Transaction API


The Cardknox API enables developers to process payments using the Cardknox gateway. Systems integrating with the Cardknox API can submit API calls using various commands. The API supports many payment methods, including credit cards, ACH, EBT, and gift cards.

To begin building your API integration, create an account for a Cardknox sandbox โ€” our secure testing environment that mimics the production environment. After signing up, youโ€™ll be able to create user credentials for the Cardknox Merchant Portal. Once you log in to the Portal, youโ€™ll be able to generate an API key from the Settings menu. Watch our Key Management video or follow the instructions below to obtain a key.

How to Generate Cardknox Keys

  1. Sign in to the Cardknox Merchant Portal.

  2. Select "Account Settings" from the navigation bar.

  3. Select "Keys" from the sub-menu.

  4. Click "Create a Key" in the top-right corner.

  5. Choose the desired key type (API or iFields), description (software, etc.), and permissions.

  6. Click "Create and View" and copy your key.

It is critical to copy your key and save it in a secure location, as you wonโ€™t be able to obtain the key again.

iFields and Transaction API

We recommend using iFields in conjunction with the Transaction API for added security. Cardknox iFields is an iFrames solution that keeps sensitive card data away from merchant servers while granting you complete control over form layout and design. Click here to learn more about iFields.

The Cardknox iFields solution utilizes iFrames in which the user enters their credit card and/or ACH information and then uses JavaScript to generate SUTs (single-use tokens) for processing. These features allow the website to remain secure and out-of-scope for PCI compliance while allowing the developer to customize the page layout and design fully.


Health Check

HTTP Request Method: GET

Cross-Origin Resource Sharing (CORS) Restrictions

This API has Cross-Origin Resource Sharing (CORS) restrictions in place to enhance security. Requests made directly from a web browser client (e.g., JavaScript running in the browser) will be blocked.

Allowed Origins This API only accepts requests from server-side origins. Ensure that your requests originate from a server to successfully interact with the API.


HTTP Request Method: POST

Cardknox allows you to send the data in FormData, JSON, and XML formats.

Add to the base URL any of the following formats to indicate which format you are sending it as:

Transaction Types

The endpoints can be found in the following child pages by navigating to the appropriate page:



Can't find what you're looking for? Please contact

Last updated