North SI API Integration Guide

North Semi-Integrated Cloud API

ProductsNorth SI Cloud API Integration Guide
semi-integratedpostman

Environment	Base URL
Sandbox	https://proxy.payanywhere.dev
Production	https://proxy.payanywhere.com

How To Start

Sign up for a free North Developer account.
Contact us for Sandbox credentials that can be used to try out this product in a test environment.
Use the guide below or the Postman Collection to build your app. Resources to assist with development are provided here.
When logged in, you can use the Integration Tracker to view the status of your integration, notes from meetings with Integration Engineers, resources related to your solution, and more by clicking the User profile icon in the top right corner of the screen and selecting Integrations.
When development is complete, contact us to certify your integration. Once certified, the merchant or an authorized contact will be able to retrieve Production credentials from the API Access page of your Production Payments Hub account. For more information about using Payments Hub, visit the Help Center.

How To Test

Order a compatible PAX smart terminal.
When you receive the terminal, the North Sandbox App will be preinstalled. If two Sandbox apps are installed on your device, use the app named “North.” You won’t need to do anything with the app named “North Sandbox Installer” at this time.
Connect the terminal to the internet, launch the North Sandbox App and login with your Payments Hub username and password.
Test transactions can be submitted to the terminal, and the test card data below can be keyed in on the terminal’s keypad to complete transactions in the Sandbox environment:
- Card #: 4000000000000002
- Exp: 12/25
- Zip: 12345
- CVV: 123
You will receive mocked responses that match the responses returned by the payment processor in the Production environment. A complete list of transaction response codes can be viewed here.

Introduction

The North Semi-Integrated API can be used to send Sale and Pre-auth transaction requests from a partner’s cloud-based software to supported physical card readers/terminals paired with the “North - Point of Sale" mobile app, allowing partners to accept card-present payments.

This API leverages the "North - Point of Sale" mobile app (available on iOS, Android, and PAX), which has geo-location restrictions that limit usage to the United States. Compatible hardware includes devices the "North - Point of Sale" mobile app currently supports, such as PAX smart terminals.

Process Flow

The partner’s software initiates the transaction request via RESTful API to the North server.
North's server sends a push notification to the “North" app installed on the mobile device, prompting the customer for payment on the terminal/card reader.
The customer completes the transaction with their card on the terminal/card reader.
The transaction is processed through North and North's in-house processor, EPX.
The “North" app receives and displays a generic transaction response, including a transaction approved or declined message.
Optionally, the partner’s software can receive a detailed transaction response via the North Webhook. This response contains non-sensitive transaction information including a transaction ID, which can be used for subsequent card-not-present transactions, such as refunds and voids, preauthorization adjustments, and captures. This custom webhook configuration is required for the partner’s application to receive the real-time transaction responses.

Setup

Login to the “North” sandbox application with your Payments Hub merchant username and password.
To initiate the transaction request, you will need to make calls to two API endpoints.

a. The first call is to authenticate. You can make this call using a variety of server-side languages or libraries of your choice. Here are the details for this request:

Method: POST
Request URL: https://proxy.payanywhere.dev/auth
Headers:

Name	Value	Description
Content-Type	application/json	Required. Content type of message. For most messages, this will be the default.
Content-Length	1234	Required. This value should be set to the exact length of the message body you are sending.
x-nabwss-appsource	pa_isv_1234567890abc	Required. This value is specific to each individual API account and can be located on the Payments Hub "API Access" page. For example, ISVs selling an application to multiple companies would use a different value for each company. Similarly, if a user has multiple accounts (MIDs) with us, the value for the x-nabwss-appsource header would be different for each MID.

Request Body


{
  "mid": "Your MID",
  "developerKey": "Your Developer Key",
  "password": "Your Auth Password"
}

JSON Response


{
  "accountId": "Account ID",
  "mid": "Your MID",
  "token": "JWT"
}

When authentication is successful, you will receive a JSON response which includes a "token" field. The value in this field will be used in the next step.

b. The second API call is to send a push notification with the transaction request to the North mobile application that is paired with the card reader/terminal. There are two transaction type options you can initiate through the push notification endpoint:

1. sales: a standard authorize & capture transaction
2. pap: a pre-authorization/authorize-only transaction. If a pre-authorization adjustment is made using the "Submit Subsequent Transaction" endpoint with the "pap_adjust" transaction type, no push notification is sent.

Method: POST
Request URL: https://proxy.payanywhere.dev/accounts/{accountId}/notification
Headers:

Name	Value	Description
Content-Type	application/json	Required. Content type of message. For most messages, this will be the default.
Content-Length	1234	Required. This value should be set to the exact length of the message body you are sending.
Authorization	Bearer {JWT}	Required. JWT should be replaced with the JSON web token received from the latest authorization.
x-nabwss-appsource	pa_isv_1234567890abc	Required. This value is specific to each individual API account and can be located on the Payments Hub "API Access" page. For example, ISVs selling an application to multiple companies would use a different value for each company. Similarly, if a user has multiple accounts (MIDs) with us, the value for the x-nabwss-appsource header would be different for each MID.
x-forwarded-for	forwardIp	Optional.

Request Body

Always required

Name	Value	Description
type	sales, pap	This identifies what type of transaction you would like to process. The value options are (1) sales for an ecommerce Authorize and Capture transaction, and (2) pap for a pre-authorization transaction.
amount	1.23	Any amount in x.xx format.
email	username@email.com	Required when multiple devices with different usernames are being used under a single MID, otherwise optional. This field is to specify the username that is logged into the North mobile app connected to the device you are intending to communicate with.

Optional

Name	Value	Description
invoice	123abc	This is an optional string field. If included, the iOS or Android push notification integration will pass along to webhook JSON payload's extra section.
tokenization	false	If recurring billing is needed, you can tokenize card data for future payments or pre-authorizations by including 'tokenization: true' in your request. You will receive the 'tokenized_card' property in your response, which is a secure, non-sensitive value that can be saved and included in future requests.

Example Sale Request


{
  "type": "sales",
  "amount": "2.00",
  "email": "email@address.com"
}

Example Pre-Auth Request


{
    "type": "pap",
    "amount": "2.00",
    "email": "email@address.com"
}

Response


{
    "id": "18",
    "devices": [
        {
            "token": "e01010dbdb67196ac37da3992e89896216968a5199da367361937dac114a4b62",
            "sent": true,
            "type": "ios"
        },
        {
            "token": "dD9f-wtD4kY:APA91bHp4m-OaWDlqvKuaNWC9jGh5J3CEruAnXO7qOpkmfcvDvjwyk0mCztT0Oeqlhlcm240EGCHbkUcdJqES1ytczmJtzEeBhzN4thdRrU6xnccDllPZGyfJnv36gR5FEdHm3VWqB2N",
            "sent": false,
            "reason":"BadDeviceToken",
            "type": "android"
        }
    ]
}

Optionally, build a page to receive the webhook response with details of the attempted payment. The address of this page must match the webhook URL you entered in your Payments Hub API Access page. The response will look similar to the following:


{
    "unique_id":"ccs_123456789",
    "auth_code":"01234A",
    "amount":2.00,
    "status":"APPROVED",
    "is_partial_auth":false,
    "requested_amount":2.00,
    "parent_id":"",
    "receipt_id":123456789,
    "bric":"",
    "signature_id":null,
    "invoice_number":"12345",
    "extra":
        {
            "invoice":"12345",
            "tokenized_card":null
        },
    "mid":"9999999999999"
}

Parameter	Description
unique_id	Unique ID for this transaction, provided by North. You can use this field in the North system to track your transaction
auth_code	Auth code for this transaction
amount	Authorized charged amount that was applied on this transaction
status	Either “APPROVED” or “DECLINED”
is_partial_auth	A partial auth transaction occurs when you try to charge a card a certain amount, i.e. $20, but that card has only a portion of that amount available, i.e. $15, and your transaction is partially approved with $15. For example, this could occur with a gift card
requested_amount	Requested charge amount
receipt_id	Receipt ID
bric	EPX processor-level token
invoice_number	An invoice id provided by you. You can use this id to match between a transaction request that was sent by your web app and a transaction response that will be sent to your external notification URL
tokenized_card	North card token that can be used for future payments

a. Based on the response (approval, decline, etc.), your application can present any relevant information to the user and continue your desired user experience.

b. For all sale and pre-authorization transactions sent through the North Semi-Integrated API, the webhook response will include a transaction ID, which your application can store and use for subsequent card-not-present transactions, including refunds and voids, preauthorization adjustments, and captures.