What is an API Call?

September 15, 2022

Introduction

By allowing two applications to interact, APIs make activities such as browsing and shopping quick, effortless, and seamless.  

To use APIs successfully, developers and businesses need to know how to integrate with them. Every API comes with API documentation outlining when and how an API is used. Such documentation often includes the term API call.

Find out what API calls are and how to use them.

What is an API call?

What is an API Call?

An API call (also called an API request) is how a client application and an API endpoint (the point of access to a server or program) communicate.

Every API call is initiated by the client application. The process consists of the following steps:

  1. A client application submits a request to an API endpoint.
  2. The API endpoint passes the request to the API.
  3. The API performs the requested action.
  4. The API endpoint informs the client application about the outcome.

API calls can be made using virtually any programming language as long as it is supported by the API.

The two basic ways to make an API call are:

  • By requesting a URL in a web browser.
  • By performing a cURL request through a terminal.

In both cases, APIs communicate with client applications using the HTTP protocol, meaning they utilize the five basic HTTP functions, which are:

  1. GET – Retrieve data.
  2. POST – Create data.
  3. PUT – Update existing data.
  4. PATCH – Update a part of existing data.
  5. DELETE – Delete data.
HTTP methods for API requests.

REST APIs return a value for all functions while SOAP APIs only respond to POST. However, API owners reserve the right to prevent the API from responding to certain types of requests.

API Calls and Their Relationship with API Protocols

Modern day APIs are used to access, manage, and manipulate vast amounts of data, calling for more complex API calls.

Complex API calls are achieved through established API-building protocols, patterns, and best practices. Some of the most popular API protocols are:

How to Make an API Call

The structure of an API call depends on the API type, architectural style, and communication protocol. API providers maintain documentation that explains how to structure an API call and lists resource locations (URL endpoints) for their service.

For example, RESTful API calls using the HTTP protocol consist of 5 elements:

  • Verb − Identifies the HTTP request function (i.e., GET, POST, DELETE, PUT, PATCH).
  • URI (Uniform Resource Identifier) − The URI identifies the location of the resource on the server.
  • HTTP Version − Indicates the HTTP version (for example, v1 or v2).
  • Request Headers − An HTTP header is a name-value pair that contains additional information about the resource or the client initiating the call. This includes authorization data, authentication methods, browser types, formats supported by the client, etc.
  • Request Body − The content (parameters) of the call message in the specified data format.

The following steps illustrate what actions a client needs to take when making an API call.

Step 1: Authentication and Authorization

API providers want to protect server resources by authenticating API calls before authorizing a request. Non-essential server resources are often protected using Basic Auth; however, APIs that exchange sensitive customer information use bearer tokens and the OAuth 2.0 standard to authenticate API calls.

To authenticate API calls:

  1. Clients need to register their applications with the API provider.
  2. The API provider awards each client a unique secret key.
  3. The client requests an access token by sending a structured API call containing the private key to the provider-designated endpoint.
  4. The client receives a randomly generated access token. An access token is a character string that grants a client application permission to call an API and access protected resources.
  5. Every time clients send an API call; they must provide the access token in the Header element.

Step 2: Identify API Endpoints

Endpoint URLs tell API users where to send the API calls.

API providers try to define and group endpoints to reflect the logical structure of server resources. Usually, an API service shares the same base URL, while the endpoint URI varies for each resource.

For example, CCBill’s RESTful Transaction API uses distinct endpoints for different actions a client can initiate with their API calls.

The CCBill RESTful API base URL is https://api.ccbill.com.

The endpoint URL for generating a payment token uses the /payment-tokens resource:

https://api.ccbill.com/payment-tokens/merchant-only

If a merchant wants to verify the customer’s identity before creating a payment token (by requesting a CVV2 code), they need to use a different endpoint:

https://api.ccbill.com/payment-tokens/merchant-only-verify

The created token is then passed to a third endpoint in a transaction request:

https://api.ccbill.com/transactions/payment-tokens/{payment_token_id}

This endpoint enables merchants to bill a customer.

Merchants need to identify which endpoint provides the services they need and follow the documentation to the letter for this process to be successful.

Step 3: API Call Header

An API header contains API call metadata like acceptable media types and authorization information. For example, CCBill requires merchants to provide their bearer token in the request header before authorizing an API request:

<?php
$request = new HttpRequest();
$request->setUrl('https://api.ccbill.com/payment-tokens/merchant-only-verify');
$request->setMethod(HTTP_METH_POST);
//Headers begin here
$request->setHeaders(array(
'Cache-Control' => 'no-cache',
'Authorization' => 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsibWNuLXRyYW5zYWN0aW9uLXNlcnZpY2UiLCJtY24tYWRtaW4tc2VydmljZSJdLCJzY29wZSI6WyJjcmVhdGVfdG9rZW4iLCJyZWFkX3Rva2VuIiwiY2hhcmdlX3Rva2VuIiwiY3JlYXRlX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW0iLCJjcmVhdGVfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIiwicmVhZF9wcm9ncmFtX3BhcnRpY2lwYXRpb24iLCJtb2RpZnlfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIl0sImV4cCI6MTUzNzM4MDczNiwiYXV0aG9yaXRpZXMiOlsiTUNOX0FQSV9UT0tFTl9DSEFSR0VSIiwiTUNOX0FQSV9UT0tFTl9DUkVBVE9SIiwiTUNOX0FQSV9BRE1JTiJdLCJqdGkiOiI4YzI2Njg1MC00NjMzLTQzZDMtYjZjOC1lNzIyY2ExNjQ1YTUiLCJjbGllbnRfaWQiOiI1MjE3NjhhYTc1OGQxMWU4YWE2YjAwNTA1NjlkMTU4NSJ9.HRYXZFATkIcI2_LJ1W_xo67IfBnbN9atyYNzyHqseLxYUxzgwBsAV5rNqCixKemOrDIeQLBN4jrwRsBIHDpEvshwBC8XmTodDJzpGmMaU9s1r20RV68X0_d1yTgSDke_Of7VCrVmJRbSuDl7AgsfTqQ1J7nWyu9vcIaER93ms-vadser_Ot9Z68_HAmCJL3DCLpdIFq3PYtBMKKKqXbvhfhSZQZD3b6-aewAnBo0VzpvK6tREqw1rv9_73oAvYcW2aHAj79ILr8viWMM40LyDKMMYOYkneg3hJUQsUVeh9WzztYUJKzERYNXje9fYIGN-eofoLvX7OZJ3eXmIfkrfQ',
'Content-Type' => 'application/json'
));
// Headers end here
$request->setBody('{ "clientAccnum": 900000, "clientSubacc": 0, "customerInfo": { "customerFname": "Tyler", "customerLname": "Thomas", "address1": "Woodland Drive", "address2": "Apt 21", "city": "Tempe", "state": "AZ", "zipcode": "85281", "country": "US", "phoneNumber": "5555555555", "email": "tthomas@xyz.com", "ipAddress": "10.70.60.14", "browserHttpUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0", "browserHttpAccept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "browserHttpAcceptLanguage": "en-US,en;q=0.5", "browserHttpAcceptEncoding": "gzip, deflate, br" }, "paymentInfo": { "creditCardPaymentInfo": { "cardNum": "4473707989493598", "nameOnCard": "Tyler Thomas", "expMonth": "04", "expYear": "2019", "cvv2": "123" } }, "subscriptionId":900000000000000001, "timeToLive": 30, "validNumberOfUse": 3 }');
try {
$response = $request->send();
echo $response->getBody();
} catch (HttpException $ex) {
echo $ex;
}
?>

The header array in this PHP example prevents client-side caching. It also requires objects to follow the JSON (JavaScript Object Notation) open-standard file format and use the application/json content type.

Step 4: API Call Parameters

The body of an API call contains a set of parameters and their corresponding values. The API documentation must list every parameter for each endpoint. It should also provide parameter descriptions, what data types are acceptable, and emphasize if a parameter is required or optional.

Let’s explore parameters and their values using the same API call example as above:

<?php
$request = new HttpRequest();
$request->setUrl('https://api.ccbill.com/payment-tokens/merchant-only-verify');
$request->setMethod(HTTP_METH_POST);
$request->setHeaders(array(
'Cache-Control' => 'no-cache',
'Authorization' => 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsibWNuLXRyYW5zYWN0aW9uLXNlcnZpY2UiLCJtY24tYWRtaW4tc2VydmljZSJdLCJzY29wZSI6WyJjcmVhdGVfdG9rZW4iLCJyZWFkX3Rva2VuIiwiY2hhcmdlX3Rva2VuIiwiY3JlYXRlX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW0iLCJjcmVhdGVfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIiwicmVhZF9wcm9ncmFtX3BhcnRpY2lwYXRpb24iLCJtb2RpZnlfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIl0sImV4cCI6MTUzNzM4MDczNiwiYXV0aG9yaXRpZXMiOlsiTUNOX0FQSV9UT0tFTl9DSEFSR0VSIiwiTUNOX0FQSV9UT0tFTl9DUkVBVE9SIiwiTUNOX0FQSV9BRE1JTiJdLCJqdGkiOiI4YzI2Njg1MC00NjMzLTQzZDMtYjZjOC1lNzIyY2ExNjQ1YTUiLCJjbGllbnRfaWQiOiI1MjE3NjhhYTc1OGQxMWU4YWE2YjAwNTA1NjlkMTU4NSJ9.HRYXZFATkIcI2_LJ1W_xo67IfBnbN9atyYNzyHqseLxYUxzgwBsAV5rNqCixKemOrDIeQLBN4jrwRsBIHDpEvshwBC8XmTodDJzpGmMaU9s1r20RV68X0_d1yTgSDke_Of7VCrVmJRbSuDl7AgsfTqQ1J7nWyu9vcIaER93ms-vadser_Ot9Z68_HAmCJL3DCLpdIFq3PYtBMKKKqXbvhfhSZQZD3b6-aewAnBo0VzpvK6tREqw1rv9_73oAvYcW2aHAj79ILr8viWMM40LyDKMMYOYkneg3hJUQsUVeh9WzztYUJKzERYNXje9fYIGN-eofoLvX7OZJ3eXmIfkrfQ',
'Content-Type' => 'application/json'
));
// Parameters begin here
$request->setBody('{ "clientAccnum": 900000, "clientSubacc": 0, "customerInfo": { "customerFname": "Tyler", "customerLname": "Thomas", "address1": "Woodland Drive", "address2": "Apt 21", "city": "Tempe", "state": "AZ", "zipcode": "85281", "country": "US", "phoneNumber": "5555555555", "email": "tthomas@xyz.com", "ipAddress": "10.70.60.14", "browserHttpUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0", "browserHttpAccept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "browserHttpAcceptLanguage": "en-US,en;q=0.5", "browserHttpAcceptEncoding": "gzip, deflate, br" }, "paymentInfo": { "creditCardPaymentInfo": { "cardNum": "4473707989493598", "nameOnCard": "Tyler Thomas", "expMonth": "04", "expYear": "2019", "cvv2": "123" } }, "subscriptionId":900000000000000001, "timeToLive": 30, "validNumberOfUse": 3 }');
// Parameters end here
try {
$response = $request->send();
echo $response->getBody();
} catch (HttpException $ex) {
echo $ex;
}
?>

CCBill’s system verifies the request and uses the provided customer information to create a payment token.

Before adding parameters to a call, always consult the appropriate API documentation for instructions.

Step 5: API Server Response

The API server responds by sending structured parameters and their corresponding values based on the API request. A common component of API server responses are HTTP status codes. HTTP codes confirm if a request was successful or inform API clients that a request failed.

For example, successfully creating a payment token using CCBill’s RESTful API returns a 200 HTTP code and the following parameters:

{ "createdDatetime": "datetime-only", "timeToLive": "integer", "originalPaymentTokenId": "string", "validNumberOfUse": "integer", "clientAccnum": "integer", "clientSubacc": "integer", "programParticipationId": "integer", "avsResponse": "string", "paymentTokenId": "string", "paymentInfoId": "string", "cvv2Response": "string", "subscriptionId": "integer" }

Merchants can extract the paymentTokenID string and make a new API call to charge the customer.

Unsuccessful API calls always return a status code, upon which the user or client can determine what went wrong.

Here are some of the most used HTTP status codes and their meanings.

1xx Codes

1xx HTTP codes are temporary status codes that inform the client that their request has been received and waiting to be processed.

The following table explains some of the most used 1xx codes:

CodeMeaning
100 ContinueThe server understood the initial part of the request. The client can proceed with the request or ignore this response if they completed their task.
101 Switching ProtocolsThe server understands the Upgrade header and informs the client about the protocol it is switching to.
102 ProcessingThe server has accepted the request but has not completed it yet.
103 Early HintsThe client can preload some resources while waiting for a request response.

2xx Codes

2xx codes inform the client that their request has been successful, sometimes with additional context.

The following table provides details about the most used 2xx codes:

CodeMeaning
200 OKThe request was completed successfully.
201 CreatedThe resource has been created successfully (for POST requests).
202 AcceptedThe request has been received but has not finished processing.
204 No ContentThe request has been processed successfully but no content will be returned as a response.

3xx Codes

3xx codes inform the client that they must take additional action for their request to be completed.

The most used 3xx codes are as follows:

CodeMeaning
300 Multiple ChoicesThe request has more than one response and the user must choose one.
301 Moved PermanentlyThe URL of the requested resource has been changed permanently. This response is followed by a Location header field containing the correct URL to address.
302 FoundThe URL of the requested resource has been changed temporarily. This response is followed by a Location header field containing the correct URL to address.
303 See OtherThe requested resource is found under another URI. The user should send a request using the GET method to the correct URI.

4xx Codes

4xx codes indicate an error on the client side of the request.

The most used 4xx codes are as follows:

CodeMeaning
400 Bad RequestThe server does not understand the request due to incorrect syntax. The client must modify the request to proceed.
401 UnauthorizedThe client’s identity is unknown to the server. The request requires user authentication credentials to complete.
403 ForbiddenThe client’s identity is known to the server, but access is not granted.
404 Not FoundThe requested resource cannot be found.
405 Method Not AllowedThe server recognizes the HTTP method, but it is disabled for use on the requested resource.
408 Request TimeoutThe client failed to send a complete request within the server’s allotted timeout period.
410 GoneThe requested resource is no longer available on that server.
429 Too Many RequestsThe client has sent too many requests within a time frame.

5xx Codes

5xx codes indicate a server-side error.

The following table explains some of the most used 5xx codes:

CodeMeaning
500 Internal Server ErrorThe server is prevented from completing a request due to an unexpected issue.
501 Not ImplementedThe HTTP method used in the request is not supported and cannot be handled by the server.
502 Bad GatewayThe server got an invalid response.
503 Service UnavailableThe server cannot handle the request.

Unique Status Codes

Besides HTTP status codes, servers may be configured to send unique response codes. Information about unique response codes can be found in the documentation provided by the API provider.

CCBill RESTful Transaction API Calls

CCBill’s RESTful payment API enables merchants to manage transactions using API calls.

A merchant needs to make several API requests for CCBill to capture payment information and charge a customer’s payment card.

1. Generate Bearer Token

The CCBill RESTful Transaction API uses bearer token-based authentication and authorization. Before accessing the API, merchants must register their application with CCBill and receive a merchant application ID and secret key.

Merchants provide these credentials to an authorization server to generate a bearer token.

Endpoint URL

  • https://api.ccbill.com/ccbill-auth/oauth/token

Header

  • Content-Type: application/x-www-form-urlencoded
  • Authorization: Basic Merchant_ApplicationID:Merchant_Secret

Example Request

curl - POST 'https://api.ccbill.com/ccbill-auth/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic Merchant_ApplicationID:Merchant_Secret ' \
--data-urlencode 'grant_type=client_credentials'

The result of this request is a unique data string (bearer token) that must be provided in the authorization header of each API request.

Merchant applications have access until the access token expires or is revoked.

2. Create Payment Token ID

Merchants can use their newly created bearer token to generate a payment token ID based on the customer’s payment data.

The endpoint for creating a payment token ID is:

https://api.ccbill.com/payment-tokens/merchant-only

An example API call contains the following header and parameters:

<?php
$request = new HttpRequest();
$request->setUrl('https://api.ccbill.com/payment-tokens/merchant-only');
$request->setMethod(HTTP_METH_POST);
$request->setHeaders(array(
'Cache-Control' => 'no-cache',
'Authorization' => 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsibWNuLXRyYW5zYWN0aW9uLXNlcnZpY2UiLCJtY24tYWRtaW4tc2VydmljZSJdLCJzY29wZSI6WyJjcmVhdGVfdG9rZW4iLCJyZWFkX3Rva2VuIiwiY2hhcmdlX3Rva2VuIiwiY3JlYXRlX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW0iLCJjcmVhdGVfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIiwicmVhZF9wcm9ncmFtX3BhcnRpY2lwYXRpb24iLCJtb2RpZnlfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIl0sImV4cCI6MTUzNzM4MDczNiwiYXV0aG9yaXRpZXMiOlsiTUNOX0FQSV9UT0tFTl9DSEFSR0VSIiwiTUNOX0FQSV9UT0tFTl9DUkVBVE9SIiwiTUNOX0FQSV9BRE1JTiJdLCJqdGkiOiI4YzI2Njg1MC00NjMzLTQzZDMtYjZjOC1lNzIyY2ExNjQ1YTUiLCJjbGllbnRfaWQiOiI1MjE3NjhhYTc1OGQxMWU4YWE2YjAwNTA1NjlkMTU4NSJ9.HRYXZFATkIcI2_LJ1W_xo67IfBnbN9atyYNzyHqseLxYUxzgwBsAV5rNqCixKemOrDIeQLBN4jrwRsBIHDpEvshwBC8XmTodDJzpGmMaU9s1r20RV68X0_d1yTgSDke_Of7VCrVmJRbSuDl7AgsfTqQ1J7nWyu9vcIaER93ms-vadser_Ot9Z68_HAmCJL3DCLpdIFq3PYtBMKKKqXbvhfhSZQZD3b6-aewAnBo0VzpvK6tREqw1rv9_73oAvYcW2aHAj79ILr8viWMM40LyDKMMYOYkneg3hJUQsUVeh9WzztYUJKzERYNXje9fYIGN-eofoLvX7OZJ3eXmIfkrfQ',
'Content-Type' => 'application/json'
));
$request->setBody('{ "clientAccnum": 900000, "clientSubacc": 0, "customerInfo": { "customerFname": "Tyler", "customerLname": "Thomas", "address1": "Woodland Drive", "address2": "Apt 21", "city": "Tempe", "state": "AZ", "zipcode": "85281", "country": "US", "phoneNumber": "5555555555", "email": "tthomas@xyz.com", "ipAddress": "10.70.60.14", "browserHttpUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0", "browserHttpAccept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "browserHttpAcceptLanguage": "en-US,en;q=0.5", "browserHttpAcceptEncoding": "gzip, deflate, br" }, "paymentInfo": { "creditCardPaymentInfo": { "cardNum": "4473707989493598", "nameOnCard": "Tyler Thomas", "expMonth": "04", "expYear": "2019" } }, "subscriptionId":900000000000000001, "timeToLive": 30, "validNumberOfUse": 3 }');
try {
$response = $request->send();
echo $response->getBody();
} catch (HttpException $ex) {
echo $ex;
}
?>

CCBill has also created an Advanced Widget library that helps merchants automate payment token requests. Merchants can design their interface to call the widget and generate payment tokens.

The JavaScript widget is hosted in a location accessible to merchants allowing them to reference and import the widget into their websites.

The primary function of the Advanced Widget is createPaymentToken. This function either returns a created payment token output or an error message if the payment token cannot be created with the provided inputs.

3. Charge Payment Token ID

The API call to charge a customer needs to contain the bearer token in the request header and the payment token ID in the request body.

The HTTP request URL for charging a customer (without 3DS Authentication) is:

https://api.ccbill.com/transactions/payment-tokens/{payment_token_id}

Merchants need to supply the payment token ID as a URI parameter.

An example API call for charging a customer payment token contains the following parameters:

<?php
$request = new HttpRequest();
$request->setUrl('https://api.ccbill.com/transactions/payment-tokens/01047ed6f3b440c7a2ccc6abc1ad0a84');
$request->setMethod(HTTP_METH_POST);
$request->setHeaders(array(
'Cache-Control' => 'no-cache',
'Authorization' => 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsibWNuLXRyYW5zYWN0aW9uLXNlcnZpY2UiLCJtY24tYWRtaW4tc2VydmljZSJdLCJzY29wZSI6WyJjcmVhdGVfdG9rZW4iLCJyZWFkX3Rva2VuIiwiY2hhcmdlX3Rva2VuIiwiY3JlYXRlX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW0iLCJjcmVhdGVfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIiwicmVhZF9wcm9ncmFtX3BhcnRpY2lwYXRpb24iLCJtb2RpZnlfcHJvZ3JhbV9wYXJ0aWNpcGF0aW9uIl0sImV4cCI6MTUzNzM4MDczNiwiYXV0aG9yaXRpZXMiOlsiTUNOX0FQSV9UT0tFTl9DSEFSR0VSIiwiTUNOX0FQSV9UT0tFTl9DUkVBVE9SIiwiTUNOX0FQSV9BRE1JTiJdLCJqdGkiOiI4YzI2Njg1MC00NjMzLTQzZDMtYjZjOC1lNzIyY2ExNjQ1YTUiLCJjbGllbnRfaWQiOiI1MjE3NjhhYTc1OGQxMWU4YWE2YjAwNTA1NjlkMTU4NSJ9.HRYXZFATkIcI2_LJ1W_xo67IfBnbN9atyYNzyHqseLxYUxzgwBsAV5rNqCixKemOrDIeQLBN4jrwRsBIHDpEvshwBC8XmTodDJzpGmMaU9s1r20RV68X0_d1yTgSDke_Of7VCrVmJRbSuDl7AgsfTqQ1J7nWyu9vcIaER93ms-vadser_Ot9Z68_HAmCJL3DCLpdIFq3PYtBMKKKqXbvhfhSZQZD3b6-aewAnBo0VzpvK6tREqw1rv9_73oAvYcW2aHAj79ILr8viWMM40LyDKMMYOYkneg3hJUQsUVeh9WzztYUJKzERYNXje9fYIGN-eofoLvX7OZJ3eXmIfkrfQ',
'Content-Type' => 'application/json'
));
$request->setBody('{ "clientAccnum":900123, "clientSubacc":10, "initialPrice": 9.99, "initialPeriod": 10, "recurringPrice": 15.00, "recurringPeriod": 30, "rebills": 99, "currencyCode": 840, "lifeTimeSubscription": false, "createNewPaymentToken": false, "passThroughInfo": [ { "name": "val1", "value": "val2" } ] }');
try {
$response = $request->send();
echo $response->getBody();
} catch (HttpException $ex) {
echo $ex;
}
?>

The charge also triggers a webhook HTTP POST notification, allowing the merchant to capture transaction information.

4. Read Payment Token ID

Merchants can obtain data about a payment token by sending its ID to the following API endpoint:

https://api.ccbill.com/transactions/payment-tokens/{paymentTokenId}

The payment token ID is supplied as a URI parameter:

<?php
$request = new HttpRequest();
$request->setUrl('https://api.ccbill.com/payment-tokens/01047ed6f3b440c7a2ccc6abc1ad0a84');
$request->setMethod(HTTP_METH_GET);
$request->setHeaders(array(
'Cache-Control' => 'no-cache',
'Authorization' => 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsibWNuLXRyYW5zYWN0aW9uLXNlcnZpY2UiLCJtY24tYWRtaW4tc2VydmljZSJdLCJzY29wZSI6WyJjcmVhdGVfdG9rZW4iLCJyZWFkX3Rva2VuIiwiY2hhcmdlX3Rva2VuIiwiY3JlYXRlX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW0iLCJyZWFkX3Byb2dyYW1fcGFydGljaXBhdGlvbiIsIm1vZGlmeV9wcm9ncmFtX3BhcnRpY2lwYXRpb24iXSwiZXhwIjoxNTM2MjcwMTE2LCJhdXRob3JpdGllcyI6WyJNQ05fQVBJX1RPS0VOX0NIQVJHRVIiLCJNQ05fQVBJX1RPS0VOX0NSRUFUT1IiLCJNQ05fQVBJX0FETUlOIl0sImp0aSI6IjlkZjQ5M2NjLTNmNDAtNDdmYS04ZjIwLWFiYWM5NTljOWFjYyIsImNsaWVudF9pZCI6IjUyMTc2OGFhNzU4ZDExZThhYTZiMDA1MDU2OWQxNTg1In0.e6pUqftnUlJcaz1rsxsoCBcitPvnAwAwp1ZiBl77ht0dsVRBUg3vOvruGzxELjVPKWFnu8NFXEJKEhoQXkZuqn2AiiM1u9mOJUtyQ9c1KgEMq6yTCQ_QIxGsrYcwkkr_B2yw5p_q6KHCcaAAAq4HGkKdHbo8C1GHvApD0Q7DVWRmie265Da6ln4Y1_wFHADKYTktCtLhBr4rv-5bmWHy25GKPZgIHViMrJmwSKqG2kC60JEYDrOsZsajhicbKPytXDw9X0Z6PcYPyRCkpz5I1FjsXJmIJnSKLwG8fPC2AOYPqF4p30BHLaCxvtS29jSbpfZj1W0pt708ipZSOlwHAw'
));
try {
$response = $request->send();
echo $response->getBody();
} catch (HttpException $ex) {
echo $ex;
}
?>

Conclusion

You know what API calls are and how they work. The goal of the information provided is to clarify the concept of APIs and API calls as well as allow for an easier understanding of API documentation.

About the author
Mirjana Fodora
Mirjana Fodora is a Technical Writer with a background in Web Design and Development. Despite being one of the youngest members of CCBill, her writing skills and technical aptitude help her produce factual, informative, and user-friendly content. If not writing or learning a new skill, you'll find her binging fintech and marketing videos or gaming.
Talk to a Merchant Support Specialist
cross