The Pay Order endpoint is used to complete a payment for an order using a selected payment method (e.g., Card, Bank Transfer, or Opay). To ensure secure transmission, the payload must be encrypted using RSA PKCS#1 v1.5 encryption before being sent.

ℹ️
Important
You must first Create an Order before calling this endpoint. The reference used here must be the one returned from the Create Order response.

Payload Structure (Before Encryption)

Below is a combined table of all supported payment methods and their required fields:

Key	Type	Description	Required	Applies To
`reference`	`string`	Unique reference of the order to be paid	✅	All
`paymentoption`	`string`	Payment method: `"C"` for Card, `"bank-transfer"`, or `"Opay"`	✅	All
`country`	`string`	2-letter ISO 3166-1 country code (e.g., `"NG"`)	✅	Card, BankTransfer
`card.cardnumber`	`string`	16-digit card number	✅	Card
`card.expirymonth`	`string`	2-digit expiry month (e.g., `"01"`)	✅	Card
`card.expiryyear`	`string`	2-digit or 4-digit expiry year (e.g., `"39"`)	✅	Card
`card.cvv`	`string`	3-digit card CVV code	✅	Card
`BankTransfer`	`object`	Placeholder for bank transfer metadata (currently empty)	✅	Bank Transfer
`card.authOption`	`string`	Authentication options (valid values are `"NOAUTH"` or `"PREAUTH"`)	❌	Card

🔐 Encryption Requirements

Encrypt the payload using RSA PKCS#1 v1.5.
The encrypted data should be Base64-encoded before being sent.
Use the public key provided by TransactPay.
Follow our guide to implement this Encryption

Sample Raw Payloads (Before Encryption)

Pay With Card


{
  "reference": "ORDER123456",
  "paymentoption": "C",
  "country": "NG",
  "card": {
    "cardnumber": "5123450000784608",
    "expirymonth": "01",
    "expiryyear": "39",
    "cvv": "193"
  }
}

Pay With Bank Transfer


{
  "reference": "ORDER123456",
  "paymentoption": "bank-transfer",
  "country": "NG",
  "BankTransfer": {}
}

Pay With Opay


{
  "reference": "ORDER123456",
  "paymentoption": "Opay"
}

Pay With Momo (KES)

{
    "reference": "ORDER123456",
    "paymentoption": "momo",
    "country": "",
    "mobileMoney": {
        "mobileNumber": "2340000000000"
    }
}

Final Request Payload Format

After encrypting the payload:


{
  "data": "{{encrypteddata}}"
}

data: Base64-encoded RSA PKCS#1 v1.5 encrypted string of the JSON payload.

Response


{
  "data": {
    "paymentDetail": {
      "redirectUrl": "https://core-api-service.ideospay.dev/web/card/authorize/CPF046D30F-3F82-4A9A-B2AD-AC5AE3480D8F/initiate",
      "recipientAccount": null,
      "paymentReference": "CPF046D30F-3F82-4A9A-B2AD-AC5AE3480D8F"
    },
    "bankTransferDetails": null,
    "orderPayment": {
      "orderId": 26,
      "orderPaymentReference": "PGW-PAYREF-96C2ABCB218C43329037E47268F74195",
      "currency": "NGN",
      "statusId": 2,
      "orderPaymentResponseCode": "02",
      "orderPaymentResponseMessage": "pending-authenticaion",
      "orderPaymentInstrument": null,
      "remarks": "Order payment initiated",
      "totalAmount": 114,
      "fee": 14
    }
  },
  "status": "success",
  "statusCode": "02",
  "message": "Card order created successfully"
}

ℹ️
The redirect URL is link to continue and complete the payment for card payments.