About our API

Direct vs redirect API requests

In our API, you can make direct and redirect requests.

Direct requests

Direct requests connect directly to the specified payment method and either:

  • Generate a direct link to the payment method, e.g. specifying iDEAL in the gateway parameter takes the customer to the payment page of their bank.
  • Complete the transaction immediately without the customer having to do anything.

You can make direct …

Google Analytics tracking via our API

You can track the behavior of your customers through Google Analytics tracking.

This only applies to redirect requests. When the customer reaches the MultiSafepay payment page, the UA-code is generated and appears in the HTML.

Tracking isn’t available for direct requests because the customer doesn’t go to a MultiSafepay payment page between your checkout and success page.

Notification URL

Notifications are webhooks where the API notifies your web server when the status of a transaction changes. They are triggered by actions by:

  • Customers, e.g. completing a payment
  • Merchants, e.g. processing a refund

We add 2 parameters to the notification request:

  • transaction_id
  • timestamp

For POST requests, we add the order data to the request body.

You can ignore requests if:

  • We request the …
Locale parameter

The locale parameter is used to:

  • Localize MultiSafepay payment pages for the customer’s language, region, and available payment methods.
  • Set any special preferences for the user interface.
  • Send email templates in the customer’s preferred language.
    If an email template is set for a German customer, but the locale parameter is set to en_US, the English email template is sent instead of …
Redirect URL

The redirect_url is the URL of your success/thank you page, where customers are directed after successfully completing payment, or if the transaction status is Uncleared.

Note: Customers never see an Uncleared status. They are still redirected to the success page. For more information, see Evaluating Uncleared transactions.

Unmasking IBAN numbers

International bank account numbers (IBANs) are sensitive data.

For security reasons, we mask IBANs by default in:

When masked, only the last 4 digits of the IBAN are visible, e.g. *** 1234.

Unmasking IBANs

You can still perform most business operations with masked IBANs, e.g. processing refunds.

To unmask IBANs for a specific website, follow …

API request pagination

Some requests can return a lot of results, e.g. GET /transactions. To make responses easier to handle, we paginate the results. You can specity how many results to return per request using the limit parameter.

To access the next page of the response, use the after cursor from the pager object in the response. When you make subsequent requests, use the most recently returned after cursor to refresh …

Deprecated XML API

Our XML API was superceeded by the JSON API.

You can still use the XML endpoint to process transaction requests, but new payment methods, features, and tools are only supported by the JSON API.

Payment method gateway IDs

The table below sets out the gateway identifiers for all payment methods, and the supported request types.

Payment method Gateway ID Request type
AfterPay AFTERPAY Redirect
Alipay ALIPAY Redirect, direct
American Express AMEX Redirect
Apple Pay APPLEPAY Redirect
Bancontact MISTERCASH Redirect
Bank Transfer BANKTRANS Redirect, direct
Belfius BELFIUS Redirect, direct
Betaal per …


Propose a change on GitHubexternal-link-icon or
send an email to [email protected]

Other languages

For an explanation in another language, contact your account manager.