Transaction API
Overview
The Cardknox API enables developers to process payments using the Cardknox gateway. Systems integrating with the Cardknox API can submit API calls using various commands. The API supports many payment methods, including credit cards, ACH, EBT, and gift cards.
To begin building your API integration, create an account for a Cardknox sandbox — our secure testing environment that mimics the production environment. After signing up, you’ll be able to create user credentials for the Cardknox Merchant Portal. Once you log in to the Portal, you’ll be able to generate an API key from the Settings menu. Watch our Key Management video or follow the instructions below to obtain a key.
How to Generate Cardknox Keys
Sign in to the Cardknox Merchant Portal.
Select "Account Settings" from the navigation bar.
Select "Keys" from the sub-menu.
Click "Create a Key" in the top-right corner.
Choose the desired key type (API or iFields), description (software, etc.), and permissions.
Click "Create and View" and copy your key.
It is critical to copy your key and save it in a secure location, as you won’t be able to obtain the key again.
iFields and Transaction API
We recommend using iFields in conjunction with the Transaction API for added security. Cardknox iFields is an iFrames solution that keeps sensitive card data away from merchant servers while granting you complete control over form layout and design. Click here to learn more about iFields.
The Cardknox iFields solution utilizes iFrames in which the user enters their credit card and/or ACH information and then uses JavaScript to generate SUTs (single-use tokens) for processing. These features allow the website to remain secure and out-of-scope for PCI compliance while allowing the developer to customize the page layout and design fully.
Cross-Origin Resource Sharing (CORS) Restrictions
This API has Cross-Origin Resource Sharing (CORS) restrictions in place to enhance security. Requests made directly from a web browser client (e.g., JavaScript running in the browser) will be blocked.
Allowed Origins This API only accepts requests from server-side origins. Ensure that your requests originate from a server to successfully interact with the API.
Endpoints
The endpoint section defines the details for accessing and interacting with the Cardknox transaction API.
Health Check
Method: Always use GET for health checks.
Protocol: Secure communication is enforced using https://
Environment: Specifies the targeted environment for the check, such as x1, x2, or b1
Domain: The base URL is always cardknox.com
Paths: The endpoint path for health checks is /status
Method
Protocol
Environment
Domain
Path
Example URL
GET
https
x1 x2 b1
cardknox.com
status
https://x1.cardknox.com/status
Transactions
Method: Always use POST for transaction requests.
Protocol: Secure communication is enforced using https://
Environment: The primary environment is x1, with x2 and b1 available as backups.
Domain: The base URL is always cardknox.com
Paths/Formats: Various paths are supported based on data format requirements:
/gatewayformfor form data/gatewayjsonfor JSON data/gatewayxmlfor XML data
Method
Protocol
Environment
Domain
Path
Example URL
POST
https
x1 x2 b1
cardknox.com
gatewayform gatewayjson gatewayxml
https://x1.cardknox.com/gatewayjson
Transaction Types
The endpoints can be found in the following child pages by navigating to the appropriate page:
Transactions
Questions
Can't find what you're looking for? Please contact support@cardknox.com.
Last updated