Transaction API

Overview

The Cardknox API enables developers to process payments using the Cardknox gateway. Systems integrating with the Cardknox API can submit API calls using various commands. The API supports many payment methods, including credit cards, ACH, EBT, and gift cards.

To begin building your API integration, create an account for a Cardknox sandbox — our secure testing environment that mimics the production environment. After signing up, you’ll be able to create user credentials for the Cardknox Merchant Portal. Once you log in to the Portal, you’ll be able to generate an API key from the Settings menu. Watch our Key Management video or follow the instructions below to obtain a key.

How to Generate Cardknox Keys

  1. Sign in to the Cardknox Merchant Portal.

  2. Select "Account Settings" from the navigation bar.

  3. Select "Keys" from the sub-menu.

  4. Click "Create a Key" in the top-right corner.

  5. Choose the desired key type (API or iFields), description (software, etc.), and permissions.

  6. Click "Create and View" and copy your key.

It is critical to copy your key and save it in a secure location, as you won’t be able to obtain the key again.

iFields and Transaction API

We recommend using iFields in conjunction with the Transaction API for added security. Cardknox iFields is an iFrames solution that keeps sensitive card data away from merchant servers while granting you complete control over form layout and design. Click here to learn more about iFields.

The Cardknox iFields solution utilizes iFrames in which the user enters their credit card and/or ACH information and then uses JavaScript to generate SUTs (single-use tokens) for processing. These features allow the website to remain secure and out-of-scope for PCI compliance while allowing the developer to customize the page layout and design fully.

Endpoints

Health Check

HTTP Request Method: GET

Cross-Origin Resource Sharing (CORS) Restrictions

This API has Cross-Origin Resource Sharing (CORS) restrictions in place to enhance security. Requests made directly from a web browser client (e.g., JavaScript running in the browser) will be blocked.

Allowed Origins This API only accepts requests from server-side origins. Ensure that your requests originate from a server to successfully interact with the API.

Transactions

HTTP Request Method: POST

Cardknox allows you to send the data in FormData, JSON, and XML formats.

Add to the base URL any of the following formats to indicate which format you are sending it as:

FormData

/gatewayform

https://x1.cardknox.com/gatewayform

JSON

/gatewayjson

https://x1.cardknox.com/gatewayjson

XML

/gatewayxml

https://x1.cardknox.com/gatewayxml

Transaction Types

The endpoints can be found in the following child pages by navigating to the appropriate page:

Transactions

Transaction Type
Transaction (Link)
xCommand

cc:authonly

cc:capture

cc:adjust

cc:save

cc:avsonly

cc:postauth

cc:credit

cc:refund

cc:voidrefund

cc:voidrelease

cc:void

check:sale

check:credit

check:save

check:void

check:refund

check:voidrefund

ebtfs:credit

ebtfs:balance

ebtfs:voucher

ebtcb:cash

ebtcb:balance

ebtw:balance

ebtw:void

gift:issue

gift:redeem

gift:balance

gift:activate

gift:deactivate

fraud:submit

Questions

Can't find what you're looking for? Please contact support@cardknox.com.

Last updated