"quote_id": 66127669,
"rate": 1.2155,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:13:11"
}
}
},
"statement_period": "month",
"cardholder_present": false,
"mail_failures": false,
"server_to_server": false,
"tokenex_id": "",
"tokenex_api_key": "",
"chargeback_mail": null,
"descriptor": null,
"channel_secret": ""
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
account_mode |
all | Enum: live, test, draft, closed, affiliate |
account_type |
all | Enum: protected-processing, trust |
currencies |
all | Return all items where field contains requested value |
external_id |
all | Search for exact matches with requested value |
name |
all | Search for wildcard matches with requested value |
statement_period |
all | Enum: biweek, week, month |
Get A Channel
Make sure to replace
{{channel_id}}with a valid channel ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 3799,
"uuid": "df2e495f-6fff-33e1-84b3-8ce6743a33e2",
"name": "Rodriguez-Greenholt1709543672",
"slug": "rodriguez-greenholt1709543672",
"account_type": "protected-processing",
"account_mode": "live",
"protection_type": "trust-my-travel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "elvissauer@example.org",
"mail_bcc_transactional_mails": false,
"receipt_label": "TMT Test Site",
"external_id": "",
"channel_status": "full-processing",
"suppliers": [],
"beneficiary_id": "",
"settlement_currency": "GBP",
"payout_minimum": 10000,
"quote_code": "Quote1",
"forex_feed": {
"base": "GBP",
"symbol": {
"grapheme": "£",
"template": "$1",
"rtl": false
},
"rates": {
"EUR": {
"symbol": "EUR",
"quote_id": 66127563,
"rate": 1.2132,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:12:32"
},
"USD": {
"symbol": "USD",
"quote_id": 66127669,
"rate": 1.2155,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:13:11"
}
}
},
"statement_period": "month",
"cardholder_present": false,
"mail_failures": false,
"server_to_server": false,
"tokenex_id": "",
"tokenex_api_key": "",
"chargeback_mail": null,
"descriptor": null,
"channel_secret": ""
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the channel. |
uuid* |
string | Unique identifier for the channel. |
name |
string | Title for the channel. |
slug* |
string | The slug for the channel. |
account_type* |
string | The account type for the channel. Enum: protected-processing, trustDefault: trust |
account_mode |
string | The mode that the channel is in. NB Not all modes can be set when creating a channel. Enum: test, draft, live, closed, affiliateDefault: test |
protection_type* |
string | The protection type for the channel. Enum: trust-my-travel, tmu-managementDefault: trust-my-travel |
currencies |
string | The ISO 4217 value of the base currency of the channel. Enum: valid currencies |
quote_code* |
string | DEPRECATED |
statement_period* |
string | The statement period for the channel. Enum: biweek, week, monthDefault: month |
cardholder_present* |
boolean | Whether Cardholder Present is permitted on channel transactions. Default: false |
forex_feed* |
object | The forex feed for the channel. |
language |
string | Default mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
primary_mail |
string | Comma separated list of email addresses to use if BCC'ing email. |
mail_bcc_transactional_mails |
boolean | Whether to BCC mail receipts to primary mail. Default: false |
mail_failures |
boolean | Whether to send mail to primary mail on transaction failures. Default: false |
receipt_label |
string | Company name to use in mail receipts. Defaults to site name. |
server_to_server* |
boolean | Indicates whether channel will process transactions directly with PSP. |
tokenex_id |
string | TokenEx ID for the channel. Only applicable if server_to_server = true |
tokenex_api_key |
string | TokenEx API key for the channel. Only applicable if server_to_server = true |
beneficiary_id* |
string | The beneficiary identifier for the channel. |
settlement_currency* |
string | The ISO 4217 value of the settlement currency of the channel. Enum: AED, AUD, CAD, CHF, DKK, EUR, GBP, HKD, JPY, NOK, NZD, SEK, SGD, USD, ZAR |
external_id |
string | The external identifier for the channel. |
chargeback_mail |
string | Comma separated list of email addresses to send Chargeback notification email to. |
payout_minimum* |
integer | The minumum value whereby payouts will be made. (Based on settlement currency) |
descriptor* |
string | Payment Descriptor that appears on customer's bank statements. |
channel_secret* |
string | Channel secret. Used to sign payment modal requests. |
channel_status* |
string | The status of the channel. Enum: admin, affiliate, agent, closed, full-processing, full-processing-ic-plus, full-processing-blended-default, locked, new, supplier, test, tms-end-user, tmt-protection, tmu-protectionDefault: test |
suppliers* |
array | IDs of suppliers linked to the channel |
*Readonly
Create A Channel
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"name": "GBP Channel",
"account_mode": "draft",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"name": "GBP Channel",
"account_mode": "draft",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/wp-json/tmt/v2/channels", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"name": "GBP Channel",
"account_mode": "draft",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"name": "GBP Channel",
"account_mode": "draft",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 3799,
"uuid": "df2e495f-6fff-33e1-84b3-8ce6743a33e2",
"name": "GBP Channel",
"slug": "rodriguez-greenholt1709543672",
"account_type": "trust",
"account_mode": "draft",
"protection_type": "trust-my-travel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"channel_status": "admin",
"suppliers": [
"ZA-14-AP",
"TZ-15-DM"
],
"beneficiary_id": "BENE123",
"settlement_currency": "GBP",
"payout_minimum": 10000,
"quote_code": "Quote1",
"forex_feed": {
"base": "GBP",
"symbol": {
"grapheme": "£",
"template": "$1",
"rtl": false
},
"rates": {
"EUR": {
"symbol": "EUR",
"quote_id": 66127563,
"rate": 1.2132,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:12:32"
},
"USD": {
"symbol": "USD",
"quote_id": 66127669,
"rate": 1.2155,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:13:11"
}
}
},
"statement_period": "week",
"cardholder_present": true,
"mail_failures": true,
"server_to_server": false,
"tokenex_id": "1234567887654321",
"tokenex_api_key": "QcFfUs9p8faeP974xwuvq6vqo55PTiWj",
"chargeback_mail": "chargebacks@example.org",
"descriptor": "tmtprtcts.co/member",
"channel_secret": ""
}
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels
Schema
| Parameter | Type | Description |
|---|---|---|
name* |
string | Title for the channel. |
account_mode |
string | The mode that the channel is in. NB Not all modes can be set when creating a channel. Enum: test, draft, live, closed, affiliateDefault: test |
currencies* |
string | The ISO 4217 value of the base currency of the channel. Enum: valid currencies |
language |
string | Default mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
primary_mail |
string | Comma separated list of email addresses to use if BCC'ing email. |
mail_bcc_transactional_mails |
boolean | Whether to BCC mail receipts to primary mail. Default: false |
mail_failures |
boolean | Whether to send mail to primary mail on transaction failures. Default: false |
receipt_label |
string | Company name to use in mail receipts. Defaults to site name. |
external_id |
string | The external identifier for the channel. |
chargeback_mail |
string | Comma separated list of email addresses to send Chargeback notification email to. |
*Required
Update A Channel
Make sure to replace
{{path}}with your site path, {{id}} with a valid channel ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS => {
"name": "GBP Channel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"name": "GBP Channel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("PUT", "/{{path}}/wp-json/tmt/v2/channels/{{id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request PUT 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{id}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"name": "GBP Channel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"name": "GBP Channel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"mail_failures": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"chargeback_mail": "chargebacks@example.org",
});
var requestOptions = {
'method: 'PUT',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 3799,
"uuid": "df2e495f-6fff-33e1-84b3-8ce6743a33e2",
"name": "GBP Channel",
"slug": "rodriguez-greenholt1709543672",
"account_type": "trust",
"account_mode": "draft",
"protection_type": "trust-my-travel",
"currencies": "GBP",
"language": "enGB",
"primary_mail": "john.smith@example.org,jane.smith@example.org",
"mail_bcc_transactional_mails": true,
"receipt_label": "Smith Inc",
"external_id": "SMITH1234",
"channel_status": "admin",
"suppliers": [
"ZA-14-AP",
"TZ-15-DM"
],
"beneficiary_id": "BENE123",
"settlement_currency": "GBP",
"payout_minimum": 10000,
"quote_code": "Quote1",
"forex_feed": {
"base": "GBP",
"symbol": {
"grapheme": "£",
"template": "$1",
"rtl": false
},
"rates": {
"EUR": {
"symbol": "EUR",
"quote_id": 66127563,
"rate": 1.2132,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:12:32"
},
"USD": {
"symbol": "USD",
"quote_id": 66127669,
"rate": 1.2155,
"provider": "cambridge",
"expires": "2024-10-09 14:00:00",
"modified": "2023-10-09 11:13:11"
}
}
},
"statement_period": "week",
"cardholder_present": true,
"mail_failures": true,
"server_to_server": false,
"tokenex_id": "1234567887654321",
"tokenex_api_key": "QcFfUs9p8faeP974xwuvq6vqo55PTiWj",
"chargeback_mail": "chargebacks@example.org",
"descriptor": "tmtprtcts.co/member",
"channel_secret": ""
}
HTTP Request
PUT https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{id}}
Schema
| Parameter | Type | Description |
|---|---|---|
name |
string | Title for the channel. |
currencies |
string | The ISO 4217 value of the base currency of the channel. Enum: valid currencies |
language |
string | Default mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
primary_mail |
string | Comma separated list of email addresses to use if BCC'ing email. |
mail_bcc_transactional_mails |
boolean | Whether to BCC mail receipts to primary mail. Default: false |
mail_failures |
boolean | Whether to send mail to primary mail on transaction failures. Default: false |
receipt_label |
string | Company name to use in mail receipts. Defaults to site name. |
external_id |
string | The external identifier for the channel. |
chargeback_mail |
string | Comma separated list of email addresses to send Chargeback notification email to. |
Delete A Channel
Make sure to replace
{{path}}with your site path, {{id}} with a valid channel ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("DELETE", "/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request DELETE 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'DELETE',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"deleted": true
}
HTTP Request
DELETE https://tmtprotects.com/{{path}}/wp-json/tmt/v2/channels/{{channel_id}}
Bookings
Get All Bookings
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/bookings", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 1082,
"uuid": "b96005ba-2b74-437b-93e9-15276528af2e",
"trust_id": "3-1082",
"internal_id": 1082,
"author": "elvissauer",
"status": "paid",
"title": "Osinski | gaetanoosinski@example.org",
"content": "Holiday for 2 to nowhere.",
"firstname": "Gaetano",
"surname": "Osinski",
"email": "gaetanoosinski@example.org",
"date": "2024-10-14",
"date_start": "2024-10-04",
"pax": 7,
"reference": "VENICE-12345",
"total": 9999,
"total_unpaid": 0,
"currencies": "GBP",
"country": "IT",
"countries": "IT",
"transaction_ids": [
1574
],
"channels": 3799,
"language": "enGB",
"author_id": 69,
"authorname": "elvissauer",
"suppliers": [
"CK-63-FL",
"NF-64-AC"
],
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings/1082"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings"
}
]
}
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
before |
all | Limit response to items published before a given ISO8601 compliant date. |
after |
all | Limit response to items published after a given ISO8601 compliant date. |
status |
all | Limit result set to items assigned one or more statuses. |
channels |
all | Limit result set to all bookings that have the specified terms assigned in the channels taxonomy. |
countries |
all | Limit result set to all bookings that have the specified terms assigned in the countries taxonomy. |
surname |
all | Limit result set to all bookings that have the specified surname |
email |
all | Limit result set to all bookings that have the specified email |
date_before |
all | Limit response to bookings with end date of travel before a given ISO8601 compliant date. |
date_after |
all | Limit response to bookings with end date of travel after a given ISO8601 compliant date. |
reference |
all | Limit result set to all bookings that have the specified reference |
Get A Booking
Make sure to replace
{{booking_id}}with a valid booking ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1082,
"uuid": "b96005ba-2b74-437b-93e9-15276528af2e",
"trust_id": "3-1082",
"internal_id": 1082,
"author": "elvissauer",
"status": "paid",
"title": "Osinski | gaetanoosinski@example.org",
"content": "Holiday for 2 to nowhere.",
"firstname": "Gaetano",
"surname": "Osinski",
"email": "gaetanoosinski@example.org",
"date": "2024-10-14",
"date_start": "2024-10-04",
"pax": 7,
"reference": "VENICE-12345",
"total": 9999,
"total_unpaid": 0,
"currencies": "GBP",
"country": "IT",
"countries": "IT",
"transaction_ids": [
1574
],
"channels": 3799,
"language": "enGB",
"author_id": 69,
"authorname": "elvissauer",
"suppliers": [
"CK-63-FL",
"NF-64-AC"
],
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings/1082"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings"
}
]
}
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the booking. |
trust_id* |
string | Identifier for the booking prefixed with Site ID. |
uuid* |
string | Unique identifier for the booking. |
internal_id* |
integer | DEPRECATED. |
author* |
string | The user name of the author of the booking. |
status* |
string | The status of the booking. This is automatically set to unpaid and adjusted as and when payments are received. Enum: authorized, completed, locked, paid, partial-payment, unpaid |
title* |
string | The auto-generated title of the booking as format Trust ID, Surname, Email. |
content |
string | Description of the booking. |
firstname |
string | The first name of the lead traveller. |
surname |
string | The surname of the lead traveller. |
email |
string | The email of the lead traveller. |
date |
string | The end date of the booking in Y-m-d format. |
date_start |
string | The start date of the booking in Y-m-d format. |
pax |
integer | Number of people the booking is for. |
reference |
string | Your reference for the booking. |
total |
integer | The total base currency cost of the booking in cents. This cannot be updated to be less than the total of all linked transactions. |
total_unpaid* |
integer | The total unpaid base currency cost of the booking in cents. |
currencies |
string | The ISO 4217 value of the base currency of the booking. Must match the base currency of the Channel. Enum: valid currencies |
country* |
string | DEPRECATED Enum: valid countries |
countries |
string | The ISO 3166-1 alpha-2 value of the country the booking takes place in. Enum: valid countries |
transaction_ids* |
array | Unique identifier(s) for any transaction(s) attempted against the booking. |
channels |
integer | Unique identifier for the channel the booking is for. |
language |
string | Mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
author_id* |
integer | The user ID of the author of the booking. |
authorname* |
string | The username of the author of the booking. |
suppliers |
array | IDs of suppliers included in the booking |
created* |
string | The date the booking was created, in GMT. |
modified* |
string | The date the booking was last modified, in GMT. |
*Readonly
Create A Booking
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/wp-json/tmt/v2/bookings", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1082,
"uuid": "b96005ba-2b74-437b-93e9-15276528af2e",
"trust_id": "3-1082",
"internal_id": 1082,
"author": "elvissauer",
"status": "paid",
"title": "Osinski | gaetanoosinski@example.org",
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": "3",
"reference": "VENICE-12345",
"total": 9999,
"total_unpaid": 0,
"currencies": "GBP",
"country": "IT",
"countries": "IT",
"transaction_ids": [
1574
],
"channels": 10165,
"language": "enGB",
"author_id": 69,
"authorname": "elvissauer",
"suppliers": [
"ZA-14-AP",
"TZ-15-DM"
],
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings/1082"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings"
}
]
}
}
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings
Schema
| Parameter | Type | Description |
|---|---|---|
content |
string | Description of the booking. |
firstname* |
string | The first name of the lead traveller. |
surname* |
string | The surname of the lead traveller. |
email* |
string | The email of the lead traveller. |
date* |
string | The end date of the booking in Y-m-d format. |
date_start |
string | The start date of the booking in Y-m-d format. |
pax |
integer | Number of people the booking is for. |
reference |
string | Your reference for the booking. |
total* |
integer | The total base currency cost of the booking in cents. This cannot be updated to be less than the total of all linked transactions. |
currencies* |
string | The ISO 4217 value of the base currency of the booking. Must match the base currency of the Channel. Enum: valid currencies |
countries* |
string | The ISO 3166-1 alpha-2 value of the country the booking takes place in. Enum: valid countries |
channels* |
integer | Unique identifier for the channel the booking is for. |
language |
string | Mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
suppliers |
array | IDs of suppliers included in the booking |
*Required
Update A Booking
Make sure to replace
{{path}}with your site path, {{id}} with a valid booking ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS => {
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("PUT", "/{{path}}/wp-json/tmt/v2/bookings/{{id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request PUT 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{id}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"currencies": "GBP",
"countries": "IT",
"channels": 10165,
"language": "enGB",
"suppliers": ["ZA-14-AP", "TZ-15-DM"],
});
var requestOptions = {
'method: 'PUT',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1082,
"uuid": "b96005ba-2b74-437b-93e9-15276528af2e",
"trust_id": "3-1082",
"internal_id": 1082,
"author": "elvissauer",
"status": "paid",
"title": "Osinski | gaetanoosinski@example.org",
"content": "River cruise in Venice",
"firstname": "John",
"surname": "Smith",
"email": "john.smith@example.org",
"date": "2025-10-07",
"date_start": "2025-10-07",
"pax": "3",
"reference": "VENICE-12345",
"total": 9999,
"total_unpaid": 0,
"currencies": "GBP",
"country": "IT",
"countries": "IT",
"transaction_ids": [
1574
],
"channels": 10165,
"language": "enGB",
"author_id": 69,
"authorname": "elvissauer",
"suppliers": [
"ZA-14-AP",
"TZ-15-DM"
],
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings/1082"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings"
}
]
}
}
HTTP Request
PUT https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{id}}
Schema
| Parameter | Type | Description |
|---|---|---|
content |
string | Description of the booking. |
firstname |
string | The first name of the lead traveller. |
surname |
string | The surname of the lead traveller. |
email |
string | The email of the lead traveller. |
date |
string | The end date of the booking in Y-m-d format. |
date_start |
string | The start date of the booking in Y-m-d format. |
pax |
integer | Number of people the booking is for. |
reference |
string | Your reference for the booking. |
total |
integer | The total base currency cost of the booking in cents. This cannot be updated to be less than the total of all linked transactions. |
currencies |
string | The ISO 4217 value of the base currency of the booking. Must match the base currency of the Channel. Enum: valid currencies |
countries |
string | The ISO 3166-1 alpha-2 value of the country the booking takes place in. Enum: valid countries |
channels |
integer | Unique identifier for the channel the booking is for. |
language |
string | Mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
suppliers |
array | IDs of suppliers included in the booking |
Payment Request URLs
Bookings response including payment request url:
{
"id": 44,
"trust_id": "3-44",
"internal_id": 44,
"author": "elvissauer",
"status": "paid",
"title": "Frami | zoilaframi@example.org",
"content": "Holiday for 2 to nowhere.",
"firstname": "Zoila",
"surname": "Frami",
"email": "zoilaframi@example.org",
"date": "2023-09-30",
"date_start": "2023-09-26",
"pax": 3,
"reference": "VENICE-12345",
"total": 9999,
"total_unpaid": 0,
"currencies": "GBP",
"country": "IT",
"countries": "IT",
"transaction_ids": [
60
],
"channels": 3431,
"language": "enGB",
"author_id": 69,
"authorname": "elvissauer",
"suppliers": [
"ET-15-BU",
"MK-14-AC"
],
"created": "2023-01-26 14:43:22",
"modified": "2023-01-26 14:43:22",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings/44",
"payment_request": "https://bookings.tmtprotects.com/paymentrequest?token=eyJ0eXAiOiJKV1Qi...ua-7ruJaE"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/bookings"
}
]
}
}
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings
PUT https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{id}}
Should you wish to make use of our Payment Request App, which generates secure URLs to redirect customers to in order to allow them to complete payment, you can request a secure URL when creating or updating a booking by including a payment_request_url=true parameter.
Delete A Booking
Make sure to replace
{{path}}with your site path, {{id}} with a valid booking ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("DELETE", "/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request DELETE 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'DELETE',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"deleted": true
}
HTTP Request
DELETE https://tmtprotects.com/{{path}}/wp-json/tmt/v2/bookings/{{booking_id}}
Suppliers
Get All Suppliers
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/suppliers", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": "CK-63-FL",
"name": "Kassulke Group65e590f84b424",
"url": "https://kassulkegroup65e590f84b424.com",
"category": "FL",
"country": "CK"
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
name |
all | Search on wildcard name matches. |
url |
all | Search on url matches. |
countries |
all | Limit result set to all suppliers that have the countries specified. |
categories |
all | Limit result set to all suppliers that have the categories specified. |
Get A Supplier
Make sure to replace
{[supplier_id}}with a valid supplier ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers/{[supplier_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/suppliers/{{supplier_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers/{{supplier_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers/{{supplier_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": "CK-63-FL",
"name": "Kassulke Group65e590f84b424",
"url": "https://kassulkegroup65e590f84b424.com",
"category": "FL",
"country": "CK"
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/suppliers/{{supplier_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
string | Unique identifier for the supplier. |
name* |
string | The name of the supplier. |
url* |
url | The url of the supplier's website. |
country* |
string | The ISO 3166-1 alpha-2 country code of the country the supplier is located in. Enum: valid countries |
category* |
string | The category code of the supplier. Enum: valid category code |
*Readonly
Transactions
Statuses
The outcome of a transaction is reflected in its status. If a transaction does not have a status of complete then there has been no movement of money (or in the case of authorize transactions, no money has been ring-fenced). In most cases, POST /transactions requests will return a status of complete or failed unless 3DS has been applied, in which case they remain as pending while the customer completes 3DS validation. However, other statuses are possible as detailed below:
| Status | Description |
|---|---|
| complete | Transaction approved by the bank |
| failed | Transaction refused by the bank, or failed payment gateway validation |
| pending | Transaction is pending 3DS validation by cardholder (only applies to purchase, vault and authorise transactions) |
| locked | Transaction is locked due to a chargeback |
| expired | Transaction didn’t leave pending state and eventually got set to expired by garbage collection |
| incomplete | Transaction has been created in our database, TMG made a request to the payment gateway and didn’t get anything back |
Get All Transactions
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/transactions", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 1574,
"uuid": "726e5ec5-e4ce-3e96-810b-405f6bcf0309",
"trust_id": "3-1574",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": 1,
"authorname": "modaluser3",
"allocations": [
{
"id": 256,
"value": 1000,
"total": 1000,
"channels": 3800,
"currencies": "GBP",
"operator": "flat",
"reversed": false,
"debit": {
"currencies": "GBP",
"total": 1000
},
"credit": {
"currencies": "GBP",
"total": 1000
}
}
],
"bookings": [
{
"id": 1082,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
}
],
"channels": 3799,
"content": "Succeeded",
"countries": "US",
"issuer_countries": "US",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "55df1e9edc8d2f673cdc6454a31034c187baf4835e9dcf08190f06dcaf4a8710",
"language": "enGB",
"last_four_digits": "1111",
"linked_id": null,
"payee_email": "kevinwindler@example.org",
"payee_name": "Kevin",
"payee_surname": "Windler",
"payment_ids": [
3021,
3022,
3023,
3024,
3025,
3026
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "Kevin Windler | kevinwindler@example.org | purchase",
"total_remaining": 9999,
"total": 9999,
"transaction_type": "purchase",
"transaction_types": "purchase",
"bin_number": "990206",
"card_type": "visa",
"card_types": "visa",
"token": "UWECJT2W",
"attempt_3ds": false,
"redirect_url": null,
"payment_methods": "credit-card",
"ip_address": "83.133.27.27",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1574"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to specific IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
after |
all | Limit response to posts published after a given ISO8601 compliant date. |
before |
all | Limit response to posts published before a given ISO8601 compliant date. |
exclude |
all | Ensure result set excludes specific IDs. |
status |
all | Limit result set to posts assigned one or more statuses. |
channels |
all | Limit result set to all transactions that have the specified terms assigned in the channels taxonomy. |
channels_exclude |
all | Limit result set to all transactions except those that have the specified terms assigned in the channels taxonomy. |
bin_number |
all | Limit result set to all transactions that have the specified terms assigned in the bin_number taxonomy. |
countries |
all | Limit result set to all transactions that have the specified terms assigned in the countries taxonomy. |
currencies |
all | Limit result set to all transactions that have the specified terms assigned in the currencies taxonomy. |
currencies_exclude |
all | Limit result set to all transactions except those that have the specified terms assigned in the currencies taxonomy. |
last_four_digits |
all | Limit result set to all transactions that have the specified terms assigned in the last_four_digits taxonomy. |
payment_methods |
all | Limit result set to all transactions that have the specified terms assigned in the payment_methods taxonomy. |
transaction_types |
all | Limit result set to all transactions that have the specified terms assigned in the transaction_types taxonomy. |
payee_surname |
all | Limit result set to all transactions that have the specified payee_surname |
payee_email |
all | Limit result set to all transactions that have the specified payee_email |
reference |
all | Reference for the booking(s) the transaction was for. |
statement_date_after |
all | Limit response to transactions that appear in statements on or afer the defined timestamp. |
statement_date_before |
all | Limit response to transactions that appear in statements on or before the defined timestamp. |
Get A Transaction
Make sure to replace
{{transaction_id}}with a valid transaction ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1574,
"uuid": "726e5ec5-e4ce-3e96-810b-405f6bcf0309",
"trust_id": "3-1574",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": 1,
"authorname": "modaluser3",
"allocations": [
{
"id": 256,
"value": 1000,
"total": 1000,
"channels": 3800,
"currencies": "GBP",
"operator": "flat",
"reversed": false,
"debit": {
"currencies": "GBP",
"total": 1000
},
"credit": {
"currencies": "GBP",
"total": 1000
}
}
],
"bookings": [
{
"id": 1082,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
}
],
"channels": 3799,
"content": "Succeeded",
"countries": "US",
"issuer_countries": "US",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "55df1e9edc8d2f673cdc6454a31034c187baf4835e9dcf08190f06dcaf4a8710",
"language": "enGB",
"last_four_digits": "1111",
"linked_id": null,
"payee_email": "kevinwindler@example.org",
"payee_name": "Kevin",
"payee_surname": "Windler",
"payment_ids": [
3021,
3022,
3023,
3024,
3025,
3026
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "Kevin Windler | kevinwindler@example.org | purchase",
"total_remaining": 9999,
"total": 9999,
"transaction_type": "purchase",
"transaction_types": "purchase",
"bin_number": "990206",
"card_type": "visa",
"card_types": "visa",
"token": "UWECJT2W",
"attempt_3ds": false,
"redirect_url": null,
"payment_methods": "credit-card",
"ip_address": "83.133.27.27",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1574"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the transaction. |
trust_id* |
string | Identifier for the transaction prefixed with Site ID. |
uuid* |
string | Unique identifier for the transaction. |
author* |
integer | Deprecated: The user ID of the author of the transaction. |
author_id* |
integer | The user ID of the author of the transaction. |
authorname* |
string | The username of the author of the transaction. |
status* |
string | The status of the transaction. Enum: complete, expired, failed, incomplete, locked, pending |
created* |
string | The date the transaction was created, in GMT. |
modified* |
string | The date the booking was last modified, in GMT. |
title* |
string | The name of the transaction. Auto generated from booking title and transaction type |
total_remaining* |
integer | The total available for refund, capture or void on the transaction. |
card_type* |
string | Deprecated: The card type used for the transaction as returned by the Payment Service Provider. Enum: visa, master, amex, jcb, diners, discover, other |
card_types* |
string | The card type used for the transaction as returned by the Payment Service Provider. Enum: visa, master, amex, jcb, diners, discover, other |
statement_date* |
string | The date that the transaction is available for statements. |
last_four_digits* |
string | Last four digits of the credit card used for the transaction. Can be set for protection only requests. Ignored in other requests |
forex* |
array | Forex applied to transaction (forex transaction only). These values will be auto-generated. |
forex_id* |
integer | ID of the forex transaction. |
forex_rate* |
string | Exchange rate applied to transaction (forex transaction only). This value will be auto-generated. |
payment_ids* |
array | IDs of credits and debits generated in relation to the transaction. |
adjustments* |
array | IDs of any transactions that adjusted this one. |
content* |
string | Payment gateway response |
language |
string | Mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
channels |
integer | Unique identifier for the channel the transaction is for. |
currencies |
string | The ISO 4217 value of the currency of the transaction. Enum: valid currencies |
total |
integer | The transaction total in cents. |
transaction_type* |
string | Deprecated: The transaction type |
transaction_types |
string | The transaction type N.B. chargeback, chargeback-override and chargeback-reversal are for admin use only. Enum: authorize, capture, chargeback, chargeback-reversal, chargeback-override, purchase, refund, retained_authorize, retained_purchase, vault, void |
allocations |
array | Allocate part of the transaction to another channel. |
bookings |
array | Funds allocation for the booking(s) the transaction is for. |
psp |
string | The payment service provider for the transaction. Must be a valid psp ID if channel is protection only |
payment_methods |
string | The payment method for the transaction. Enum: bank-transfer, credit-card |
payee_name |
string | The first name of the payer as registered to their payment method (e.g. cardholder name). |
payee_surname |
string | The surname of the payer as registered to their payment method (e.g. cardholder name). |
payee_email |
string | The email address of the payer. |
countries |
string | The ISO 3166-1 alpha-2 value of the country the payment method is registered in. Enum: valid countries |
issuer_countries* |
string | The ISO 3166-1 alpha-2 value of the country the credit card is registered in. |
token |
string | The transaction token. |
ip_address |
string | The IP address of the user requesting the transaction. |
bin_number |
string | BIN number of the credit card used for the transaction. |
attempt_3ds |
boolean | Whether to attempt to enable 3DSecure on this transaction. |
redirect_url |
string | UTF8 encoded URL to redirect APM requests to. |
linked_id |
integer | Unique identifier for the transaction that we are applying the transaction_type to. |
auth_code* |
string | Six digit authorization code generated by the bank when the transaction is created. |
hash* |
string | Hash of the transaction's id, total, status and created timestamp which is used to verify the transaction once created. |
*Readonly
Create Capture Transaction
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"language": "enGB",
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "capture",
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"language": "enGB",
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "capture",
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/wp-json/tmt/v2/transactions", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"language": "enGB",
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "capture",
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"language": "enGB",
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "capture",
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1578,
"uuid": "621f099c-2e52-3b77-a4e8-1d630fffff5f",
"trust_id": "3-1578",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:34",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": null,
"authorname": "",
"allocations": {
"id": 257,
"value": 1000,
"total": 1000,
"channels": 10342,
"currencies": "GBP",
"operator": "flat",
"reversed": false,
"debit": {
"currencies": "GBP",
"total": 1000
},
"credit": {
"currencies": "GBP",
"total": 1000
}
},
"bookings": {
"id": 342,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
},
"channels": 10165,
"content": "",
"countries": "GB",
"issuer_countries": "FR",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "309317e0793563971f3f4485dcb4a259132470aa5cf8e38c55441ea1e0bc139d",
"language": "enGB",
"last_four_digits": null,
"linked_id": 351,
"payee_email": "john.smith@example.org",
"payee_name": "John",
"payee_surname": "Smith",
"payment_ids": [
3030,
3031,
3032,
3033,
3034,
3035
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "John Smith | john.smith@example.org | capture",
"total_remaining": 9999,
"total": 9999,
"transaction_type": "capture",
"transaction_types": "capture",
"bin_number": 424242,
"card_type": null,
"card_types": null,
"token": "424242AbqWedkL4242",
"attempt_3ds": true,
"redirect_url": "https%3A%2F%2Fwww.example.com%2Fredirect-page%3Fid%3D12345",
"payment_methods": "credit-card",
"ip_address": "192.0.0.1",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1578"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions
If you opted to use the modal to create an authorize transaction by using the transactionType option you will need to capture the transaction via an API call. You can apply allocations at this stage if it suits your use case.
Schema
| Parameter | Type | Description |
|---|---|---|
language |
string | Mail receipt language. Enum: deDE, enGB, esES, frFR, itIT, jaJA, kkKK, koKO, lvLV, ptBR, roRO, ruRU, ukUK, uzUZ, zhZHDefault: enGB |
channels* |
integer | Unique identifier for the channel the transaction is for. |
currencies* |
string | The ISO 4217 value of the currency of the transaction. Enum: valid currencies |
total* |
integer | The transaction total in cents. |
transaction_types* |
string | capture |
allocations |
array | Allocate part of the transaction to another channel. |
bookings* |
array | Funds allocation for the booking(s) the transaction is for. |
linked_id* |
integer | Unique identifier for the transaction that we are applying the transaction_type to. |
*Required
Create Void Transaction
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "void",
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "void",
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/wp-json/tmt/v2/transactions", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "void",
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "void",
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1579,
"uuid": "c64f2c7a-aebc-3f3b-ad82-2964841fa304",
"trust_id": "3-1579",
"created": "2024-03-04 09:14:34",
"modified": "2024-03-04 09:14:34",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": null,
"authorname": "",
"allocations": [],
"bookings": {
"id": 342,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
},
"channels": 10165,
"content": "",
"countries": "GB",
"issuer_countries": "US",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "51b3f441997e8d8a7cf549f15b4b9ebcfa35125541892749cd492772fdccee87",
"language": "enGB",
"last_four_digits": null,
"linked_id": 351,
"payee_email": "john.smith@example.org",
"payee_name": "John",
"payee_surname": "Smith",
"payment_ids": [
3036
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "John Smith | john.smith@example.org | void",
"total_remaining": 0,
"total": 9999,
"transaction_type": "void",
"transaction_types": "void",
"bin_number": 424242,
"card_type": null,
"card_types": null,
"token": "424242AbqWedkL4242",
"attempt_3ds": true,
"redirect_url": "https%3A%2F%2Fwww.example.com%2Fredirect-page%3Fid%3D12345",
"payment_methods": "credit-card",
"ip_address": "192.0.0.1",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1579"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions
If you opted to use the modal to create an authorize transaction by using the transactionType option and decide not to go ahead with capturing the transaction, you should void the transaction via an API call.
Schema
| Parameter | Type | Description |
|---|---|---|
channels* |
integer | Unique identifier for the channel the transaction is for. |
currencies* |
string | The ISO 4217 value of the currency of the transaction. Enum: valid currencies |
total* |
integer | The transaction total in cents. |
transaction_types* |
string | void |
bookings* |
array | Funds allocation for the booking(s) the transaction is for. |
linked_id* |
integer | Unique identifier for the transaction that we are applying the transaction_type to. |
*Required
Update A Transaction
Make sure to replace
{{path}}with your site path, {{id}} with a valid transaction ID and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS => {
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("PUT", "/{{path}}/wp-json/tmt/v2/transactions/{{id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request PUT 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{id}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"allocations": [
{
"title": "Sundowner Game Ride",
"reference": "SG-GR-02349",
"description": "Tour of the game park at sundown complete with drinks and snacks.",
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
});
var requestOptions = {
'method: 'PUT',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1574,
"uuid": "726e5ec5-e4ce-3e96-810b-405f6bcf0309",
"trust_id": "3-1574",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": 1,
"authorname": "modaluser3",
"allocations": {
"id": 256,
"value": 1000,
"total": 1000,
"channels": 10342,
"currencies": "GBP",
"operator": "flat",
"reversed": false,
"debit": {
"currencies": "GBP",
"total": 1000
},
"credit": {
"currencies": "GBP",
"total": 1000
}
},
"bookings": {
"id": 342,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
},
"channels": 10165,
"content": "Succeeded",
"countries": "GB",
"issuer_countries": "US",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "55df1e9edc8d2f673cdc6454a31034c187baf4835e9dcf08190f06dcaf4a8710",
"language": "enGB",
"last_four_digits": "1111",
"linked_id": 351,
"payee_email": "john.smith@example.org",
"payee_name": "John",
"payee_surname": "Smith",
"payment_ids": [
3021,
3022,
3023,
3024,
3025,
3026
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "John Smith | john.smith@example.org | purchase",
"total_remaining": 9999,
"total": 9999,
"transaction_type": "purchase",
"transaction_types": "purchase",
"bin_number": 424242,
"card_type": "visa",
"card_types": "visa",
"token": "424242AbqWedkL4242",
"attempt_3ds": true,
"redirect_url": "https%3A%2F%2Fwww.example.com%2Fredirect-page%3Fid%3D12345",
"payment_methods": "credit-card",
"ip_address": "192.0.0.1",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1574"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
HTTP Request
PUT https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{id}}
Schema
| Parameter | Type | Description |
|---|---|---|
allocations |
array | Allocate part of the transaction to another channel. |
Allocations Schema
| Parameter | Type | Description |
|---|---|---|
title |
string | Optional title for the allocation |
reference |
string | Optional reference for the allocation |
description |
string | Optional description for the allocation |
channels* |
integer | Unique identifier for the channel the allocation is for. |
currencies* |
string | The ISO 4217 value of the currency the amount is in. Only required if operator is flat. Must match currency of allocation channel. Enum: valid currencies |
total* |
integer | Amount to allocate. |
operator* |
string | Whether to allocate a percentage or flat amount. Enum: percent, flat |
statement_date |
string | Optional release date for the allocation. Cannot be sooner than the default for the allocation channel |
*Required
- The channel that incurs charges must be left with sufficient funds to cover the cost of the charges.
- The total of all allocations + TMT's charges must not be greater than the transaction total.
- You cannot allocate on a transaction that has been paid out
- Allocations are only permitted from:
- test channel to test channel
- live channel to live channel
- live channel to affiliate channel
- Allocations cannot be made to channels with
account_mode: "protected-processing"if the channel allocating hasaccount_mode: "trust" - If allocation channel is
account_mode: "protected-processing", defaultstatement_dateis today - If allocation channel is
account_mode: "trust", defaultstatement_dateis date of booking - If allocation channel is
account_mode: "trust", and the channel has a trust override defined, the defaultstatement_dateis date of booking - trust override.
Refund A Transaction
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => {
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "refund",
"allocations": [
{
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
},
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
import json
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = json.dumps({
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "refund",
"allocations": [
{
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{token}}}}'
}
conn.request("POST", "/{{path}}/wp-json/tmt/v2/transactions", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request POST 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{token}}' \
--data-raw '{
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "refund",
"allocations": [
{
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
}
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer {{token}}");
var raw = JSON.stringify({
"channels": 10165,
"currencies": "GBP",
"total": 9999,
"transaction_types": "refund",
"allocations": [
{
"channels": 10342,
"currencies": "GBP",
"total": 1000,
"operator": "flat",
"statement_date": "2025-01-01"
}
],
"bookings": [
{
"id": 342,
"currencies": "GBP",
"total": 9999
}
],
"linked_id": 351,
});
var requestOptions = {
'method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 1582,
"uuid": "c91602b0-113e-3dc3-9c87-c541db908682",
"trust_id": "3-1582",
"created": "2024-03-04 09:14:34",
"modified": "2024-03-04 09:14:34",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": null,
"authorname": "",
"allocations": {
"id": 260,
"value": 1000,
"total": 1000,
"channels": 10342,
"currencies": "GBP",
"operator": "flat",
"reversed": true,
"debit": {
"currencies": "GBP",
"total": 1000
},
"credit": {
"currencies": "GBP",
"total": 1000
}
},
"bookings": {
"id": 342,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
},
"channels": 10165,
"content": "",
"countries": "GB",
"issuer_countries": "US",
"currencies": "GBP",
"forex_id": null,
"forex_rate": null,
"forex": null,
"hash": "dbbfbed41805feac85ecbfb6b0d078287664f961284047b1b934a272582220a4",
"language": "enGB",
"last_four_digits": null,
"linked_id": 351,
"payee_email": "john.smith@example.org",
"payee_name": "John",
"payee_surname": "Smith",
"payment_ids": [
3046,
3047,
3048
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "John Smith | john.smith@example.org | refund",
"total_remaining": 0,
"total": 9999,
"transaction_type": "refund",
"transaction_types": "refund",
"bin_number": 424242,
"card_type": null,
"card_types": null,
"token": "424242AbqWedkL4242",
"attempt_3ds": true,
"redirect_url": "https%3A%2F%2Fwww.example.com%2Fredirect-page%3Fid%3D12345",
"payment_methods": "credit-card",
"ip_address": "192.0.0.1",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1582"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
To refund a transaction, you make a POST request to the transactions endpoint and include a reference to the ID of the transaction being refunded in the linked_id field.
If you are refunding a transaction that included allocations, you can reverse the allocation by including an allocations object in the request. Note that the original transaction must not be released in order for allocations to be refunded.
HTTP Request
POST https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions
Schema
| Parameter | Type | Description |
|---|---|---|
channels* |
integer | Unique identifier for the channel the transaction is for. |
currencies* |
string | The ISO 4217 value of the currency of the transaction. Enum: valid currencies |
total* |
integer | The transaction total in cents. |
transaction_types* |
string | refund |
allocations |
array | Reverse an allocation made in the transaction being refunded. NB: Only applicable if the transaction being refunded involves allocations |
bookings* |
array | Funds allocation for the booking(s) the transaction is for. |
linked_id* |
integer | Unique identifier for the transaction that we are applying the transaction_type to. |
*Required
Allocation Schema
| Parameter | Type | Description |
|---|---|---|
channels* |
integer | Unique identifier for the channel the allocation reversal is for. |
currencies* |
string | The ISO 4217 value of the currency the amount is in. Only required if operator is flat. Must match currency of allocation channel. Enum: valid currencies |
total* |
integer | Amount to reverse from the initial allocation. |
operator* |
string | Whether to reverse a percentage or flat amount. Enum: percent, flat |
statement_date |
string | Optional release date for the allocation reversal. Cannot be sooner than the default for the allocation reversal channel |
*Required
Chargebacks
Chargebacks match transactions responses but have additional fields
{
"id": 1584,
"uuid": "8f93e531-8147-390d-9fab-c7643450f99c",
"trust_id": "3-1584",
"created": "2024-03-04 09:14:34",
"modified": "2024-03-04 09:14:34",
"author": null,
"status": "complete",
"adjustments": [],
"auth_code": null,
"author_id": null,
"authorname": "",
"allocations": [],
"bookings": [
{
"id": 1088,
"total": 9999,
"reference": "VENICE-12345",
"country": "IT",
"channels": "3799",
"currencies": "GBP"
}
],
"channels": 3799,
"content": "",
"countries": "GB",
"issuer_countries": "GB",
"currencies": "AUD",
"forex_id": 141,
"forex_rate": 1,
"forex": {
"id": 141,
"quote_id": 9006,
"supplied_rate": 1,
"created_at": "2024-03-04T09:14:34.000000Z",
"updated_at": "2024-03-04T09:14:34.000000Z"
},
"hash": "05072deadc814e76eab630fdb9dbbcfa40b545d431010f5ff0475de948bace2d",
"language": "enGB",
"last_four_digits": null,
"linked_id": 1583,
"payee_email": "daisyturcotte@example.org",
"payee_name": "Daisy",
"payee_surname": "Turcotte",
"payment_ids": [
3055
],
"psp": "aci",
"statement_date": "2024-03-04 00:00:00",
"title": "Daisy Turcotte | daisyturcotte@example.org | chargeback",
"total_remaining": 9999,
"total": 9999,
"transaction_type": "chargeback",
"transaction_types": "chargeback",
"bin_number": "598321",
"card_type": null,
"card_types": null,
"token": "JRMRGLWP",
"attempt_3ds": false,
"redirect_url": null,
"payment_methods": "credit-card",
"ip_address": "53.210.192.27",
"arn_number": "ARN1233444",
"chargeback_status": "applied",
"outcome_status": "in-progress",
"reason_code": "Services not provided",
"challenge_date": "2024-04-03",
"chargeback_date": "2024-03-04",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions/1584"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/transactions"
}
]
}
}
Chargebacks are applied to your account by TMG staff. Whenever a chargeback is applied, an email is sent to the email address for the channel notifying of the chargeback. Subsequent changes to the outcome status of a chargeback will result in further emails being sent to indicate the change in status.
Chargeback payloads contain relevant transaction and booking data along with additional fields indicating the ARN Number, reason for the chargeback, date the chargeback was raised and when a challenge is due along with the chargeback status and outcome status. All possible values for these fields shown below.
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/transactions/{{transaction_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
arn_number |
string | ARN Number (STR reference code) |
chargeback_status |
string | The current status of the chargeback Enum: applied, represented, accepted, pre-arbitration, not-representedDefault: applied |
outcome_status |
string | The outcome status of the chargeback Enum: in-progress, won, lost, reversed, reversed-previously-refundedDefault: in-progress |
reason_code |
string | Reason for chargeback Enum: Other, Fraudulent/Unrecognised Transaction, Services not provided, Cancelled Recurring Charge, Product/Services not as described, Credit not issued, Duplicate Payment, Incorrect Amount, Cancelled Services, Request for Support not FulfilledDefault: Other |
challenge_date |
string | The date of the challenge in Y-m-d format. |
chargeback_date |
string | The date of the chargeback in Y-m-d format. |
*Required
Forex
- Transactions that include forex are transactions where the booking total and currency are different from the transaction total and currency
- The booking object must always contain a booking in the base currency of the channel in use and a total in that currency
- The transaction currency can then be set to any currency that the channel provides rates for with the total being set to the converted value
- Any transaction that requires a bookings object can have forex applied to it
- When refunding a transaction that involved forex, the same currency and rate must be used as was used for the original transaction
Linked Transaction Rates
Obtain rate from transaction response.
{
"id": 23511,
"uuid": "cf19ae36-961e-4abd-a4f9-28fcbdcd6d37",
"trust_id": "3-23511",
"created": "2023-02-06 11:44:36",
"modified": "2023-02-06 11:44:47",
...
"bookings": [
{
"id": 22144,
"total": 5000,
"reference": "SOMEBOOKING",
"country": "GB",
"channels": "1918",
"currencies": "USD"
}
],
...
"currencies": "GBP",
...
"forex_rate": 0.8164,
...
"total": 4082,
...
}
If one of the following transactions is being created
The forex_rate returned in the original transaction response can used.
Alternatively, if you are processing the full amount shown in the response, you can simply reuse the totals and currencies shown.
Conversion
Conversion Example
const rate = 1.2155
const transactionTotal = 10000 * rate
Once you have obtained a valid rate the tranasction total is caluclated by multiplying it by the total of the booking that is to be acted on.
The rate acquired would give a transaction total of $121.55, which would be passed in as 12155
Payments
The payments endpoint returns all internal payments made against a transaction. These payments include processing fees, reserves, forex credits and allocations.
Get All Payments
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/payments", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 3021,
"trust_id": "3-3021",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"member_id": 3,
"currencies": "GBP",
"payment_types": "debit",
"total": 30,
"channels": 3799,
"transaction_id": 1574,
"payment_classifications": "tmt",
"content": "3799-1574: Transaction Fee",
"title": "3799-1574: Transaction Fee",
"statement_date": "2024-03-04 00:00:00",
"reversed": false
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
after |
all | Limit response to posts published after a given ISO8601 compliant date. |
before |
all | Limit response to posts published before a given ISO8601 compliant date. |
exclude |
all | Ensure result set excludes specific IDs. |
status |
all | Limit result set to posts assigned one or more statuses. |
channels |
all | Limit result set to all payments that have the specified terms assigned in the channels taxonomy. |
channels_exclude |
all | Limit result set to all payments except those that have the specified terms assigned in the channels taxonomy. |
payment_classifications |
all | Limit result set to all payments that have the specified terms assigned in the payment_classifications taxonomy. |
payment_classifications_exclude |
all | Limit result set to all payments except those that have the specified terms assigned in the payment_classifications taxonomy. |
payment_types |
all | Limit result set to all payments that have the specified terms assigned in the payment_types taxonomy. |
payment_types_exclude |
all | Limit result set to all payments except those that have the specified terms assigned in the payment_types taxonomy. |
Get A Payment
Make sure to replace
{{payment_id}}with a valid payment ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments/{{payment_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/payments/{{payment_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments/{{payment_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments/{{payment_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 3021,
"trust_id": "3-3021",
"created": "2024-03-04 09:14:33",
"modified": "2024-03-04 09:14:33",
"member_id": 3,
"currencies": "GBP",
"payment_types": "debit",
"total": 30,
"channels": 3799,
"transaction_id": 1574,
"payment_classifications": "tmt",
"content": "3799-1574: Transaction Fee",
"title": "3799-1574: Transaction Fee",
"statement_date": "2024-03-04 00:00:00",
"reversed": false
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/payments/{{payment_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the payment. |
trust_id* |
string | Identifier for the payment prefixed with Site ID. |
member_id* |
integer | Member ID. |
created* |
string | The date the payment was created, in GMT. |
modified* |
string | The date the payment was modified, in GMT. |
title* |
string | The title of the payment. |
content* |
string | Description of the payment. |
currencies* |
string | The ISO 4217 value of the currency of the payment. Enum: valid currencies |
payment_types* |
string | The type of payment. Enum: credit, debit |
total* |
integer | The payment total in cents. |
channels* |
integer | Unique identifier for the channel the payment belongs too. |
transaction_id* |
integer | Unique identifier for the transaction that triggered the payment. |
payment_classifications* |
string | The classification of the payment. Enum: allocation, chargeback-fee, forex, reserve, statement, tmt |
statement_date* |
string | The date that the payent is available for statements. |
reversed* |
boolean | Whether the payment has been subsequently reversed. |
*Readonly
Statements
On Monday and Friday of every week, a statement will be generated indicating total money in and deductions.
Get All Statements
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/statements", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"member_id": 3,
"id": 62,
"trust_id": "3-62",
"status": "pending",
"title": "3799-rodriguez-greenholt1709543672-",
"statement_date": "2024-02-19 00:00:00",
"modified_date": "2024-03-04 09:14:34",
"date_range": {
"start": "2024-02-16 00:00:00",
"end": "2024-02-18 00:00:00"
},
"channels": "3799",
"statement_batches": "",
"credits": {
"gross_booking_transactions": 68752,
"reserve_release": 7670,
"forex_commission": 792,
"allocations": 0,
"chargeback_reversals": 5241,
"chargeback_overrides": 0,
"carried_over_to_next_statement": 0,
"total": 82455
},
"debits": {
"reserve": 6875,
"purchase_charges": 2616,
"authorize_charges": 0,
"allocations": 0,
"capture_charges": 0,
"void_charges": 0,
"refunds": 1365,
"refund_charges": 30,
"chargebacks": 4733,
"chargeback_charges": 3000,
"owing_from_previous_statement": 0,
"total": 18619
},
"release_fee": 0,
"total": 63836,
"currencies": "GBP",
"booking_transactions": [],
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/statements/62"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/statements"
}
]
}
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
after |
all | Limit response to posts published after a given ISO8601 compliant date. |
before |
all | Limit response to posts published before a given ISO8601 compliant date. |
exclude |
all | Ensure result set excludes specific IDs. |
status |
all | Limit result set to items assigned one or more statuses. |
channels |
all | Limit result set to all statements that have the specified terms assigned in the channels taxonomy. |
currencies |
all | Limit result set to all statements that have the specified terms assigned in the currencies taxonomy. |
Get A Statement
Make sure to replace
{{statement_id}}with a valid statement ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"member_id": 3,
"id": 62,
"trust_id": "3-62",
"status": "pending",
"title": "3799-rodriguez-greenholt1709543672-",
"statement_date": "2024-02-19 00:00:00",
"modified_date": "2024-03-04 09:14:34",
"date_range": {
"start": "2024-02-16 00:00:00",
"end": "2024-02-18 00:00:00"
},
"channels": "3799",
"statement_batches": "",
"credits": {
"gross_booking_transactions": 68752,
"reserve_release": 7670,
"forex_commission": 792,
"allocations": 0,
"chargeback_reversals": 5241,
"chargeback_overrides": 0,
"carried_over_to_next_statement": 0,
"total": 82455
},
"debits": {
"reserve": 6875,
"purchase_charges": 2616,
"authorize_charges": 0,
"allocations": 0,
"capture_charges": 0,
"void_charges": 0,
"refunds": 1365,
"refund_charges": 30,
"chargebacks": 4733,
"chargeback_charges": 3000,
"owing_from_previous_statement": 0,
"total": 18619
},
"release_fee": 0,
"total": 63836,
"currencies": "GBP",
"booking_transactions": [],
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/statements/62"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/statements"
}
]
}
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the statement. |
trust_id* |
string | Identifier for the statement prefixed with Site ID. |
member_id* |
integer | Member ID. |
modified_date* |
string | The date the statement was modified, in GMT. |
statement_date* |
string | The date the statement was created, in GMT. |
date_range* |
object | The date and time range within which all transactions and payments for the statement took place, in GMT |
status* |
string | The status of the statement. Enum: pending, publish |
title* |
string | The title of the statement. |
channels* |
integer | Unique identifier for the channel the statement belongs too. |
currencies* |
string | The ISO 4217 value of the currency of the statement. Enum: valid currencies |
booking_transactions* |
array | Transactions and Payments ordered by booking. Deprecated. |
credits* |
object | Credits applied to the statment. |
debits* |
object | Debits applied to the statment. |
release_fee* |
integer | The statement release fee in cents. |
total* |
integer | The statement total in cents. |
statement_batches* |
string | The statement batch ID that the statement is for. |
*Readonly
Get A Statement Export
Make sure to replace
{{statement_id}}with a valid statement ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}?csv_url=true',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}?csv_url=true", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}?csv_url=true' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}?csv_url=true", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"member_id": 3,
"id": 62,
"trust_id": "3-62",
"status": "pending",
"title": "3799-rodriguez-greenholt1709543672-",
"statement_date": "2024-02-19 00:00:00",
"modified_date": "2024-03-04 09:14:34",
"date_range": {
"start": "2024-02-16 00:00:00",
"end": "2024-02-18 00:00:00"
},
"channels": "3799",
"statement_batches": "",
"credits": {
"gross_booking_transactions": 68752,
"reserve_release": 7670,
"forex_commission": 792,
"allocations": 0,
"chargeback_reversals": 5241,
"chargeback_overrides": 0,
"carried_over_to_next_statement": 0,
"total": 82455
},
"debits": {
"reserve": 6875,
"purchase_charges": 2616,
"authorize_charges": 0,
"allocations": 0,
"capture_charges": 0,
"void_charges": 0,
"refunds": 1365,
"refund_charges": 30,
"chargebacks": 4733,
"chargeback_charges": 3000,
"owing_from_previous_statement": 0,
"total": 18619
},
"release_fee": 0,
"total": 63836,
"currencies": "GBP",
"booking_transactions": [],
"_links": {
"self": [
{
"href": "https://localhost/tmt-test/wp-json/tmt/v2/statements/62",
"csv": "https://tmt-statements.s3.eu-west-1.amazonaws.com//3/3799/3799-rodriguez-greenholt1709543672-.zip?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIATUEVSS5OMXONFKNV%2F20210707%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20210707T141334Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Signature=aeca51e588bd166660f0cd246706be93f5d53e0fedeee46fe0f81743672537ca"
}
],
"collection": [
{
"href": "https://localhost/tmt-test/wp-json/tmt/v2/statements"
}
]
}
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/statements/{{statement_id}}?csv_url=true
As well as viewing a single statement, you can also request a URL for a CSV download that includes the transactions that the statement is based on. This is done by including the csv_url parameter and setting it to true
The URL for the CSV download will be included in response._links.self[0].csv
Ledger
The ledger endpoint returns all monies ready for release in the next payout period. This includes published statements and ad-hoc credits and debits.
Get All Ledger Entries
Make sure to replace
{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/ledger", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
[
{
"id": 24,
"channels": 3799,
"title": "3799-rodriguez-greenholt1709543672-",
"type": "credit",
"total": 63836,
"status": "pending",
"currencies": "GBP",
"related": {
"type": "statements",
"id": 62
},
"ledger_entry_date": "2024-03-04 09:14:34",
"modified_date": "2024-03-04 09:14:34",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/ledger/24"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/ledger"
}
]
}
}
...
]
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger
Query Parameters
| Parameter | Default | Description |
|---|---|---|
include |
all | Limit result set to comma separated list of IDs. |
page |
1 | Page of the collection to view. |
per_page |
100 | Maximum number of items to be returned per page. |
order |
asc | Enum: asc, desc |
orderby |
id | Sort collection by defined attribute. |
after |
all | Limit response to ledger entries created after a given ISO8601 compliant date. |
before |
all | Limit response to ledger entries created before a given ISO8601 compliant date. |
status |
all | Limit result set to items assigned one or more statuses. |
channels |
all | Limit result set to ledger entries assigned to the specified channel. |
aggregate |
null | Enum: total |
Get A Ledger Entry
Make sure to replace
{{ledger_id}}with a valid ledger ID,{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger/{{ledger_id}}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/ledger/{{ledger_id}}", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger/{{ledger_id}}' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger/{{ledger_id}}", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"id": 24,
"channels": 3799,
"title": "3799-rodriguez-greenholt1709543672-",
"type": "credit",
"total": 63836,
"status": "pending",
"currencies": "GBP",
"related": {
"type": "statements",
"id": 62
},
"ledger_entry_date": "2024-03-04 09:14:34",
"modified_date": "2024-03-04 09:14:34",
"_links": {
"self": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/ledger/24"
}
],
"collection": [
{
"href": "https://tmtprotects.com/tmt-test/wp-json/tmt/v2/ledger"
}
]
}
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger/{{ledger_id}}
Schema
| Parameter | Type | Description |
|---|---|---|
id* |
integer | Unique identifier for the ledger entry. |
channels* |
integer | Unique identifier for the channel the ledger entry belongs to. |
title* |
string | The ledger entry title. |
type* |
string | Indicates whether the ledger entry is a debit or credit transaction. Enum: debit, credit |
total* |
integer | The ledger entry total in cents. |
status* |
string | Indicates whether the ledger entry is pending or has been published. Enum: pending, publish |
currencies* |
string | The ISO 4217 value of the currency associated with the channel of the ledger entry. Enum: valid currencies |
related* |
object | The original item related to the ledger entry. |
ledger_entry_date* |
string | The date the ledger entry was created, in GMT. |
modified_date* |
string | The date the ledger entry was modified, in GMT. |
*Readonly
Get Channel Total in Ledger
Make sure to replace
{{channel_id}}with a valid channel ID,{{status}}with "pending" for ledger owing or "publish" for ledger paid{{path}}with your site path and{{token}}with a valid API token.
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger?channels={{channel_id}}&status={{status}}&aggregate=total',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {{token}}'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
import http.client
conn = http.client.HTTPSConnection("tmtprotects.com")
payload = ''
headers = {
'Authorization': 'Bearer {{token}}'
}
conn.request("GET", "/{{path}}/wp-json/tmt/v2/ledger?channels={{channel_id}}&status={{status}}&aggregate=total", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
curl --location --request GET 'https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger?channels={{channel_id}}&status={{status}}&aggregate=total' \
--header 'Authorization: Bearer {{token}}'
var myHeaders = new Headers();
myHeaders.append("Authorization", "Bearer {{token}}");
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
fetch("https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger?channels={{channel_id}}&status={{status}}&aggregate=total", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
The above command returns JSON structured like this:
{
"total": "63836"
}
HTTP Request
GET https://tmtprotects.com/{{path}}/wp-json/tmt/v2/ledger?channels={{channel_id}}&status={{status}}&aggregate=total
Errors
The API uses the following error codes:
| Error Code | Meaning |
|---|---|
| 400 | Bad Request -- Your request is invalid. |
| 401 | Unauthorized -- Your API key is wrong. |
| 403 | Forbidden -- You do not have permissions to view this resource or perform this action. |
| 404 | Not Found -- The item could not be found. |
| 500 | Internal Server Error -- We had a problem with our server. Try again later. |
| 504 | Server Timeout -- Our server timed out performing the request. Try again later. |
Changelog
3.6.1
- Fixed bug where window.onload was not reset ahead of the transaction_result_available callback being triggered. This results in warning dialogs being served to the user if a redirect is attempted within the callback.
3.6.0
- Addition of transaction_result_available callback
- Forced lookups on 3DS outcome
3.5.0
- Prevent AMEX transactions on non-supported currency
- Rename currency and language picker IDs to prevent duplicate declarations
- Fixed bug where transaction_logged callback is triggered twice
- Improvements to 3DS validation outcome look-up
- Enhancements for use with new payment gateway
3.4.0
- Additional browser data captured for 3DS2 transactions
- Updates to TMT branding
- Fixed bug where not all available payment currencies were made available
3.3.0
- Added enhancements for 3DS2
- Added support for the following payment methods:
- Alipay
- Giropay
- iDEAL
- Installments
- Rapipago
- Sofort
3.1.0
- Patch for bug where card tokeniser used incorrect environment settings.
3.0.2
- Patch for bug where card tokeniser used incorrect environment settings.