API docs by Redocly

FlipPay API (v2.0)

Download OpenAPI specification:Download

Introduction

This page details the V2 FlipPay API in a general use context.

For information about a specific product (e.g. configuration of product fields), refer to the integration guide available within the FlipPay web portal for authorised users.

If you need access to V1 documentation, or have any other questions, send an email to integrations@flippay.com.au


Quick tips

There are two environments available:

  • Live (production environment)
    • App (for merchants): app.flippay.com.au
    • App (for integrated partners): introducer.flippay.com.au
    • API endpoint: app.flippay.com.au/api/v2
  • Demo (customer-facing sandbox)
    • App (for merchants): demo.flippay.com.au
    • App (for integrated partners) demointroducer.flippay.com.au
    • API endpoint: demo.flippay.com.au/api/v2

Environments are entirely separate - different accounts are required on each environment, and different configurations/IDs will be available in each environment unless you're otherwise advised (i.e. don't assume to use a demo product in the live environment, it won't work!)

Formats & protocols:

  • All communication is over HTTPS
  • Data is sent and received as JSON, all fields are sent as JSON string unless explicitly noted otherwise (we format validate various strings where necessary, keep it simple otherwise)
  • Dates & times are returned in UTC
  • All files provided via API must be encoded in base64, where files are detected as incorrectly encoded, you will be required to correct your integration
  • Any url included in a request must be validly formed, otherwise will be rejected/ignored (applies to all instances of a url field)
  • Any email address included in a request must be validly formed, otherwise will be rejected/ignored (applies to all instances of an email field)
  • phone means an Australian phone number, all phone numbers included in a request must be validly formed, otherwise will be rejected/ignored (applies to all instances of a phone field)
    • 10 digits and starts with 02, 03, 04, 07, 08 ... or 1300, 1800
    • OR 6 digits and starts with 13
  • mobile means an Australian mobile number, all mobile numbers included in a request must be validly formed, otherwise will be rejected/ignored (applies to all instances of a mobile field)
    • 10 digits starting with 04
    • Designated separately as this field will typically be used to send SMS

Dealing with products:

  • Always refer to the integration guide (accessed via the FlipPay web portal) for the products enabled on your account, guide contains contextual tips and information, product field specifications and details on special settings or conditions (e.g. disbursement methods) relative to your product or use case
  • Changes to products & product fields are considered as breaking changes (i.e. rare, planned, communicated)
  • You can only transact on products enabled on your account and on the merchant account you're transacting with (if you're an integrated partner)

General info:

  • Payment requests cannot be edited once created, other than some products allowing product fields to be updated
  • Payment requests will expire after 90 days if not actioned prior - once expired, they'll move to a cancelled status and cannot be revived
  • You can cancel a payment request before it has been activated, but not afterwards
  • You can only refund card transactions created on a pay-now payment request, no other transactions or request types support refunds
  • Logo images should be sized <= 62 pixels high (width relative, but ideally similar), otherwise they may not display cleanly on payment pages
  • Where fields are “required” and provided in an invalid format, the request will be rejected with a 4xx code
  • Where fields are “optional” and provided in an invalid format, those fields will be discarded and the request will be accepted with a 200 code

Testing:

  • Use your own mobile and email, or ones you control ... if you spam random people, your account will be locked
  • Identity verification is disabled by default in the test merchant account you're allocated
    • If you enable it (login to merchant web portal to do so), you'll need to contact integrations@flippay.com.au for valid test data (not recommended or required for most use cases)
    • When disabled, enter any data to proceed (just need to populate required fields, content won't be checked against verification service)
  • OTP via mobile/email is disabled by default in the test merchant account you're allocated (you can enable if you want, login to the merchant web portal to do so), so to test:
    • Continue to enter valid mobile/email details (these will not receive an OTP, but will be used for later actions relative to the process you're testing)
    • Enter "111111" (6 x "1") as the OTP
  • Disbursements still need to reference a valid accountId on the test merchant account you're allocated, OR you can use any BSB/account or BPAY if those options are enabled on the product
  • Card payments must be tested using these details (live cards are not accepted in the non-live environments):
    • Visa 4111 1111 1111 1111 (Success)
    • Visa 4242 4242 4242 4242 (Failure)
    • Mastercard 5555 5555 5555 4444 (Success)
    • Mastercard 5105 1051 0510 5100 (Failure)
  • Some endpoints will include a payload in the 200 response, make sure to check them for warnings (non-critical issues that can confuse testing if you're not aware)

If you have any questions, don't hesitate to contact integrations@flippay.com.au for some help. Please do include as much information as you can - request/response payloads are best, url/endpoint you're using, any relevant IDs (merchant, payment request, etc)

Good luck!

Pay later

"Pay later" covers payment requests sent from a merchant to one of the merchant's customers, where that request is enabled with a financial product (e.g. BNPL, delayed payment, loan, etc) in addition to a standard "pay now" option. Payment requests created via this mode generate their own unique payment page, presenting the payment options available (as onboarded for the merchant) and customisation options for the merchant to utilise. When creating a pay later request, the initiator can:

  • Offer multiple payment options (products)
  • Nominate bank accounts or other targets to disburse the payment to (subject to product configuration)
  • Send the payment page via FlipPay or just generate the url and send it yourself
  • Customise and brand the payment page with logos, personal messages, contact details and business information in the footer
  • Attach files to a payment request
  • Direct notifications on the request's status changes via webhook and email

Key points to note:

  • Refer to the quick tips at the top of page!
  • The reference provided will appear in the merchant's remittance advice (use that field wisely)
  • Unless noted in the integration guide for your product, all products will only disburse to a merchant's bank account that has been verified during onboarding and alllocated an accountId; you can use the accountId, or provide bsb/account number for the same account (and it will be validated as such)
  • Unless noted in the integration guide for your product, all products will automatically offer a "pay now" option along side any pay later product, when using this endpoint
  • Whenever an ID verification is required, a customer will have a maximum of 3 attempts to get this right ... after that, the pay later product will be disabled on this payment request (be aware that such a customer is unlikely to receive funding approval on subsequent requests), there are no excceptions here

Notifications are generated when the payment request moves through statuses, pay later requests may utilise any of the statuses below (refer to your product integration guide for specifics, and guidance as to "does this matter to me"):

  • pending - request has been generated but not yet accessed by the customer
  • submitted - request has been submitted by the customer and diverted for manual assessment
  • active - request has been approved and payment option is active (merchant will receive disbursement next day)
  • declined - request has been declined out of manual approval (terminal status, can't be revived)
  • cancelled - request has been cancelled by integrated partner, merchant or FlipPay
  • complete - request has been completely paid (customer has completed payment agreement)

Sample notification payload (when sent via webhook):

{
  "prId": "PR-1234-5678",
  "status": "active"
}

Create a pay later enabled request

Create a payment request between a merchant and customer, enabled with "pay later" payment options. Refer to the integration guide for specific products to confirm product field format requirements (e.g. dates, currency, etc).

Authorizations:
JWT
Request Body schema: application/json
One of
merchantId
required
string

Unique ID for the merchant account creating the PR

reference
required
string

Merchant reference for the payment request

amount
required
number

Amount to request from the receiver (can have 0, 1 or 2 decimal places - any more will fail the request)

required
Array of items

Pay later product/s to offer on the PR

required
object

Method to disburse funds paid via this PR

object

Details if PR to be sent via FlipPay

object

Details of who the PR is to be sent to

object

Configure the payment page header/footer displayed to the receiver when following the PR url

Array of items

Files to attach to the PR (PDF only, max 15mb per file)

object

Notification settings for status changes on this PR

Array of items

Email addresses to send remittance advice to, when PR is disbursed (must be valid email address)

Responses

Request samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "reference": "INV-12345",
  • "amount": 100.01,
  • "product": [
    ],
  • "disbursement": {
    },
  • "sender": {
    },
  • "receiver": {
    },
  • "paymentPage": {},
  • "files": [
    ],
  • "notifications": {},
  • "remittance": [
    ]
}

Response samples

Content type
application/json
{}

Update a pay later enabled request

Update a payment request between a merchant and customer, enabled with "pay later" payment options

Refer to the integration guide to confirm specific field format requirements (e.g. dates, currency, etc).

Authorizations:
JWT
path Parameters
prId
required
any
Example: PR-1234-5678

The unique ID of the payment request to be updated

Request Body schema: application/json
required
Array of items

Product fields to update on the PR

Responses

Request samples

Content type
application/json
{
  • "productFields": [
    ]
}

Retrieve a pay later enabled request

Retrieve a payment request created between a merchant and customer, enabled with "pay later" payment options.

Refer to the integration guide to confirm specific field format requirements (e.g. dates, currency, etc).

Note that if a payment request has not yet been activated, and was enabled with multiple products to offer, multiple products will be returned. If a payment request has been activated, only the product that was approved will be returned.

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unique ID of the payment request to be retrieved

Responses

Response samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "prId": "PR-1234-5678",
  • "prUrl": "https://www.flippay.com.au/PR-1234-5678",
  • "status": "status",
  • "reference": "PL-1234-5678",
  • "amount": 100.01,
  • "product": [
    ],
  • "disbursement": {
    },
  • "sender": {
    },
  • "receiver": {
    },
  • "paymentPage": {},
  • "files": [
    ],
  • "notifications": {},
  • "remittance": [
    ]
}

Delete a pay later enabled request

Cancel a payment request between a merchant and customer, enabled with "pay later" payment options

Refer to the integration guide to confirm specific field format requirements (e.g. dates, currency, etc).

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unique ID of the payment request to be deleted

Responses

Pay now

"Pay now" covers payment requests sent from a merchant to one of the merchant's customers, where that request is enabled ONLY for the customer to pay the merchant in full, with no alternative payment options (e.g. BNPL, delayed payment, loan, etc). These payment requests operate similarly to "pay later", with the following exceptions:

  • Pay now requests will only disburse into a bank account verified on the merchant account
  • There is no submitted, active or declined status returned - only pending, cancelled or complete

Create a pay now request

Create a payment request between a merchant and customer, enabled with immediate card payment functionality only.

Authorizations:
JWT
Request Body schema: application/json
One of
merchantId
required
string

Unique ID for the merchant account creating the PR

reference
required
string

Merchant reference for the payment request

amount
required
string

Amount to request from the receiver (can have 0, 1 or 2 decimal places - any more will fail the request)

Array of items

Configure the payment methods to offer (system assumes 'all available' if not provided) - valid options are eft and/or card

required
object

Method to disburse funds paid via this PR

object

Details if PR to be sent via FlipPay

object

Details of who the PR is to be sent to

object

Configure the payment page header/footer displayed to the receiver when following the PR url

Array of items

Files to attach to the PR (PDF only, max 15mb per file)

object

Notification settings for status changes on this PR

Responses

Request samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "reference": "INV-12345",
  • "amount": 100.01,
  • "methods": [
    ],
  • "disbursement": {
    },
  • "sender": {
    },
  • "receiver": {
    },
  • "paymentPage": {},
  • "files": [
    ],
  • "notifications": {}
}

Response samples

Content type
application/json
{}

Retrieve a pay now enabled request

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unique ID of the payment request to be retrieved

Responses

Response samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "prId": "PR-1234-5678",
  • "prUrl": "https://www.flippay.com.au/PR-1234-5678",
  • "status": "status",
  • "reference": "INV-12345",
  • "amount": 100.01,
  • "disbursement": {
    },
  • "sender": {
    },
  • "receiver": {
    },
  • "paymentPage": {},
  • "files": [
    ],
  • "notifications": {}
}

Delete a pay now enabled request

Cancel a payment request between a merchant and customer, enabled with immediate card payment functionality only.

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unqiue ID of the payment request to be deleted

Responses

Direct

The direct endpoints enable B2B requests for funding between onboarded entities and FlipPay (e.g. B2B invoice financing, equipment finance, etc). These payment requests will not generate a payment page, but otherwise will operate similarly to a pay later request between a merchant and customer, with the following exceptions:

  • Only one product can be enabled on a direct request
  • Depending on the product used, direct requests can be disbursed to a bank account enabled on the merchant account, or an external bank account (refer to the integration guide available within the FlipPay web portal)
  • Repayment of the request will typically be via merchant (either the merchant pays FlipPay via EFT manually or a direct debit on the disbursement account is enacted, per the product configuration)

Create a direct funding request

Create a B2B funding request between an onboarded entity and FlipPay.

Authorizations:
JWT
Request Body schema: application/json
One of
merchantId
required
string

Unique ID for the merchant account requesting funding

reference
required
string

A merchant reference

amount
required
number

Amount requested

required
object

Funding product used on the request

required
object

Account to disburse funds to via this PR

object

Account to debit repayments for this PR

object

Notification settings for status changes on this PR

Array of items

Email addresses to send remittance advice to, when PR is disbursed (must be valid email address)

Responses

Request samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "reference": "Funding request for ABC",
  • "amount": 10000.01,
  • "product": {
    },
  • "disbursement": {
    },
  • "debit": {
    },
  • "notifications": {},
  • "remittance": [
    ]
}

Response samples

Content type
application/json
{
  • "prId": "PR-1234-5678",
  • "prUrl": "https://www.flippay.com.au/PR-1234-5678",
  • "status": "submitted",
  • "message1": "Custom message determined by product would display here",
  • "message2": "Custom message determined by product would display here",
  • "repayment": {
    }
}

Update a direct funding request

Update a direct funding request between an onboarded entity and FlipPay.

Authorizations:
JWT
path Parameters
prId
required
any
Example: PR-1234-5678

The unique ID of the payment request to be updated

Request Body schema: application/json
required
Array of items

Product fields to update on the PR

Responses

Request samples

Content type
application/json
{
  • "productFields": [
    ]
}

Retrieve a direct funding request

Retrieve a direct funding request

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unique ID of the payment request to be retrieved

Responses

Response samples

Content type
application/json
Example
{
  • "merchantId": "M-1234-5678",
  • "prId": "PR-1234-5678",
  • "status": "active",
  • "reference": "Funding request for ABC",
  • "amount": 10000.01,
  • "product": {
    },
  • "disbursement": {
    },
  • "debit": {
    },
  • "notifications": {},
  • "remittance": [
    ],
  • "message1": "Some variable text",
  • "message2": "Some variable text",
  • "repayment": {
    }
}

Cancel a direct funding request

Cancel a B2B funding request between an onboarded entity and FlipPay.

Authorizations:
JWT
path Parameters
prId
required
string
Example: PR-1234-5678

The unique ID of the payment request to be cancelled

Responses

Retrieve a list of direct funding requests

Retrieve a list of direct funding requests, using a range of parameters to filter the returned list:

  • When authenticating as a merchant, no single parameter is mandatory, all are optional
  • When authenticating as an integrated partner, merchantId is mandatory (the service will only provide records for a single merchant)

Authorizations:
JWT
path Parameters
query string
any
Example: /direct?product=PL-1234-5678&status=complete&closedFrom=2022-10-31&page=2&itemsPerPage=50


Use any of the following parameters:

merchantId: a merchant ID (e.g. PL-1234-5678) to filter on (mandatory for integrated partners, not required for merchants)
/direct?merchant=M-1234-5678

productId: a product ID (e.g. PL-1234-5678) to filter on
/direct?product=PL-1234-5678

status: a specific PR status (pending, submitted, cancelled, declined, active, complete)
/direct?status=complete

createdFrom / createdTo: date in format YYYY-MM-DD, covers when PR was created
/direct?createdFrom=2022-10-31
/direct?createdTo=2023-10-31
/direct?createdFrom=2022-10-31&createdTo=2023-10-31

activatedFrom / activatedTo: date in format YYYY-MM-DD, covers when PR was activated
/direct?activatedFrom=2022-10-31
/direct?activatedTo=2023-10-31
/direct?activatedFrom=2022-10-31&activatedTo=2023-10-31

closedFrom / closedTo: date in format YYYY-MM-DD, covers when PR was cancelled, declined or completed
/direct?closedFrom=2022-10-31
/direct?closedTo=2023-10-31
/direct?closedFrom=2022-10-31&closedTo=2023-10-31

page: response is limited to 100 PR per page, use this parameter to access further data where there are more than 100 records in the query response
/direct?page=2

itemsPerPage: set the items per page in the response provided, max is 100
/direct?itemsPerPage=50

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Retrieve a set of direct funding requests

Retrieve summary data for a specific set of direct funding requests, identified by their PR-ID

Authorizations:
JWT
Request Body schema: application/json
required
Array of items

PRID for requests to be returned (must be in format PR-####-####)

Responses

Request samples

Content type
application/json
{
  • "prId": [
    ]
}

Response samples

Content type
application/json
{
  • "paymentRequests": [
    ],
  • "invalid": [
    ]
}

Onboard

These services are used to onboard new merchants to FlipPay via integrated partners. Key points to note:

  • Integrated partners are enabled for defined products per their agreement with FlipPay, these products are automatically enabled on approved merchant accounts initiated by the integrated partner.
  • Approved merchant accounts are automatically linked with the integrated partner who initiated the onboarding request (no need to use the separate link services if you create the onboarding request).
  • Onboarding requests require an OTP to access, sent to the email address provided when the request was initiated (ensure the merchant provides a suitable email address).
  • The "onboardingID" provides a unique reference for a specific onboarding request, and is not the same as a "merchantID".
  • The "merchantID" is created when a merchant account is approved, and is included in the notification back to the integrated partner so that you can match the initial onboarding request with the later approved account (and then enable and enable FlipPay services for the Merchant).

Create an onboarding request

Create an onboarding request for a merchant.

Tips:

  • Ensure you provide valid details for notifications to be sent as the onboarding request progresses
  • If not provided, "sender" details will be populated with FlipPay defaults
  • Notifications are only sent when the onboarding request is "approved" (merchant account is active) or "cancelled" (application was withdrawn or declined, or otherwise cancelled)
  • Store the "onboardingId" returned in the 200 response, and use it to match a later notification with an approved merchant account (as you'll need to store the "merchantId" for all transactions on the activated merchant account)
  • Include your platform logo to have it displayed along side FlipPay through the onboarding experience, to set/maintain context of the two brands (i.e. "Why am I getting this message from FlipPay ... oh I see")

    Sample notification payloads:

APPROVED (mechant account has been activated, can transact on it immediately)

{
  "onboardingId": "OB-1234-5678",
  "merchantId": "M-1234-5678",
  "status": "approved"
}

CANCELLED (onboarding request was withdrawn, declined or otherwise cancelled) 
{
  "onboardingId": "OB-1234-5678",
  "status": "cancelled"
}
Authorizations:
JWT
Request Body schema: application/json
sendComms
required
boolean

Instruct FlipPay to email a secure onboarding link to the merchant, or not

object

Control the email sent when FlipPay sends it to the merchant

required
object

The merchant contact to receive the onboarding request

object

Notification settings for status changes on this OB request

Responses

Request samples

Content type
application/json
{}

Response samples

Content type
application/json
{}

Retrieve an onboarding request

Retrieve the status of an onboarding request.

Tips:

  • Onboarding requests will return statuses of pending, in-progress, approved, cancelled
  • pending = request has been created, recipient has not accessed it yet
  • in-progress = recipient has accessed the request (likely in process of completing the form)
  • approved = request was approved, merchant account has been activated (note the merchantId of the activated account is included in this response)
  • cancelled = request was withdrawn, declined or otherwise cancelled (by either you, the merchant or FlipPay)


Sample responses for each scenario:

PENDING or IN-PROGRESS

{
  "onboardingUrl": "https://www.flippay.com.au/abc345465hgd",
  "status": "pending"
}

APPROVED 
{
  "status": "approved",
  "merchantId": "M-1234-5678",
}

CANCELLED 
{
  "status": "cancelled"
}
Authorizations:
JWT
path Parameters
onboardingId
required
string
Example: OB-1234-5678

The unique ID of the onboarding request to be retrieved

Responses

Response samples

Content type
application/json
{}

Cancel an onboarding request

Cancel an onboarding request.

Authorizations:
JWT
path Parameters
onboardingId
required
string
Example: OB-1234-5678

The unique ID of the onboarding request to be cancelled

Responses

General

General use functions to support integrated merchants and partners.

Retrieve bank accounts

Retrieve bank accounts enabled on a merchant account

Authorizations:
JWT
path Parameters
merchantId
required
string
Example: M-1234-5678

The unique ID of the merchant account

Responses

Response samples

Content type
application/json
{
  • "accounts": [
    ]
}

Retrieve virtual bank account

Retrieve virtual bank account allocted to a merchant for all repayments & EFT services

Authorizations:
JWT
path Parameters
merchantId
required
string
Example: M-1234-5678

The unique ID of the merchant account

Responses

Response samples

Content type
application/json
{
  • "accounts": [
    ]
}

Retrieve services enabled on a merchant account

Retrieve products & payment methods enabled on a merchant account.

Authorizations:
JWT
path Parameters
merchantId
required
string
Example: M-1234-5678

The unique ID of the merchant account

Responses

Response samples

Content type
application/json
{
  • "products": [
    ],
  • "payments": [
    ]
}