Merchant Warrior API documentation

Login to Sandbox | Download PDF Version

Introduction

Merchant Warrior (MW) is an Australian based payment provider that offers a range of online payment solutions to Merchants worldwide.

MW is a Tier 1 PCI DSS certified provider. This qualification is obtained annually, after an independent audit carried out by a certified QSA and QPSAC.

This information has been provided to assist with the integration and implementation of services to the MW platform.

Production API Endpoint

https://api.merchantwarrior.com/post/

Sandbox API Endpoint

https://base.merchantwarrior.com/post/

Replace snippets below with your merchantUUID, apiKey and correct hash.

Direct API

The following sub-sections will outline the various API methods present in the Merchant Warrior Direct API.

Introduction

The Direct API provides you with a single integration point for processing to your Acquirer(s).

You will need to obtain a Merchant UUID, API Key and API passphrase in order to connect to the Direct API. These details will be issued to you when you create your MW account.

Request Format

API requests are submitted to the Direct API service using POST, and must be performed over HTTPS.

Available Methods

The Direct API service consists of the following methods:
processCard: Performs a purchase transaction on a customer’s credit card
processAuth: Performs a pre-authorization on a customer’s credit card
processCapture: Performs a capture request
processBatch: Submits a batch file for processing
retrieveBatch: Retrieves the batch status or processed batch file result
refundCard: Performs a refund request
queryCard: Queries previous credit card transactions
processDDebit: Performs a direct debit transaction on a customer’s bank account
queryDD: Queries previous direct debit transactions
queryBIN: Queries a Bank Identification Number (BIN)
getSettlement: Returns a list of settled transactions

Sample Request
curl -X POST \ 
    -d method="processCard" \
    -d merchantUUID="5265f8eed6a19" \
    -d apiKey="ksmnwxab" \
    -d transactionAmount="1.00" \
    -d transactionCurrency="AUD" \
    -d transactionProduct="Test Product" \
    -d customerName="Test Customer" \
    -d customerCountry="AU" \
    -d customerState="QLD" \
    -d customerCity="Brisbane" \
    -d customerAddress="123 Test Street" \
    -d customerPostCode="4000" \
    -d customerPhone="61731665489" \
    -d customerEmail="[email protected]" \
    -d customerIP="1.1.1.1" \
    -d paymentCardName="Test Customer" \
    -d paymentCardNumber="5123456789012346" \
    -d paymentCardExpiry="0521" \
    -d paymentCardCSC="123" \
    -d hash="b55552ff426d7e3d4885465d27ea0062" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentCardName' => 'Test Customer',
  'paymentCardNumber' => '5123456789012346',
  'paymentCardExpiry' => '0521',
  'paymentCardCSC' => '123',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method': 'processCard',
  'merchantUUID': '5265f8eed6a19',
  'apiKey': 'ksmnwxab',
  'transactionAmount': '1.00',
  'transactionCurrency': 'AUD',
  'transactionProduct': 'Test Product',
  'customerName': 'Test Customer',
  'customerCountry': 'AU',
  'customerState': 'QLD',
  'customerCity': 'Brisbane',
  'customerAddress': '123 Test Street',
  'customerPostCode': '4000',
  'customerPhone': '61731665489',
  'customerEmail': [email protected]',
  'customerIP': '1.1.1.1',
  'paymentCardName': 'Test Customer',
  'paymentCardNumber': '5123456789012346',
  'paymentCardExpiry': '0521',
  'paymentCardCSC': '123',
  'hash': 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'processCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentCardName' => 'Test Customer',
  'paymentCardNumber' => '5123456789012346',
  'paymentCardExpiry' => '0521',
  'paymentCardCSC' => '123',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },
                        { "customerIP", "1.1.1.1" },
                        { "paymentCardName", "Test Customer" },
                        { "paymentCardNumber", "5123456789012346" },
                        { "paymentCardExpiry", "0521" },
                        { "paymentCardCSC", "123" },
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _
                {"customerIP", "1.1.1.1"}, _
                {"paymentCardName", "Test Customer"}, _
                {"paymentCardNumber", "5123456789012346"}, _
                {"paymentCardExpiry", "0521"}, _
                {"paymentCardCSC", "123"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "TestProduct");
            params.put("customerName", "TestCustomer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");
            params.put("customerIP", "1.1.1.1");
            params.put("paymentCardName", "TestCard");
            params.put("paymentCardNumber", "5123456789012346");
            params.put("paymentCardExpiry", "0521");
            params.put("paymentCardCSC", "123");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Transaction approved</responseMessage>
    <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
    <authCode>731357421</authCode>
    <receiptNo>731357421</receiptNo>
    <authMessage>Honour with identification</authMessage>
    <authResponseCode>08</authResponseCode>
    <authSettledDate>2016-11-29</authSettledDate>
    <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
    <transactionAmount>1.00</transactionAmount>
    <custom1/>
    <custom2/>
    <custom3/>
    <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

processCard


The processCard method is the method used to perform a purchase request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, apostrophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Must be valid if present. Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
paymentCardNumber Required Only certain card numbers are deemed valid in the test environment. See Test Data for more information. Do not send separators with the card number (e.g. 1234-5678… or 1234 5678).
Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
paymentCardExpiry Required This must be MMYY format. The month must be zero padded if it is less than 10.
Example: 0513
Valid length: 4 digits
paymentCardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
curl -X POST \
    -d method="processAuth" \
    -d merchantUUID="5265f8eed6a19" \
    -d apiKey="ksmnwxab" \
    -d transactionAmount="1.00" \
    -d transactionCurrency="AUD" \
    -d transactionProduct="Test Product" \
    -d customerName="Test Customer" \
    -d customerCountry="AU" \
    -d customerState="QLD" \
    -d customerCity="Brisbane" \
    -d customerAddress="123 Test Street" \
    -d customerPostCode="4000" \
    -d customerPhone="61731665489" \
    -d customerEmail="[email protected]" \
    -d customerIP="1.1.1.1" \
    -d paymentCardName="Test Customer" \
    -d paymentCardNumber="5123456789012346" \
    -d paymentCardExpiry="0521" \
    -d paymentCardCSC="123" \
    -d hash="b55552ff426d7e3d4885465d27ea0062" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processAuth',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentCardName' => 'Test Customer',
  'paymentCardNumber' => '5123456789012346',
  'paymentCardExpiry' => '0521',
  'paymentCardCSC' => '123',
  'hash' => 'b55552ff426d7e214885465d27ea006221)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processAuth',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionProduct' : 'Test Product',
  'customerName' : 'Test Customer',
  'customerCountry' : 'AU',
  'customerState' : 'QLD',
  'customerCity' : 'Brisbane',
  'customerAddress' : '123 Test Street',
  'customerPostCode' : '4000',
  'customerPhone' : '61731665489',
  'customerEmail' : [email protected]',
  'customerIP' : '1.1.1.1',
  'paymentCardName' : 'Test Customer',
  'paymentCardNumber' : '5123456789012346',
  'paymentCardExpiry' : '0521',
  'paymentCardCSC' : '123',
  'hash' : 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'processAuth',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentCardName' => 'Test Customer',
  'paymentCardNumber' => '5123456789012346',
  'paymentCardExpiry' => '0521',
  'paymentCardCSC' => '123',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processAuth" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },
                        { "customerIP", "1.1.1.1" },
                        { "paymentCardName", "Test Customer" },
                        { "paymentCardNumber", "5123456789012346" },
                        { "paymentCardExpiry", "0521" },
                        { "paymentCardCSC", "123" },
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processAuth"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _
                {"customerIP", "1.1.1.1"}, _
                {"paymentCardName", "Test Customer"}, _
                {"paymentCardNumber", "5123456789012346"}, _
                {"paymentCardExpiry", "0521"}, _
                {"paymentCardCSC", "123"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processAuth");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "TestProduct");
            params.put("customerName", "TestCustomer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");
            params.put("customerIP", "1.1.1.1");
            params.put("paymentCardName", "TestCard");
            params.put("paymentCardNumber", "5123456789012346");
            params.put("paymentCardExpiry", "0521");
            params.put("paymentCardCSC", "123");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Transaction approved</responseMessage>
    <transactionID>1336-37edc560-b601-11e6-b9c3-005056b209e0</transactionID>
    <authCode>731357433</authCode>
    <receiptNo>731357433</receiptNo>
    <authMessage>Honour with identification</authMessage>
    <authResponseCode>08</authResponseCode>
    <authSettledDate>2016-11-29</authSettledDate>
    <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
    <transactionAmount>1.00</transactionAmount>
    <custom1/>
    <custom2/>
    <custom3/>
    <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

processAuth


The processAuth method is used to perform a pre-authorization request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processAuth

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, apostrophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
paymentCardNumber Required Only certain card numbers are deemed valid in the test environment. See Test Data for more information. Do not send separators with the card number (e.g. 1234-5678… or 1234 5678).
Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
paymentCardExpiry Required This must be MMYY format. The month must be zero padded if it is less than 10.
Example: 0513
Valid length: 4 digits
paymentCardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
curl -X POST \
  -d method="processCapture" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionAmount="1.00" \
  -d transactionCurrency="AUD" \
  -d transactionID="1336-37edc560-b601-11e6-b9c3-005056b209e0"
  -d captureAmount="1.00"
  -d hash="b55552ff426d7e3d4885465d27ea0062" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processCapture',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionID' => '1336-37edc560-b601-11e6-b9c3-005056b209e0',
  'captureAmount' => '1.00',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processCapture',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionID' : '1336-37edc560-b601-11e6-b9c3-005056b209e0',
  'captureAmount' : '1.00',
  'hash' : 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'processCapture',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionID' => '1336-37edc560-b601-11e6-b9c3-005056b209e0',
  'captureAmount' => '1.00',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processCapture" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionID", "1336-37edc560-b601-11e6-b9c3-005056b209e0" },
                        { "captureAmount", "1.00" },                        
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processCapture"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionID", "1336-37edc560-b601-11e6-b9c3-005056b209e0"}, _
                {"captureAmount", "1.00"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processCapture");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionID", "1336-37edc560-b601-11e6-b9c3-005056b209e0");
            params.put("captureAmount", "1.00");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-fe4d3be6-b604-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357526</authCode>
  <receiptNo>731357526</receiptNo>
  <authMessage>Approved or completed successfully</authMessage>
  <authResponseCode>00</authResponseCode>
  <authSettledDate>2016-11-30</authSettledDate>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

processCapture


The processCapture method is used to perform a capture request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processCapture

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required This amount must be the exact amount submitted with the initial transaction. This is used in the verification hash, and is not the amount that will be refunded.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD

Capture Parameters

Parameter Required Description
transactionID Required The <transactionID> is provided to you by Merchant Warrior after an initial pre-authorization (processAuth) transaction.
Example: 1-a1c340c8-7c30-11de-8888-000c29753ad4
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters
captureAmount Required The amount is in the same format as transactionAmount. It cannot be less than 0.01 or more than the initial transaction amount.
Example: 10.00

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
  curl -X POST \
  -F "method=processBatch" \
  -F "merchantUUID=5265f8eed6a19" \
  -F "apiKey=ksmnwxab" \
  -F "batchNotifyURL=https://www.mydomain.com/notify" \
  -F "[email protected]" \
  -F "fileHash=eaf937db33027ba345d0d8a788460b81" \
  -F "urlHash=f06d19d9d7311cdcdfc37534a7fd0ea4" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processBatch',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'batchNotifyURL' => 'https://www.mydomain.com/notify',
  'batchFile' => [email protected]',
  'fileHash' => 'eaf937db33027ba345d0d8a788460b81',
  'urlHash' => 'f06d19d9d7311cdcdfc37534a7fd0ea4'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processBatch',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'batchNotifyURL' : 'https://www.mydomain.com/notify',
  'batchFile' : [email protected]',
  'fileHash' : 'eaf937db33027ba345d0d8a788460b81',
  'urlHash' : 'f06d19d9d7311cdcdfc37534a7fd0ea4'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'processBatch',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'batchNotifyURL' => 'https://www.mydomain.com/notify',
  'batchFile' => [email protected]',
  'fileHash' => 'eaf937db33027ba345d0d8a788460b81',
  'urlHash' => 'f06d19d9d7311cdcdfc37534a7fd0ea4'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processBatch" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "batchNotifyURL", "https://www.mydomain.com/notify" },
                        { "batchFile", "@Batch.zip" },
                        { "fileHash", "eaf937db33027ba345d0d8a788460b81" },
                        { "urlHash", "f06d19d9d7311cdcdfc37534a7fd0ea4" },                       
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processBatch"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"batchNotifyURL", "https://www.mydomain.com/notify"}, _
                {"batchFile", "@Batch.zip"}, _
                {"fileHash", "eaf937db33027ba345d0d8a788460b81"}, _
                {"urlHash", "f06d19d9d7311cdcdfc37534a7fd0ea4"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processBatch");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("batchNotifyURL", "https://www.mydomain.com/notify");
            params.put("batchFile", "@Batch.zip");
            params.put("fileHash", "eaf937db33027ba345d0d8a788460b81");
            params.put("urlHash", "f06d19d9d7311cdcdfc37534a7fd0ea4");          

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Batch has been successfully submitted.</responseMessage>
  <batchUUID>1336583d3a953ce2d</batchUUID>
</mwResponse>

processBatch


The processBatch method enables merchants to securely automate the processing of batch files containing credit card, token transaction data or bank accounts. This method accepts and processes compressed .csv files directly via the Direct API and should be implemented when automating a large number of transactions is a requirement.

The processBatch method will process a batch file and automatically issue a notification via POST to the merchant’s application when the batch file has completed processing. The batch response file (containing the results to all transactions processed via the original batch file) can be sent (and compressed) with the POST notification if requested by the merchant.

Sample process and response batch files can be found at the Sample Files section.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processBatch

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Batch Parameters

Parameter Required Description
batchNotifyURL Required Asynchronous POST notifications will be sent to this URL.
Example: https://www.example.com/notify.php
batchResponseFileAttach Not Required The value is a boolean to denote whether a response file should be attached with the asynchronous POST notifications.
Example: 1
batchResponseFileCompress Not Required The value is a boolean to denote whether the response file should be compressed (.zip).
Example: 1

Batch File Parameters

Parameter Required Description
batchFile Required The batch file must be in CSV format (.csv) and compressed (.zip).
Example: Batch.zip
fileHash Required The hash of the batch file. See Batch File Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters

Verification Hash

Parameter Required Description
urlHash Required The hash of the batchNotifyURL. See Batch URL Hash for information on how to construct the hash correctly.
Example: 511999e54b9ad51ce4c28d7f0550ac81
Valid length: 32 characters
Sample Request
curl -X POST \
  -d method="retrieveBatch" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d batchUUID="1336583d3a953df2d" \
  -d hash="fb0e9b2a729d0fda759ui658cb8c2b20" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'retrieveBatch',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'batchUUID' => '1336583d3a953df2d',
  'hash' => 'fb0e9b2a729d0fda759ui658cb8c2b20'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'retrieveBatch',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'batchUUID' : '1336583d3a953df2d',
  'hash' : 'fb0e9b2a729d0fda759ui658cb8c2b20'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'retrieveBatch',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'batchUUID' => '1336583d3a953df2d',
  'hash' => 'fb0e9b2a729d0fda759ui658cb8c2b20'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "retrieveBatch" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "batchUUID", "1336583d3a953df2d" },                       
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "retrieveBatch"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"batchUUID", "1336583d3a953df2d"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "retrieveBatch");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("batchUUID", "1336583d3a953df2d");
            params.put("hash", "fb0e9b2a729d0fda759ui658cb8c2b20");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
"Transaction ID","Result","Amount","Currency","Created Date","Created Time","Processed Date","Processed Time","Card Name/Card ID","Card Number/Card Key","Custom 1","Custom 2","Custom 3","Store ID","Type","MW Response","Provider Response"
"1336-45a61a65-b60e-11e6-b9c3-005056b209e0","Fail","23.00","AUD","29/11/2016","18:31:49","29/11/2016","18:31:49","Test Customer","5123xxxxxxxx2346","JaYfKnIbVlAx","NyYiVwKwFcUk","VyJvNpVgWgUu","","purchase","Transaction declined","42 - No universal account"
"1336-45e0d356-b60e-11e6-b9c3-005056b209e0","Fail","58.00","AUD","29/11/2016","18:31:49","29/11/2016","18:31:50","Test Customer","5123xxxxxxxx2346","YvMcYhKwPtNo","ReMkHxIsKaFe","WuYiJhWoOuUq","","purchase","Transaction declined","42 - No universal account"
"1336-460cc7af-b60e-11e6-b9c3-005056b209e0","Fail","95.00","AUD","29/11/2016","18:31:50","29/11/2016","18:31:50","Test Customer","5123xxxxxxxx2346","WmVaZgVcNmIi","BlVkOnKoMsHo","PtEwVqShSnWp","","purchase","Transaction declined","42 - No universal account"
"1336-463779d5-b60e-11e6-b9c3-005056b209e0","Fail","84.00","AUD","29/11/2016","18:31:50","29/11/2016","18:31:50","Test Customer","5123xxxxxxxx2346","WhSkJgUxDaDr","JxMmMrAjUeJp","SpMtMtReQwHo","","purchase","Transaction declined","42 - No universal account"
"1336-465d56ec-b60e-11e6-b9c3-005056b209e0","Fail","36.00","AUD","29/11/2016","18:31:50","29/11/2016","18:31:50","Test Customer","5123xxxxxxxx2346","NpAvSjMjShOo","MsIdHfBdBeVx","TkIlCoQjDvCd","","purchase","Transaction declined","42 - No universal account"
"1336-468b285d-b60e-11e6-b9c3-005056b209e0","Fail","76.00","AUD","29/11/2016","18:31:50","29/11/2016","18:31:51","Test Customer","5123xxxxxxxx2346","ZsVfXdAtWxGd","ZeChZtSlZxLp","QtKhXnSoTjDv","","purchase","Transaction declined","42 - No universal account"
"1336-46b4bf03-b60e-11e6-b9c3-005056b209e0","Fail","41.00","AUD","29/11/2016","18:31:51","29/11/2016","18:31:51","Test Customer","5123xxxxxxxx2346","DbCpNjWsBaSe","XdErQtJkVoUh","AmYdWjSwEmEs","","purchase","Transaction declined","42 - No universal account"
"1336-46e0e0d5-b60e-11e6-b9c3-005056b209e0","Fail","62.00","AUD","29/11/2016","18:31:51","29/11/2016","18:31:51","Test Customer","5123xxxxxxxx2346","IsGhDeYnNyJn","BjQsDcBkCpXo","JgMnRxSgMwIe","","purchase","Transaction declined","42 - No universal account"
"1336-470c772d-b60e-11e6-b9c3-005056b209e0","Fail","27.00","AUD","29/11/2016","18:31:51","29/11/2016","18:31:52","Test Customer","5123xxxxxxxx2346","NaWuNoUmYmCj","OdCoTdJbLkZp","SfEbKqAxNrRx","","purchase","Transaction declined","42 - No universal account"
"1336-4732f831-b60e-11e6-b9c3-005056b209e0","Fail","6.00","AUD","29/11/2016","18:31:52","29/11/2016","18:31:52","Test Customer","5123xxxxxxxx2346","BmAuNyDtSkYt","PyBvKnTyYpZe","JlAdLmXaBnFc","","purchase","Transaction declined","42 - No universal account"

retreiveBatch


The retrieveBatch method is the method used to retrieve the results of a batch file that has been processed via the processBatch method (see above). This method returns a .csv or .zip (depending on whether the merchant requested a compressed response file) file containing the results of all transactions submitted in the original batch file.

Sample process and response batch files can be found at the Sample Files section

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: retrieveBatch

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Batch Parameters

Parameter Required Description
batchUUID Required The value of this parameter is assigned to you by Merchant Warrior for every processBatch request.
Example: 14dc3311444adc

Verification Hash

Parameter Required Description
hash Required The hash of the batchUUID. See Batch Response Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
  curl -X POST \
  -d method="refundCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionAmount="1.00" \
  -d transactionCurrency="AUD" \
  -d transactionID="1336-20be3569-b600-11e6-b9c3-005056b209f0" \
  -d refundAmount="1.00" \
  -d hash="b55552ff426d7e3d4635334th7ea0067" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'refundCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056b209f0',
  'refundAmount' => '1.00',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'refundCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionID' : '1336-20be3569-b600-11e6-b9c3-005056b209f0',
  'refundAmount' : '1.00',
  'hash' : 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'refundCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056b209f0',
  'refundAmount' => '1.00',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "refundCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionID", "1336-20be3569-b600-11e6-b9c3-005056b209f0" },
                        { "refundAmount", "1.00" },                       
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "refundCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionID", "1336-20be3569-b600-11e6-b9c3-005056b209f0"}, _
                {"refundAmount", "1.00"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "refundCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionID", "1336-20be3569-b600-11e6-b9c3-005056b209f0");
            params.put("refundAmount", "1.00");           
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-1b7762bc-b610-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357634</authCode>
  <receiptNo>731357634</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-30</authSettledDate>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

refundCard


The refundCard method is used to perform a refund of an existing purchase or capture transaction.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: refundCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required This amount must be the exact amount submitted with the initial transaction. This is used in the verification hash, and is not the amount that will be refunded.
Example: 10.00
transactionCurrency Required The currency must match the one submitted with the initial transaction. This is used in the verification hash.
Example: AUD
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Refund Parameters

Parameter Required Description
transactionID Required The <transactionID> returned for the initial transaction.
Example: 1-a1c340c8-7c30-11de-8888-000c29753ad4
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters
refundAmount Required The amount is in the same format as transactionAmount. It cannot be less than 0.01 or more than the initial transaction amount.
Example: 10.00

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
  curl -X POST \
  -d method="queryCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionID="1336-20be3569-b600-11e6-b9c3-005056e109e0" \
  -d hash="11b6a860e5bdf0bd91a503b42346ee1d" https://api.merchantwarrior.com/post/
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "queryCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionID", "1336-20be3569-b600-11e6-b9c3-005056e109e0" },                      
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "queryCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionID", "1336-20be3569-b600-11e6-b9c3-005056e109e0"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "queryCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionID", 
              "1336-20be3569-b600-11e6-b9c3-005056e109e0");           
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", 
              "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
              new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
              sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'queryCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'queryCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionID' : '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'hash' : '11b6a860e5bdf0bd91a503b42346ee1d'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'queryCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-20be3569-b600-11e6-b9c3-005056e109e0</transactionID>
  <authCode>731357421</authCode>
  <receiptNo>731357421</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-29</authSettledDate>
  <refundTotal>1.00</refundTotal>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>
Sample 'extended' Request
  curl -X POST \
  -d method="queryCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionID="1336-20be3569-b600-11e6-b9c3-005056b209e0" \
  -d extended="1" \
  -d hash="11b6a860e5bdf0bd91a503b42346ee1d" https://api.merchantwarrior.com/post/
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'queryCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'extended' => '1',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "queryCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionID", "1336-20be3569-b600-11e6-b9c3-005056e109e0" },
                        { "extended", "1" },                    
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "queryCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionID", "1336-20be3569-b600-11e6-b9c3-005056e109e0"}, _
                {"extended", "1"} _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "queryCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionID", 
                "1336-20be3569-b600-11e6-b9c3-005056e109e0");
            params.put("extended", "1");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", 
                "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'queryCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'extended' => '1',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'queryCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionID' : '1336-20be3569-b600-11e6-b9c3-005056e109e0',
  'extended' : '1',
  'hash' : '11b6a860e5bdf0bd91a503b42346ee1d'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
Sample 'extended' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357421</authCode>
  <receiptNo>731357421</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-29</authSettledDate>
  <refundTotal>1.00</refundTotal>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
  <transactionProduct>Test Product</transactionProduct>
  <customerName>Test Customer</customerName>
  <customerCountry>AU</customerCountry>
  <customerState>QLD</customerState>
  <customerCity>Brisbane</customerCity>
  <customerAddress>123 Test Street</customerAddress>
  <customerPostcode>4000</customerPostcode>
  <customerPhone>61731665489</customerPhone>
  <customerEmail>[email protected]</customerEmail>
  <transactionAmount>1.00</transactionAmount>
  <transactionCurrency>AUD</transactionCurrency>
  <cardName>Test Customer</cardName>
  <cardNumberFirst>4564</cardNumberFirst>
  <cardNumberLast>0004</cardNumberLast>
</mwResponse>

queryCard


The queryCard method is used to perform a query of an existing transaction. If you lose the original response, never receive a response, or if you wish to verify a response, you can use this method.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: queryCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Query Parameters

Parameter Required Description
transactionID Required/ Not Required The <transactionID> returned for the initial transaction.
Example: 1-a1c340c8-7c30-11de-8888-000c29753ad4
transactionReferenceID Required/ Not Required The <transactionReferenceID> sent for the initial transaction. This is a merchant’s reference ID for a transaction request sent to Merchant Warrior.
Example: A257240023321
extended Not Required Returns additional information stored with the transaction. This must be in boolean format.
Example: 1

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Query Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters


Sample Request
  curl -X POST \
  -d method="processDDebit" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionAmount="1.00" \
  -d transactionCurrency="AUD" \
  -d transactionProduct="A1234" \
  -d customerName="Test Customer" \
  -d customerCountry="AU" \
  -d customerState="QLD" \
  -d customerCity="Brisbane" \
  -d customerAddress="123 Test Street" \
  -d customerPostCode="4000" \
  -d customerPhone="61731665489" \
  -d customerEmail="[email protected]" \
  -d customerIP="1.1.1.1" \
  -d paymentAccountBSB="014667" \
  -d paymentAccountNumber="12345678" \
  -d paymentAccountName="Test Customer" \
  -d hash="f518187f47bc52fe5a76a18593df72c9" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processDDebit',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'A1234',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentAccountBSB' => '014667',
  'paymentAccountNumber' => '12345678',
  'paymentAccountName' => 'Test Customer',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processDDebit',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionProduct' : 'A1234',
  'customerName' : 'Test Customer',
  'customerCountry' : 'AU',
  'customerState' : 'QLD',
  'customerCity' : 'Brisbane',
  'customerAddress' : '123 Test Street',
  'customerPostCode' : '4000',
  'customerPhone' : '61731665489',
  'customerEmail' : [email protected]',
  'customerIP' : '1.1.1.1',
  'paymentAccountBSB' : '014667',
  'paymentAccountNumber' : '12345678',
  'paymentAccountName' : 'Test Customer',
  'hash' : 'f518187f47bc52fe5a76a18593df72c9'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'processDDebit',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'A1234',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'paymentAccountBSB' => '014667',
  'paymentAccountNumber' => '12345678',
  'paymentAccountName' => 'Test Customer',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processDDebit" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },
                        { "customerIP", "1.1.1.1" },
                        { "paymentAccountBSB", "014667" },
                        { "paymentAccountNumber", "12345678" },
                        { "paymentAccountName", "Test Customer" },
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processDDebit"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _
                {"customerIP", "1.1.1.1"}, _
                {"paymentAccountBSB", "014667"}, _
                {"paymentAccountNumber", "12345678"}, _
                {"paymentAccountName", "Test Customer"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processDDebit");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "TestProduct");
            params.put("customerName", "TestCustomer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");
            params.put("customerIP", "1.1.1.1");
            params.put("paymentAccountBSB", "014667");
            params.put("paymentAccountNumber", "12345678");
            params.put("paymentAccountName", "TestCustomer");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>10</responseCode>
  <responseMessage>Transaction pending</responseMessage>
  <transactionID>1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0</transactionID>
  <settlementDate>2016-12-05</settlementDate>
</mwResponse>

processDDebit


The processDDebit method is used to perform a direct debit request to debit funds from an Australian or New Zealand bank account.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processDDebit

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, aposprophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
paymentAccountBSB Required This field must contain 6 digits.
Example: 011123
Valid length: 6 digits
paymentAccountNumber Required This must be a valid account number.
Example: 123456789
Valid length: 4-10 digits
paymentAccountName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 32 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
  curl -X POST \
  -d method="queryDD" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d transactionID="1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0" \
  -d hash="6e3c0ac9fef871a7c43ef5f0e63d6a6b" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'queryDD',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0',
  'hash' => '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'queryDD',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionID' : '1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0',
  'hash' : '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'queryDD',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionID' => '1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0',
  'hash' => '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "queryDD" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionID", "1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0" },                        
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "queryDD"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionID", "1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "queryDD");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionID", "1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0");
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                  postData.append('&');
                  postData.append(param.getKey());
                  postData.append('=');
                  postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>10</responseCode>
  <responseMessage>Transaction pending</responseMessage>
  <transactionID>1336-d2b4ccfc-b612-11e6-b9c3-005056b209e0</transactionID>
  <settlementDate/>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>9e71fc2a99a71b722ead746b776b25ac</customHash>
</mwResponse>

queryDD


The queryDD method is the method used to perform a query of an existing direct debit transaction. If you wish to verify the status of a transaction or lost the original response or never receive a response, you can use this method. This method will query the internal MW records and return the available stored data for the transaction.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: queryDD

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Query Parameters

Parameter Required Description
transactionID Required/ Not Required The <transactionID> returned for the initial transaction.
Example: 1-a1c340c8-7c30-11de-8888-000c29753ad4
transactionReferenceID Required/ Not Required The <transactionReferenceID> sent for the initial transaction. This is a merchant’s reference ID for a transaction request sent to Merchant Warrior.
Example: A257240023321
extended Not Required Returns additional information stored with the transaction. This must be in boolean format.
Example: 1

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Query Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters


Sample Request
  curl -X POST \
  -d method="queryBIN" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d bin="512346" \
  -d binHash="6e3c0ac9fef871a7c43ef5f0e63d6a6b" https://api.merchantwarrior.com/post/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'queryBIN',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'bin' => '512346',
  'binHash' => '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'queryBIN',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'bin' : '512346',
  'binHash' : '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'queryBIN',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'bin' => '512346',
  'binHash' => '6e3c0ac9fef871a7c43ef5f0e63d6a6b'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'bin' => (isset($xml['bin']) ? $xml['bin'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "queryBIN" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "bin", "512346" },                        
                        { "binHash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "queryBIN"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"bin", "512346"}, _
                {"binHash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "queryBIN");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("bin", "512346");
            params.put("binHash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                  postData.append('&');
                  postData.append(param.getKey());
                  postData.append('=');
                  postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?> 
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <bin>456442</bin>
    <bank_name>COMMONWEALTH BANK OF AUSTRALIA</bank_name>
    <type>CREDIT</type>
    <country>AU</country>
    <brand>VISA</brand>
    <rate/>
    <recurring_rate/>
    <name>CLASSIC</name>
</mwResponse>

queryBIN


The queryBIN method is used to determine the banking information (Bank Name, Card Type, Card Country etc) related to a credit/debit card’s Bank Identification Number (BIN).

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: queryBIN

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Query Parameters

Parameter Required Description
bin Required The six digit BIN of the credit/debit card.
Example: 512346

Verification Hash

Parameter Required Description
binHash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See BIN Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters


Sample Request
  curl -X POST \
  -d method="getSettlement" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d settlementFrom="2017-05-01" \
  -d settlementTo="2017-05-02" \
  -d hash="11b6a860e5bdf0bd91a503b42346ee1d" https://api.merchantwarrior.com/post/
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/post/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "getSettlement" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "settlementFrom", "2017-05-01" }, 
                        { "settlementTo", "2017-05-02" },                     
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/post/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "getSettlement"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"settlementFrom", "2017-05-01"},
                {"settlementTo", "2017-05-02"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/post/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "getSettlement");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("settlementFrom", "2017-05-01");
            params.put("settlementTo", "2017-05-02");           
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", 
              "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
              new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
              sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/post/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'getSettlement',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'settlementFrom' => '2017-05-01',
  'settlementTo' => '2017-05-02',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'getSettlement',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'settlementFrom' : '2017-05-01',
  'settlementTo' : '2017-05-02',
  'hash' : '11b6a860e5bdf0bd91a503b42346ee1d'
}

r = requests.post('https://api.merchantwarrior.com/post/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/post/');

// Setup POST data
$postData = array (
  'method' => 'getSettlement',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'settlementFrom' => '2017-04-25',
  'settlementTo' => '2017-04-30',
  'hash' => '11b6a860e5bdf0bd91a503b42346ee1d'
);


// Setup CURL defaults
$curl = curl_init();

$tmpFile = '/tmp/settlement.zip';
$tmpZip = fopen($tmpFile, 'w+');

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_FILE, $tmpZip);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

curl_close($curl);
fclose($tmpZip);

// Example of outputting Zip contents

$zip = zip_open($tmpFile);

if ($zip)
  {
  while ($zip_entry = zip_read($zip))
    {
    echo "Filename: " . zip_entry_name($zip_entry) . "\n\n";

    if (zip_entry_open($zip, $zip_entry))
      {
      $contents = zip_entry_read($zip_entry);
      echo "$contents\n\n";
      zip_entry_close($zip_entry);
      }
  }

zip_close($zip);

// Delete zip file when finished with it
unlink($tmpFile);
}

?>
Sample Response
A Zip file containing a CSV list of transactions will be returned.

getSettlement


The getSettlement method will return a compressed Zip archive that contains a CSV file with a list of transactions that have settled between the dates specified in the request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: getSettlement

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Query Parameters

Parameter Required Description
settlementFrom Required The settlement start range date. This parameter cannot be greater than the settlementTo parameter.
Example: 2017-05-01
settlementTo Required The settlement end range date. The parameter cannot be a future date. The maximum value for this parameter is today’s date.
Example: 2017-05-02

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Settlement Type Hash for information on how to construct the hash correctly.
Example: f7a04ace7b0c5bf8f24a49bfc73d3805
Valid length: 32 characters


Production API Endpoint

https://api.merchantwarrior.com/paylink/

Sandbox API Endpoint

https://base.merchantwarrior.com/paylink/

Replace snippets below with your merchantUUID, apiKey and correct hash.

MWPAY.Link

The following sub-sections will outline information in relation to the Merchant Warrior PAY.Link service.

Introduction

The Merchant Warrior MWPAY.Link service enables you to generate a unique payment link that when accessed will allow your customer to complete a payment via a secure Hosted Payment Page.

Each MWPAY.Link that is generated will have a unique code attached to it. You can also link your own internal Reference ID to a unique code in order to reconcile transactions that take place via a unique payment link. The MWPAY.Link service can also notify your systems in real-time after a customer has completed a payment.

MWPAY.Link URLs are useful for scenarios such as sending bills via email and/or SMS, e-invoices, donations etc.

You will need to obtain a Merchant UUID, API Key and API passphrase in order to use this feature. These details will be issued to you when you create your MW account.

Request Format

API requests are submitted to this service using POST, and must be performed over HTTPS.

Sample Request
curl -X POST \ 
    -d merchantUUID="4a3cda44663c5" \
    -d apiKey="2h7eognq" \
    -d linkReferenceID="12345" \
    -d transactionAmount="1.00" \
    -d transactionCurrency="AUD" \
    -d transactionProduct="Test Product" \
    -d customerName="Test Customer" \
    -d customerCountry="AU" \
    -d customerState="QLD" \
    -d customerCity="Brisbane" \
    -d customerAddress="123 Test Street" \
    -d customerPostCode="4000" \
    -d customerPhone="61731665489" \
    -d customerEmail="[email protected]" \
    -d hash="fe5b6e0a3cd07ef9b72a1366270496fc" https://api.merchantwarrior.com/paylink/

require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/paylink/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'merchantUUID' => '4a3cda44663c5',
  'apiKey' => '2h7eognq',
  'linkReferenceID' => '12345',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'hash' => 'fe5b6e0a3cd07ef9b72a1366270496fc'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'merchantUUID': '4a3cda44663c5',
  'apiKey': '2h7eognq',
  'linkReferenceID': '12345',
  'transactionAmount': '1.00',
  'transactionCurrency': 'AUD',
  'transactionProduct': 'Test Product',
  'customerName': 'Test Customer',
  'customerCountry': 'AU',
  'customerState': 'QLD',
  'customerCity': 'Brisbane',
  'customerAddress': '123 Test Street',
  'customerPostCode': '4000',
  'customerPhone': '61731665489',
  'customerEmail': [email protected]',  
  'hash': 'fe5b6e0a3cd07ef9b72a1366270496fc'
}

r = requests.post('https://api.merchantwarrior.com/paylink/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/paylink/');

// Setup POST data
$postData = array (
  'merchantUUID' => '4a3cda44663c5',
  'apiKey' => '2h7eognq',
  'linkReferenceID' => '12345',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'hash' => 'fe5b6e0a3cd07ef9b72a1366270496fc'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status,   
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/paylink/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "merchantUUID", "4a3cda44663c5" },
                        { "apiKey", "2h7eognq" },
                        { "linkReferenceID", "12345" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },                        
                        { "hash", "fe5b6e0a3cd07ef9b72a1366270496fc" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/paylink/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"merchantUUID", "4a3cda44663c5"}, _
                {"apiKey", "2h7eognq"}, _
                {"linkReferenceID", "12345"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _                
                {"hash", "fe5b6e0a3cd07ef9b72a1366270496fc"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/paylink/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("merchantUUID", "4a3cda44663c5");
            params.put("apiKey", "2h7eognq");
            params.put("linkReferenceID", "12345");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "Test Product");
            params.put("customerName", "Test Customer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");            
            params.put("hash", "fe5b6e0a3cd07ef9b72a1366270496fc");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation Successful</responseMessage>
    <linkReferenceID>12345</linkReferenceID>
    <uniqueCode>fd4a9585e24dca85f66f0c641fd43d08</uniqueCode>
    <expiry>2017-05-01 17:45:12</expiry>
    <linkURL>
    https://secure.merchantwarrior.com/paylink?uniqueCode=fd4a9585e24dca85f66f0c641fd43d08
    </linkURL>
    <transactionProduct>Book</transactionProduct>
    <transactionAmount>1330.00</transactionAmount>
    <transactionCurrency>AUD</transactionCurrency>
</mwResponse>
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Operation Successfully</responseMessage>
  <linkReferenceID>12345</linkReferenceID>
  <uniqueCode>862a7b2d37b70923b8a91986f6faba80</uniqueCode>
  <reference>2-5f1f1f20-3132-11e7-92a6-005056b209e0</reference>
  <status>approved</status>
  <message>Transaction approved</message>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?linkReferenceID=12345&uniqueCode=862a7b2d37b70923b8a91986f6faba80&reference=2-5f1f1f20-3132-11e7-92a6-005056b209e0&status=approved&message=Transaction+approved


The request paramaters below detail how to generate a unique payment link. Each payment link will have a uniqueCode associated with it.

Request-Parameters

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
linkReferenceID Not Required This is a merchant’s unique reference ID that can be used to match a uniqueCode with a merchant’s internal reference ID.
Example: A257240023321
Valid length: Up to 40 characters
expiry Not Required The expiration of the unique payment link. This paramater should be formatted as a DateTime (yyyy-mm-dd hh:mm:ss). By default the unique payment link will expire after 7 days.
Example: 2017-05-01 17:45:12

Customer Parameters

Parameter Required Description
customerName Not Required This field can only contain alphanumeric characters, as well as the full stop, comma, apostrophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Not Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Not Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Not Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Not Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Not Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Must be valid if present. Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction. This parameter can also be hardcoded via the merchant administration interface.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL. This parameter can also be hardcoded via the merchant administration interface.
Example: https://www.example.com/notify.php
urlHash Required The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. It must be specified if you specify either returnURL or notifyURL. See Web URL Hash for information on how to construct the hash correctly.
Example: 511999e54b9ad51ce4c28d7f0550ac81
Valid Length: 32 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field.
Valid length: Up to 500 characters
custom2 Not Required Freeform field.
Valid length: Up to 500 characters
custom3 Not Required Freeform field.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Production API Endpoint

https://api.merchantwarrior.com/token/

Sandbox API Endpoint

https://base.merchantwarrior.com/token/

Token Payments

The following sub-sections will outline the various API methods present in the Merchant Warrior Token Payments service.

Introduction

Token Payments allows merchants to perform subsequent transactions for a customer without the customer sending their cardholder data to the MW platform more than once. Implementing this feature can reduce PCI DSS scope significanly as merchants are not required to store customer cardholder (PAN) data.

Global Vault

The Merchant Warrior Global Vault stores tokens in a globally accessible Vault. This feature enables merchants to gain access to customer tokens without requiring the customer (if they have registered cards in the Global Vault) to enter their credit card details into the merchant’s website. The Merchant Warrior Global Vault links a customer’s email address and cell number to their credit card(s).

A merchant can request access to a customer’s token(s) by providing their email address to the Merchant Warrior Global Vault service. The customer’s token(s) are only provided to the merchant after the customer grants access to the merchant by completing a 2FA step via email or SMS technologies.

Key Management

As the Token Payments solution enables merchants to store encryption keys the following key management principles must be taken into consideration:
• Strong encryption keys should be generated (pseudo-random data of high entropy)
• Encryption keys must only be transmitted via a Secure Socket Layer (SSL) encrypted tunnel
• Encryption keys must be stored securely, only accessible by necessary staff and applications
• Staff with access to encryption keys should acknowledge (in writing or electronically) that they understand and accept their key-custodian responsibilities

Further information regarding key management procedures is made available by NIST -
http://csrc.nist.gov/groups/ST/key_mgmt/

Request Format

API requests are submitted to the Token Payments service using POST, and must be performed over HTTPS.

Available Methods

The Token Payments service consists of the following methods:
addCard: Adds a card to the Local or Global Vault
removeCard: Removes a card from the Local or Global Vault
cardInfo: Returns information on the stored card (name, expiry, etc)
changeExpiry: Changes the expiry date on an existing card stored in the Local or Global Vault
checkCardChange: Checks the Global Vault for any changes that may have occurred for a registered email in the Global Vault (eg. addition of a new card or removal of an old card)
checkEmail: Checks the email registered in the Global Vault and requests a verification code to be sent to the customer either to retrieve or remove card(s)
checkContact: Checks the mobile contact registered for an email in the Global Vault and requests a verification code to be sent to the customer for updateContact method
retrieveCard: Retrieves card(s) registered to an email from the Global Vault
updateContact: Updates customer’s mobile contact in the Global Vault
processCard: Performs a purchase request using a token added via the addCard method
processAuth: Performs a pre-authorization request using a token added via the addCard method

Sample Request
curl -X POST \
  -d method="addCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardName="Test Customer" \
  -d cardNumber="5123456789012346" \
  -d cardExpiryMonth="05" \
  -d cardExpiryYear="17" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'addCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardName' => 'Test Customer',
  'cardNumber' => '5123456789012346',
  'cardExpiryMonth' => '05',
  'cardExpiryYear' => '17'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'addCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardName' : 'Test Customer',
  'cardNumber' : '5123456789012346',
  'cardExpiryMonth' : '05',
  'cardExpiryYear' : '17'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'addCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardName' => 'Test Customer',
  'cardNumber' => '5123456789012346',
  'cardExpiryMonth' => '05',
  'cardExpiryYear' => '17'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
  throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "addCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardName", "Test Customer" },
                        { "cardNumber", "5123456789012346" },
                        { "cardExpiryMonth", "05" },
                        { "cardExpiryYear", "17" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "addCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardName", "Test Customer"}, _
                {"cardNumber", "5123456789012346"}, _
                {"cardExpiryMonth", "05"}, _
                {"cardExpiryYear", "17"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "addCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardName", "TestCustomer");
            params.put("cardNumber", "5123456789012346");
            params.put("cardExpiryMonth", "05");
            params.put("cardExpiryYear", "17");            

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}
Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <cardID>MJKT20850598</cardID>
    <cardKey>qUKDIbq8idy5qsSf</cardKey>
    <ivrCardID>10230271</ivrCardID>
    <cardNumber>512345XXXXXX2346</cardNumber>
</mwResponse>
cardKey should only be used if you do NOT want MW handling your key storage

addCard


The addCard method is used to add a new card to the MW Vault.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: addCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Cardholder Data

Parameter Required Description
cardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
cardNumber Required Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
cardExpiryMonth Required This must be MM format. The month must be zero padded if it is less than 10.
Example: 05
Valid length: 2 digits
cardExpiryYear Required This must be YY format.
Example: 13
Valid length: 2 digits

Global Vault Parameters

Parameter Required Description
cardGlobal Required/ Not Required This must be in a boolean format.
Example: 1
cardEmail Required/ Not Required This must be in a valid email format.
Example: [email protected]
cardContact Required/ Not Required This must be in a valid Australian or International mobile number format.
Example: 0486292992 or +614920202820


Sample Request
  curl -X POST \
  -d method="removeCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardID="MJKT20850598" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'removeCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'MJKT20850598'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'removeCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardID' : 'MJKT20850598'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'removeCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'MJKT20850598'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
    'status' => $status, 
    'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
    'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "removeCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardID", "MJKT20850598" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "removeCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardID", "MJKT20850598"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "removeCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardID", "MJKT20850598");            

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <cardID>MJKT20850598</cardID>
</mwResponse>

removeCard


The removeCard method is the method used to remove a card from the MWV once it has been added.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: removeCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Cardholder Data

Parameter Required Description
cardID Required A unique alphanumeric string returned by addCard, used to identify a specific card.
Example: NUFM56937091
cardKey Not Required A string used as an encryption/decryption key. This should only be used if you do NOT want Merchant Warrior handling your key storage. This should be unique on a per-card basis. It’s used to encrypt the card when we store it. Every time we receive a process card request, the correct cardkey must also be provided – which is known only to you.
Example: a84JI2cA12ziZ3Fx
Valid length: 16 characters

Global Vault Parameters

Parameter Required Description
cardGlobal Required/ Not Required This must be in a boolean format.
Example: 1
cardEmail Required/ Not Required This must be in a valid email format.
Example: [email protected]
code Required/ Not Required The value of this parameter is sent by Merchant Warrior directly to the customer either via Email or SMS.
Example: 1a3b5c
Valid Length: 6 characters


Sample Request
curl -X POST \
  -d method="cardInfo" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardID="ZBOW20853528" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'cardInfo',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'ZBOW20853528'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'cardInfo',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardID' : 'ZBOW20853528'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'cardInfo',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'ZBOW20853528'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
    'status' => $status, 
    'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
    'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "cardInfo" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardID", "MJKT20850598" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "cardInfo"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardID", "MJKT20850598"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "cardInfo");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardID", "ZBOW20853528");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <cardID>ZBOW20853528</cardID>
    <cardName>Test Customer</cardName>
    <cardExpiryMonth>05</cardExpiryMonth>
    <cardExpiryYear>17</cardExpiryYear>
    <cardNumberFirst>5123</cardNumberFirst>
    <cardNumberLast>2346</cardNumberLast>
    <cardAdded>2016-11-30 12:16:23</cardAdded>
</mwResponse>
The cardAdded value is a GMT+10 timestamp

cardInfo


The cardInfo method is used to perform a query of an existing card. This method will return the information added via addCard with the credit card number (PAN) truncated.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: cardInfo

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Cardholder Data

Parameter Required Description
cardID Required A unique alphanumeric string returned by addCard, used to identify a specific card.
Example: NUFM56937091
cardKey Not Required A string used as an encryption/decryption key. This should only be used if you do NOT want Merchant Warrior handling your key storage. This should be unique on a per-card basis. It’s used to encrypt the card when we store it. Every time we receive a process card request, the correct cardkey must also be provided – which is known only by you.
Example: a84JI2cA12ziZ3Fx
Valid length: 16 characters
Sample Request
curl -X POST \
  -d method="changeExpiry" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardID="ZBOW20853528" \
  -d cardExpiryMonth="05" \
  -d cardExpiryYear="19" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'changeExpiry',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'ZBOW20853528',
  'cardExpiryMonth' => '05',
  'cardExpiryYear' => '19'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'changeExpiry',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardID' : 'ZBOW20853528',
  'cardExpiryMonth' : '05',
  'cardExpiryYear' : '19'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'changeExpiry',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardID' => 'ZBOW20853528',
  'cardExpiryMonth' => '05',
  'cardExpiryYear' => '19'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "changeExpiry" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardID", "ZBOW20853528" },
                        { "cardExpiryMonth", "05" },
                        { "cardExpiryYear", "19" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
        }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "changeExpiry"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardID", "ZBOW20853528"}, _
                {"cardExpiryMonth", "05"}, _
                {"cardExpiryYear", "19"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "changeExpiry");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardID", "ZBOW20853528");
            params.put("cardExpiryMonth", "05");
            params.put("cardExpiryYear", "17");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <cardID>ZBOW20853528</cardID>
</mwResponse>

changeExpiry


The changeExpiry method is used to modify a card’s expiry after it has been added to the MW Vault.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: changeExpiry

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Cardholder Data

Parameter Required Description
cardID Required A unique alphanumeric string returned by addCard, used to identify a specific card.
Example: NUFM56937091
cardKey Not Required A string used as an encryption/decryption key. This should only be used if you do NOT want Merchant Warrior handling your key storage. This should be unique on a per-card basis. It’s used to encrypt the card when we store it. Every time we receive a process card request, the correct cardkey must also be provided – which is known only by you.
Example: a84JI2cA12ziZ3Fx
Valid length: 16 characters
cardExpiryMonth Required This must be MM format. The month must be zero padded if it is less than 10.
Example: 05
Valid length: 2 digits
cardExpiryYear Required This must be YY format.
Example: 13
Valid length: 2 digits
Sample Request
curl -X POST \
  -d method="checkCardChange" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardEmail="[email protected]" \
  -d cardID="MJKT20850598,PAST20250528,OLNF31240568" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'checkCardChange',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardID' => 'MJKT20850598,PAST20250528,OLNF31240568'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'checkCardChange',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardEmail' : [email protected]',
  'cardID' : 'MJKT20850598,PAST20250528,OLNF31240568'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'checkCardChange',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardID' => 'MJKT20850598,PAST20250528,OLNF31240568'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "checkCardChange" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardEmail", "[email protected]" },
                        { "cardID", "MJKT20850598,PAST20250528,OLNF31240568" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "checkCardChange"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardEmail", "[email protected]"}, _
                {"cardID", "MJKT20850598,PAST20250528,OLNF31240568"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "checkCardChange");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardEmail", "[email protected]");
            params.put("cardID", "MJKT20850598,PAST20250528,OLNF31240568");            

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <updateStatus>0</updateStatus>
</mwResponse>
updateStatus = 0 indicates information submitted matches information in the
Global Vault.
updateStatus = 1 indicates information submitted does NOT match information
in the Global Vault.
Please see the checkEmail method to update your information to match what is
stored in the Global Vault.

checkCardChange


The checkCardChange method is used to detect if there have been any changes to a customer’s details in the Global Vault and can act as an indicator as to whether the checkEmail method should be called.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: checkCardChange

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Global Vault Parameters

Parameter Required Description
cardEmail Required This must be in a valid email format.
Example: [email protected]
cardID Required This must be in alphanumeric format and should list all the cardID(s) that you have on file for the customer’s email address. If multiple cardIDs are present they must be comma separated. All spaces should be removed from this field prior to submission.
Example: NUFM56937091, ABCD65321983
Sample Request
curl -X POST \
  -d method="checkEmail" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardEmail="[email protected]" \
  -d authMode="1" \
  -d checkMode="1" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'checkEmail',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'authMode' => '1',
  'checkMode' => '1'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method': 'checkEmail',
  'merchantUUID': '5265f8eed6a19',
  'apiKey': 'ksmnwxab',
  'cardEmail': [email protected]',
  'authMode': '1',
  'checkMode': '1'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'checkEmail',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'authMode' => '1',
  'checkMode' => '1'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "checkEmail" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardEmail", "[email protected]" },
                        { "cardNumber", "5123456789012346" },
                        { "authMode", "1" },
                        { "checkMode", "1" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "checkEmail"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardEmail", "[email protected]"}, _
                {"cardNumber", "5123456789012346"}, _
                {"authMode", "1"}, _
                {"checkMode", "1"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "checkEmail");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardEmail", "[email protected]");
            params.put("authMode", "1");
            params.put("checkMode", "1");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Verification code sent to [email protected]</responseMessage>
</mwResponse>

checkEmail


The checkEmail method is used for requesting a one-time verification code for the retrieval or removal of card(s) in the MW Global Vault.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: checkEmail

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Global Vault Parameters

Parameter Required Description
cardEmail Required This must be in a valid email format.
Example: [email protected]
authMode Required This must be in integer format. Use 1 – Email Verification and 2 – SMS Verification.
Example: 1
checkMode Required This must be in integer format. Use 1 – retrieveCard method and 2 – removeCardmethod.
Example: 1
cardID Required/ Not Required This must be in alphanumeric format. This field is only supplied when checkMode is set to 2 – removeCard.
Example: NUFM56937091
Sample Request
curl -X POST \
  -d method="checkContact" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardEmail="[email protected]" \
  -d cardContact="61412355515" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'checkContact',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardContact' => '61412355515'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'checkContact',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardEmail' : [email protected]',
  'cardContact' : '61412355515'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'checkContact',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardContact' => '61412355515'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "checkContact" },
                        { "merchantUUID", "5265f8eed6a19" },
                        { "apiKey", "ksmnwxab" },
                        { "cardEmail", "[email protected]" },
                        { "cardContact", "61412355515" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/",
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "checkContact"}, _
                {"merchantUUID", "5265f8eed6a19"}, _
                {"apiKey", "ksmnwxab"}, _
                {"cardEmail", "[email protected]"}, _
                {"cardContact", "61412355515"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "checkContact");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardEmail", "[email protected]");
            params.put("cardContact", "61412355515");           

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
              postData.append(param.getKey());
              postData.append('=');
              postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

``

<pre class="codeTitle">Sample Response</pre>
```xml
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Verification code sent to test@testemail.com</responseMessage>
</mwResponse>

checkContact


The checkContact method is used for requesting a one-time verification code to update a customer’s mobile contact in the MW Global Vault via the updateContact method.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: checkContact

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Global Vault Parameters

Parameter Required Description
cardEmail Required This must be in a valid email format.
Example: [email protected]
cardContact Required This must be in a valid Australian or International mobile number format. The contact supplied must match the contact in the Global Vault.
Example: 0486292992 or +614920202820
Sample Request
curl -X POST \
  -d method="retrieveCard" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardEmail="[email protected]" \
  -d code="abc093" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'retrieveCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'code' => 'abc093'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method': 'retrieveCard',
  'merchantUUID': '5265f8eed6a19',
  'apiKey': 'ksmnwxab',
  'cardEmail': [email protected]',
  'code': 'abc093'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'retrieveCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'code' => 'abc093'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "retrieveCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardEmail", "[email protected]" },
                        { "code", "abc093" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "retrieveCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardEmail", "[email protected]"}, _
                {"code", "abc093"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "retrieveCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardEmail", "[email protected]");
            params.put("code", "abc093");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
The below is a sample response containing multiple cardID's
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <card1>
    <cardID>5666</cardID>
    <cardNumberLast>0004</cardNumberLast>
    <cardType>visa</cardType>
    <cardExpiryMonth>02</cardExpiryMonth>
    <cardExpiryYear>19</cardExpiryYear>
    </card1>
    <card2>
    <cardID>PAST20250528</cardID>
    <cardNumberLast>2346</cardNumberLast>
    <cardType>mc</cardType>
    <cardExpiryMonth>05</cardExpiryMonth>
    <cardExpiryYear>17</cardExpiryYear>
    </card2>
</mwResponse>
Sample Response
The below is a sample response containing one cardID
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Operation successful</responseMessage>
    <cardID>5666</cardID>
    <cardNumberLast>0004</cardNumberLast>
    <cardType>visa</cardType>
    <cardExpiryMonth>02</cardExpiryMonth>
    <cardExpiryYear>19</cardExpiryYear>
</mwResponse>

retrieveCard


The retrieveCard method is used to retrieve card(s) registered to an email address in the MW Global Vault.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: retrieveCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Global Vault Parameters

Parameter Required Description
cardEmail Required This must be in a valid email format.
Example: [email protected]
code Required The value of this parameter is sent by Merchant Warrior directly to the customer either via email or SMS.
Example: 1a3b5c
Valid Length: 6 characters
Sample Request
curl -X POST \
  -d method="updateContact" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d cardEmail="[email protected]" \
  -d cardContact="+61412343211" \
  -d code="jkh453" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'updateContact',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardContact' => ' 61412343211',
  'code' => 'jkh453'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'updateContact',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'cardEmail' : [email protected]',
  'cardContact' : ' 61412343211',
  'code' : 'jkh453'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'updateContact',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'cardEmail' => [email protected]',
  'cardContact' => ' 61412343211',
  'code' => 'jkh453'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "updateContact" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "cardEmail", "[email protected]" },
                        { "cardContact", "+61412343211" },
                        { "code", "jkh453" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "updateContact"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"cardEmail", "[email protected]"}, _
                {"cardContact", "+61412343211"}, _
                {"code", "jkh453"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "updateContact");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("cardEmail", "[email protected]");
            params.put("cardContact", "+61412343211");
            params.put("code", "jkh453");           

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }   
}

Sample Response
<mwResponse> 
  <responseCode>0</responseCode>
  <responseMessage>Operation Successful.</responseMessage>
</mwResponse>

updateContact


The updateContact method is used to update customer’s mobile contact in the MW Global Vault.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: updateContact

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Global Vault Parameters

Parameter Required Description
cardEmail Required This must be in a valid email format.
Example: [email protected]
cardContact Required This must be in a valid Australian or International mobile number format. The contact supplied must match the contact in the Global Vault.
Example: 0486292992 or +614920202820
code Required The value of this parameter is sent by Merchant Warrior directly to the customer either via email or SMS.
Example: 1a3b5c
Valid Length: 6 characters
curl -X POST \
    -d method="processCard" \
    -d merchantUUID="5265f8eed6a19" \
    -d apiKey="ksmnwxab" \
    -d transactionAmount="1.00" \
    -d transactionCurrency="AUD" \
    -d transactionProduct="Test Product" \
    -d customerName="Test Customer" \
    -d customerCountry="AU" \
    -d customerState="QLD" \
    -d customerCity="Brisbane" \
    -d customerAddress="123 Test Street" \
    -d customerPostCode="4000" \
    -d customerPhone="61731665489" \
    -d customerEmail="[email protected]" \
    -d customerIP="1.1.1.1" \
    -d cardID="NUFM56937091" \
    -d hash="b55552ff426d7e3d4885465d27ea0062" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'cardID' => 'NUFM56937091',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processCard',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionProduct' : 'Test Product',
  'customerName' : 'Test Customer',
  'customerCountry' : 'AU',
  'customerState' : 'QLD',
  'customerCity' : 'Brisbane',
  'customerAddress' : '123 Test Street',
  'customerPostCode' : '4000',
  'customerPhone' : '61731665489',
  'customerEmail' : [email protected]',
  'customerIP' : '1.1.1.1',
  'cardID' : 'NUFM56937091',
  'hash' : 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'processCard',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'cardID' => 'NUFM56937091',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processCard" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },
                        { "customerIP", "1.1.1.1" },
                        { "cardID", "NUFM56937091" },
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processCard"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _
                {"customerIP", "1.1.1.1"}, _
                {"cardID", "NUFM56937091"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processCard");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "TestProduct");
            params.put("customerName", "TestCustomer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");
            params.put("customerIP", "1.1.1.1");
            params.put("cardID", "NUFM56937091");            
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Transaction approved</responseMessage>
    <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
    <authCode>731357421</authCode>
    <receiptNo>731357421</receiptNo>
    <authMessage>Honour with identification</authMessage>
    <authResponseCode>08</authResponseCode>
    <authSettledDate>2016-11-29</authSettledDate>
    <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
    <transactionAmount>1.00</transactionAmount>
    <custom1/>
    <custom2/>
    <custom3/>
    <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

processCard


The processCard method is used to perform a purchase transaction using a Token ID that exists in the MW Vault.

Request-Parameters

These paramaters are practically identical to the Direct API processCard method. The major point of difference is that the card data fields are removed, and in their place the cardID, cardKey & cardKeyReplace parameters have been added.

When this method is run, the value of cardKeyReplace will overwrite cardKey – unless a validation error occurs. In short, if the responseCode >= 0, overwrite cardKey in your database with the value you send for cardKeyReplace. Transactions that do not pass pre-validation (responseCode < 0) will not have their cardKey updated.

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, aposprophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
cardID Required A unique alphanumeric string returned by addCard, used to identify a specific card.
Example: NUFM56937091
cardKey Not Required A string used as an encryption/decryption key. This should only be used if you do NOT want Merchant Warrior handling your key storage. This should be unique on a per-card basis. It’s used to encrypt the card when we store it. Every time we receive a process card request, the correct cardkey must also be provided – which is known only by you.
Example: a84JI2cA12ziZ3Fx
Valid Length: 16 characters
cardKeyReplace Not Required This will replace cardKey for subsequent requests for the cardID if the transaction is run successfully (meaning accepted by Merchant Warrior, not necessarily approved by the bank). This cannot be the same as the last 10 cardKey’s used for the cardID, and it has to follow the same guidelines as cardkey (16 character alphanumeric string, etc). See the explanation under “Request Parameter” for more information.
Example: mbnGHOq86sXTjQgd
Valid Length: 16 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
curl -X POST \
    -d method="processAuth" \
    -d merchantUUID="5265f8eed6a19" \
    -d apiKey="ksmnwxab" \
    -d transactionAmount="1.00" \
    -d transactionCurrency="AUD" \
    -d transactionProduct="Test Product" \
    -d customerName="Test Customer" \
    -d customerCountry="AU" \
    -d customerState="QLD" \
    -d customerCity="Brisbane" \
    -d customerAddress="123 Test Street" \
    -d customerPostCode="4000" \
    -d customerPhone="61731665489" \
    -d customerEmail="[email protected]" \
    -d customerIP="1.1.1.1" \
    -d cardID="NUFM56937091" \
    -d hash="b55552ff426d7e3d4885465d27ea0062" https://api.merchantwarrior.com/token/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/token/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'processAuth',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'cardID' => 'NUFM56937091',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'processAuth',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'transactionAmount' : '1.00',
  'transactionCurrency' : 'AUD',
  'transactionProduct' : 'Test Product',
  'customerName' : 'Test Customer',
  'customerCountry' : 'AU',
  'customerState' : 'QLD',
  'customerCity' : 'Brisbane',
  'customerAddress' : '123 Test Street',
  'customerPostCode' : '4000',
  'customerPhone' : '61731665489',
  'customerEmail' : [email protected]',
  'customerIP' : '1.1.1.1',
  'cardID' : 'NUFM56937091',
  'hash' : 'b55552ff426d7e3d4885465d27ea0062'
}

r = requests.post('https://api.merchantwarrior.com/token/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/token/');

// Setup POST data
$postData = array (
  'method' => 'processAuth',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'transactionAmount' => '1.00',
  'transactionCurrency' => 'AUD',
  'transactionProduct' => 'Test Product',
  'customerName' => 'Test Customer',
  'customerCountry' => 'AU',
  'customerState' => 'QLD',
  'customerCity' => 'Brisbane',
  'customerAddress' => '123 Test Street',
  'customerPostCode' => '4000',
  'customerPhone' => '61731665489',
  'customerEmail' => [email protected]',
  'customerIP' => '1.1.1.1',
  'cardID' => 'NUFM56937091',
  'hash' => 'b55552ff426d7e3d4885465d27ea0062'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
  'status' => $status, 
  'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
  'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/token/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "processAuth" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "transactionAmount", "1.00" },
                        { "transactionCurrency", "AUD" },
                        { "transactionProduct", "Test Product" },
                        { "customerName", "Test Customer" },
                        { "customerCountry", "AU" },
                        { "customerState", "QLD" },
                        { "customerCity", "Brisbane" },
                        { "customerAddress", "123 Test Street" },
                        { "customerPostCode", "4000" },
                        { "customerPhone", "61731665489" },
                        { "customerEmail", "[email protected]" },
                        { "customerIP", "1.1.1.1" },
                        { "cardID", "NUFM56937091" },
                        { "hash", "d0fb5716a2b85c743ed802bd5bd7284b" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/token/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "processAuth"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"transactionAmount", "1.00"}, _
                {"transactionCurrency", "AUD"}, _
                {"transactionProduct", "Test Product"}, _
                {"customerName", "Test Customer"}, _
                {"customerCountry", "AU"}, _
                {"customerState", "QLD"}, _
                {"customerCity", "Brisbane"}, _
                {"customerAddress", "123 Test Street"}, _
                {"customerPostCode", "4000"}, _
                {"customerPhone", "61731665489"}, _
                {"customerEmail", "[email protected]"}, _
                {"customerIP", "1.1.1.1"}, _
                {"cardID", "NUFM56937091"}, _
                {"hash", "d0fb5716a2b85c743ed802bd5bd7284b"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/token/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "processAuth");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");
            params.put("transactionAmount", "1.00");
            params.put("transactionCurrency", "AUD");
            params.put("transactionProduct", "TestProduct");
            params.put("customerName", "TestCustomer");
            params.put("customerCountry", "AU");
            params.put("customerState", "QLD");
            params.put("customerCity", "Brisbane");
            params.put("customerAddress", "TestStreet");
            params.put("customerPostCode", "4000");
            params.put("customerPhone", "61731665489");
            params.put("customerEmail", "[email protected]");
            params.put("customerIP", "1.1.1.1");
            params.put("cardID", "NUFM56937091");            
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
    <responseCode>0</responseCode>
    <responseMessage>Transaction approved</responseMessage>
    <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
    <authCode>731357421</authCode>
    <receiptNo>731357421</receiptNo>
    <authMessage>Honour with identification</authMessage>
    <authResponseCode>08</authResponseCode>
    <authSettledDate>2016-11-29</authSettledDate>
    <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
    <transactionAmount>1.00</transactionAmount>
    <custom1/>
    <custom2/>
    <custom3/>
    <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>

processAuth


The processAuth method is the method used to perform a pre-authorization transaction using an existing card (for capture request, refer to the standard processCapture API method). This method proxies the request through to the standard MWE API, and returns the response directly – including any validation or provider errors. That means that all the validation logic is the same with both functions, although this of course also validates cardID, cardKey & cardKeyReplace.

Method Endpoint

This method’s endpoint is: https://<environment>.merchantwarrior.com/token/processAuth

Request-Parameters

These paramaters are practically identical to the Direct API processAuth method. The major point of difference is that the card data fields are removed, and in their place the cardID, cardKey & cardKeyReplace parameters have been added.

When this method is run, the value of cardKeyReplace will overwrite cardKey – unless a validation error occurs. In short, if the responseCode >= 0, overwrite cardKey in your database with the value you send for cardKeyReplace. Transactions that do not pass pre-validation (responseCode < 0) will not have their cardKey updated.

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processAuth

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, aposprophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
cardID Required A unique alphanumeric string returned by addCard, used to identify a specific card.
Example: NUFM56937091
cardKey Not Required A string used as an encryption/decryption key. This should only be used if you do NOT want Merchant Warrior handling your key storage. This should be unique on a per-card basis. It’s used to encrypt the card when we store it. Every time we receive a process card request, the correct cardkey must also be provided – which is known only by you.
Example: a84JI2cA12ziZ3Fx
Valid Length: 16 characters
cardKeyReplace Not Required This will replace cardKey for subsequent requests for the cardID if the transaction is run successfully (meaning accepted by Merchant Warrior, not necessarily approved by the bank). This cannot be the same as the last 10 cardKey’s used for the cardID, and it has to follow the same guidelines as cardkey (16 character alphanumeric string, etc). See the explanation under “Request Parameter” for more information.
Example: mbnGHOq86sXTjQgd
Valid Length: 16 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Production API Endpoint

https://secure.merchantwarrior.com/

Sandbox API Endpoint

https://securetest.merchantwarrior.com/

Hosted Payments

The following sub-sections will outline the various API methods present in the Merchant Warrior Hosted Payments service.

Introduction

The MW Hosted Payments solution allows merchants to process credit card transactions online via a secure hosted payment page.

Merchants who do not wish to store, process or transmit credit card (PAN) in order to reduce their PCI DSS scope will be able to achieve this with this service.

Request Format

API requests are submitted to the Hosted Payments service using POST, and must be performed over HTTPS.

Respone Format

The Hosted Payments service will return responses in XML format to a specified notifyURL via an Asynchronous HTTP POST. Response paramaters are also returned in the GET string of the specified returnURL via a 302 redirect.

Available Methods

The Hosted Payments service consists of the following methods:
processCard: Performs a purchase transaction on a customer’s credit card
processDDebitAuth: Initiates an electronic (paperless) direct debit authorization

Sample Request
Requests are generated via a form presented to the customer's browser.
Please see Hosted Payments Sample Files for examples.
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357421</authCode>
  <receiptNo>731357421</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-29</authSettledDate>
  <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
  <transactionAmount>10.00</transactionAmount>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1-373eb735-bd24-11e6-992a-005056b209e0&hash=c4c5db49d97b21c7898f3e8ed8057b24&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=9c8bffd18b890aebf84b27744a205385&message=Transaction+approved&paymentCardNumber=512345XXXXXX2346&transactionAmount=10.00
Please see 302 redirect (Transactions) for the returnURL response field
definitions

processCard

The processCard method is the method used to perform a purchase request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive. Currently, the only valid value for this parameter is ‘processCard’.
Example: processCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.

Customer Parameters

Parameter Required Description
customerName Not Required This field can only contain alphanumeric characters, as well as the full stop and hyphen character.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Not Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Not Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Not Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Not Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Must be valid if present. Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL.
Example: https://www.example.com/notify.php
urlHash Requried The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: 511999e54b9ad51ce4c28d7f0550ac81
Valid Length: 32 characters
hashSalt Required Used to salt the return hash used in the 302 Redirect to redirectURL upon the completion of a transaction.
Example: 3x4mpl3s4lt!
logoURL Not Required The URL to an image that will appear in the header of the hosted payment page. Image must be of PNG format and max dimensions of 90x90 pixels and a file size limit of 1500 kilobytes. If no logoURL is supplied a default basket image is used.
Example: https://www.example.com/logo.png
hostedID Not Required The ID of the customized hosted payment page. This can be implemented if multiple hosted payment pages with different logos and banners is a requirement.
Example: 1

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
Requests are generated via a form presented to the customer's browser.
Please see Hosted Payments Sample Files for examples.
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>DDA approved</responseMessage>
   <customerEmail>[email protected]</customerEmail> 
 <paymentAccountName>John Doe</paymentAccountName>
 <paymentAccountBSB>123456</paymentAccountBSB>
 <paymentAccountNumber>987456123</paymentAccountNumber>
 <custom1>Test Field</custom1>
 <custom2/> 
 <custom3/> 
 <customHash>9f61558611bd58b97ea9f505536f5101</customHash>
<hash>da407c1d6ebc1ed405109497d1e0caa5</hash>
 <fingerprint>f0ab06f8d69d3dafa06a5abd45460ace</fingerprint>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1-373eb735-bd24-11e6-992a-005056b209e0&hash=c4c5db49d97b21c7898f3e8ed8057b24&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=9c8bffd18b890aebf84b27744a205385&message=Transaction+approved
Please see 302 redirect (Direct Debit Authorizations) for the returnURL
response field definitions

processDDebitAuth

The processDDebitAuth method is used to initiate an electronic (paperless) direct debit authorization form

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processDDebitAuth

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop, comma, apostrophe, ampersand, space and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters

Payment Account Details

Parameter Required Description
paymentAccountBSB Required BSB of the account to be debited.
Example: 123123
paymentAccountName Required The name on the account to be debited.
Example: Bob Jones
paymentAccountNumber Required Account number of the account to be debited.
Example: 234523451
transactionAmount Not Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected. This field is not required if you are submitting a direct debit authorization that has a variable amount.
Example: 10.00
transactionCurrency Required One of the following: AUD or NZD.
Example: AUD

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly. (Field is only required if transactionAmount and transactionCurrency have been set for a DDA)
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL.
Example: https://www.example.com/notify.php
urlHash Requried The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: Queensland
Valid Length: Up to 32 characters
hashSalt Required Used to salt the return hash used in the 302 Redirect to redirectURL upon the completion of a transaction.
Example: 3x4mpl3s4lt!

Customization Parameters

Parameter Required Description
logoURL Not Required The URL to an image that will appear in the header of the hosted payment page. Image must be of PNG format and max dimensions of 90x90 pixels and a file size limit of 1500 kilobytes. If no logoURL is supplied a default Direct Debit icon is displayed.
Example: https://www.example.com/logo.png
hostedID Not Required Digits only. The ID of the customized hosted payment page. This can be implemented if multiple hosted DDA pages with different logos and banners are a requirement.
Example: 1
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters
Production API Endpoint

https://api.merchantwarrior.com/transfer/

Sandbox API Endpoint

https://base.merchantwarrior.com/transfer/

Transparent Redirect

The following sub-sections will outline the various API methods present in the Merchant Warrior Transparent Redirect.

Introduction

The Transparent Redirect (also referred to as a Direct POST) service allows merchants to host and customize a secure hosted payment page themselves, whilst assisting in reducing the scope of PCI DSS compliance.

Merchants who do not wish to store, process or transmit credit card (PAN) will be able to achieve this with this service.

Request Format

API requests are submitted to the Transparent Redirect service using POST, and must be performed over HTTPS.

Respone Format

The Transparent Redirect service will return responses in XML format to a specified notifyURL via an Asynchronous HTTP POST. Response paramaters are also returned in the GET string of the specified returnURL via a 302 redirect.

Available Methods

The Transparent Redirect service consists of the following methods:
getAccessToken: Generates a one time access token for submission with transactions
processCard: Performs a purchase transaction on a customer’s credit card
processAuth: Performs a pre-authorization on a customer’s credit card
addCard: Adds a card to the Local or Global Vault

Sample Request
curl -X POST \
  -d method="getAccessToken" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d hash="f518187f47bc52fe5a76a18593df72c9" \
  -d urlHash="49713da3df889c861c5643107af9dcde" https://api.merchantwarrior.com/transfer/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/transfer/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'getAccessToken',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash' => '49713da3df889c861c5643107af9dcde'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method' : 'getAccessToken',
  'merchantUUID' : '5265f8eed6a19',
  'apiKey' : 'ksmnwxab',
  'hash' : 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash' : '49713da3df889c861c5643107af9dcde'
}

r = requests.post('https://api.merchantwarrior.com/transfer/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/transfer/');

// Setup POST data
$postData = array (
  'method' => 'getAccessToken',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash' => '49713da3df889c861c5643107af9dcde'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, MW_API_ENDPOINT);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postData, '', '&'));

// Run CURL
$response = curl_exec($curl);
$error = curl_error($curl);

// Check for CURL errors
if (isset($error) && strlen($error)) {
    throw new Exception("CURL Error: {$error}");
}

// Parse the XML
$xml = simplexml_load_string($response);

// Convert the result from a SimpleXMLObject into an array
$xml = (array)$xml;

// Validate the response - the only successful code is 0
$status = ((int)$xml['responseCode'] === 0) ? true : false;

// Make the response a little more useable
$result = array (
    'status' => $status, 
    'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
    'responseData' => $xml
);

exit(var_dump($result));
?>
using System;
using System.Collections.Generic;
using System.Linq;

public class Program {
    public static void Main(string[] args) {
        using(var client = new System.Net.WebClient()) {
            byte[] response = client.UploadValues("https://api.merchantwarrior.com/transfer/", 
                    new System.Collections.Specialized.NameValueCollection() {
                        { "method", "getAccessToken" },
                        { "merchantUUID", "578dd399d2373" },
                        { "apiKey", "dyqxkzse" },
                        { "hash", "f518187f47bc52fe5a76a18593df72c9" },
                        { "urlHash", "49713da3df889c861c5643107af9dcde" },
                    });
            String result = System.Text.Encoding.Default.GetString(response);
            Console.WriteLine(result);
            }
    }
}
Imports System
Imports System.Collections.Generic
Imports System.Linq

Public Module Program
    Public Sub Main(args As String())
        Using client = New System.Net.WebClient()
            Dim response As Byte() = client.UploadValues(
            "https://api.merchantwarrior.com/transfer/", 
            New System.Collections.Specialized.NameValueCollection() From { _
                {"method", "getAccessToken"}, _
                {"merchantUUID", "578dd399d2373"}, _
                {"apiKey", "dyqxkzse"}, _
                {"hash", "f518187f47bc52fe5a76a18593df72c9"}, _
                {"urlHash", "49713da3df889c861c5643107af9dcde"} _
            })
            Dim result As [String] = System.Text.Encoding.[Default].GetString(response)
            Console.WriteLine(result)
        End Using
    End Sub
End Module
import java.io.*;
import java.net.*;
import java.util.*;

public class Program{

    public static void main(String[] args) {
        try{
            URL url = new URL("https://api.merchantwarrior.com/transfer/");
            Map<String, String> params = new LinkedHashMap<>();
            params.put("method", "getAccessToken");
            params.put("merchantUUID", "5265f8eed6a19");
            params.put("apiKey", "ksmnwxab");         
            params.put("hash", "b55552ff426d7e3d4885465d27ea0062");
            params.put("urlHash", "49713da3df889c861c5643107af9dcde");

            StringBuilder postData = new StringBuilder();
            for (Map.Entry<String, String> param : params.entrySet()) {
              if (postData.length() != 0) 
                postData.append('&');
                postData.append(param.getKey());
                postData.append('=');
                postData.append(param.getValue());
            }
            HttpURLConnection conn = (HttpURLConnection)url.openConnection();
            conn.setRequestMethod("POST");
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            conn.setDoOutput(true);

            OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
            writer.write(postData.toString());
            writer.flush();

            BufferedReader reader = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));
            String line;
            StringBuilder sb = new StringBuilder();
            while((line = reader.readLine()) != null){
                sb.append(line);
            }
            System.out.println(sb.toString());
            writer.close();
            reader.close();
        }
        catch(Exception ex){
            ex.printStackTrace();
        }
    }

}

Sample Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
 <responseCode>0</responseCode> 
 <responseMessage>Operation successful</responseMessage> 
 <token>578de10d9a</token>
</mwResponse>

getAccessToken


The getAccessToken method generates a one time access token that acts as an additional security measure to identify that the request originates from a valid merchant and that the request has not been tampered with during transmission.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: getAccessToken

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c

Verification Hash Parameters

Parameter Required Description
hash Required/ Not Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly. This parameter is not required if you are generating an Access Token for use with the Transparent Redirect addCard method.
Example: e9ddc296b76b3398934bfc06239073df
Valid Length: 32 characters
urlHash Required The urlHash field is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: Queensland
Valid Length: Up to 32 characters
Sample Request
Requests are generated via a form presented to the customer's browser.
Please see Transparent Redirect Sample Files for examples.
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357421</authCode>
  <receiptNo>731357421</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-29</authSettledDate>
  <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
  <transactionAmount>10.00</transactionAmount>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1336-20be3569-b600-11e6-b9c3-005056b209e0&hash=a4f5cb49d97c21c7898f3e8ed8957b24&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=5c8baad1db890aebf83b29744a205385&message=Transaction+approved&paymentCardNumber=512345XXXXXX2346&transactionAmount=10.00
The responses below are for a request where the addCard parameter has been
set to 1 (credit card details will be stored in the MW Vault)
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1-546cbd0c-bd2b-11e6-992a-005056b209e0</transactionID>
  <authCode>731367169</authCode>
  <receiptNo>731367169</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-12-09</authSettledDate>
  <custom1>Custom Field 1</custom1>
  <custom2>Custom Field 2</custom2>
  <custom3>Custom Field 3</custom3>
  <customHash>9c8bffd18b890aebf84b27744a205385</customHash>
  <cardID>OWMB27978537</cardID>
  <cardKey>cD4PeecJ0PsMcZAh</cardKey>
  <ivrCardID>27978537</ivrCardID>
  <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
  <transactionAmount>10.00</transactionAmount>
  <hash>1cf2b6ae1293e02d607f358cc9bcfaeb</hash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1-546cbd0c-bd2b-11e6-992a-005056b209e0&hash=1cf2b6ae1293e02d607f358cc9bcfaeb&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=9c8bffd18b890aebf84b27744a205385&message=Transaction+approved&cardID=OWMB27978537&cardKey=cD4PeecJ0PsMcZAh&ivrCardID=27978537&paymentCardNumber=512345XXXXXX2346&transactionAmount=10.00
Please see 302 redirect (Transactions) for the returnURL response field
definitions.

processCard


The processCard method is the method used to perform a purchase request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processCard

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c
accessToken Required The value returned by the getAccessToken method.
Example: 578de10d9a

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL. It is important that this URL does not contain any white space characters.
Example: https://www.example.com/notify.php
urlHash Requried The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: Queensland
Valid Length: Up to 32 characters
hashSalt Required Used to salt the return hash used in the 302 Redirect to redirectURL upon the completion of a transaction.
Example: 3x4mpl3s4lt!

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: [email protected]
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
paymentCardNumber Required Only certain card numbers are deemed valid in the test environment. See Test Data for more information. Do not send separators with the card number (e.g. 1234-5678… or 1234 5678).
Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
paymentCardExpiry Required This must be MMYY format. The month must be zero padded if it is less than 10.
Example: 0513
Valid length: 4 digits
paymentCardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters
addCard Not Required This value is a boolean to denote whether the paymentCardNumber should automatically be added to the Merchant Warrior Vault after processing the transaction.
Example: 1
Valid Length: 1 digit

Global Vault Parameters

Parameter Required Description
cardGlobal Not Required This must be in a boolean format.
Example: 1
cardEmail Not Required This must be in a valid email format.
Example: john@merchantwarrior.com
cardContact Not Required This must be in a valid Australian or International mobile number format.
Example: 0486292992 or +614920202820

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
Requests are generated via a form presented to the customer's browser.
Please see Transparent Redirect Sample Files for examples.
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1336-20be3569-b600-11e6-b9c3-005056b209e0</transactionID>
  <authCode>731357421</authCode>
  <receiptNo>731357421</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-11-29</authSettledDate>
  <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
  <transactionAmount>10.00</transactionAmount>
  <custom1/>
  <custom2/>
  <custom3/>
  <customHash>65b172551b7d3a0706c0ce5330c98470</customHash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1336-20be3569-b600-11e6-b9c3-005056b209e0&hash=a4f5cb49d97c21c7898f3e8ed8957b24&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=5c8baad1db890aebf83b29744a205385&message=Transaction+approved&paymentCardNumber=512345XXXXXX2346&transactionAmount=10.00
The responses below are for a request where the addCard parameter has been
set to 1 (credit card details will be stored in the MW Vault)
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Transaction approved</responseMessage>
  <transactionID>1-546cbd0c-bd2b-11e6-992a-005056b209e0</transactionID>
  <authCode>731367169</authCode>
  <receiptNo>731367169</receiptNo>
  <authMessage>Honour with identification</authMessage>
  <authResponseCode>08</authResponseCode>
  <authSettledDate>2016-12-09</authSettledDate>
  <custom1>Custom Field 1</custom1>
  <custom2>Custom Field 2</custom2>
  <custom3>Custom Field 3</custom3>
  <customHash>9c8bffd18b890aebf84b27744a205385</customHash>
  <cardID>OWMB27978537</cardID>
  <cardKey>cD4PeecJ0PsMcZAh</cardKey>
  <ivrCardID>27978537</ivrCardID>
  <paymentCardNumber>512345XXXXXX2346</paymentCardNumber>
  <transactionAmount>10.00</transactionAmount>
  <hash>1cf2b6ae1293e02d607f358cc9bcfaeb</hash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=approved&reference=1-546cbd0c-bd2b-11e6-992a-005056b209e0&hash=1cf2b6ae1293e02d607f358cc9bcfaeb&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=9c8bffd18b890aebf84b27744a205385&message=Transaction+approved&cardID=OWMB27978537&cardKey=cD4PeecJ0PsMcZAh&ivrCardID=27978537&paymentCardNumber=512345XXXXXX2346&transactionAmount=10.00
Please see 302 redirect (Transactions) for the returnURL response field
definitions.

processAuth


The processAuth method is used to perform a pre-authorization request.

Request-Parameters

API Method

Parameter Required Description
method Required This field is case sensitive.
Example: processAuth

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c
accessToken Required The value returned by the getAccessToken method.
Example: 578de10d9a

General Transaction Parameters

Parameter Required Description
transactionAmount Required The amount must be formatted to have two decimal places. Any amounts without two decimal places or amounts less than one cent will be rejected.
Example: 10.00
transactionCurrency Required One of the following: AUD, CAD, EUR, GBP, JPY, NZD, SGD, USD. This is provider dependant. Please check with MW before attempting to process transactions in any currency other than AUD. This field is case insensitive.
Example: AUD
transactionProduct Required A product (or sale) id or description. We recommend using an order/product id. This field’s primary purpose is to help the transaction be identifiable for reporting and accounting purposes.
Example: ABC4321
Valid length: Up to 255 characters. Some Acquirers limit this field to 40 characters.
transactionReferenceID Not Required This is a merchant’s unique reference ID for a transaction sent to Merchant Warrior. The main purpose of this ID is to verify the transaction via the queryCard method in the event a valid response is not received.
Example: A257240023321
Valid length: Up to 40 characters

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL. It is important that this URL does not contain any white space characters.
Example: https://www.example.com/notify.php
urlHash Requried The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: Queensland
Valid Length: Up to 32 characters
hashSalt Required Used to salt the return hash used in the 302 Redirect to redirectURL upon the completion of a transaction.
Example: 3x4mpl3s4lt!

Customer Parameters

Parameter Required Description
customerName Required This field can only contain alphanumeric characters, as well as the full stop and hyphen characters.
Example: Mr. Example Person
Valid length: Between 2 and 255 characters
customerCountry Required Two letter ISO 3166-1 alpha-2 country code.
Example: AU
Valid length: 2 characters
customerState Required Freeform field, keep consistent for your records and reporting.
Example: Queensland
Valid length: Up to 75 characters
customerCity Required Freeform field, keep consistent for your records and reporting.
Example: Brisbane
Valid length: Up to 75 characters
customerAddress Required Freeform field.
Example: 123 Test Street
Valid length: Up to 255 characters
customerPostCode Required This can also accomodate ZIP/Post codes for international transactions.
Example: 4000
Valid length: Between 4 and 10 characters
customerPhone Not Required Anything other than +,-, space and 0-9 will be stripped.
Example: 0401234567 or 61731234567
Valid length: Up to 25 characters
customerEmail Not Required Sending this optional parameter is highly recommended.
Example: person@example.com
Valid length: Up to 255 characters
customerIP Not Required Any valid IPv4 or IPv6 address is accepted. Sending this optional parameter is highly recommended.
Example: 123.456.789.012 or 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Valid length: Up to 39 characters
storeID Not Required The value of this field is the merchant’s store name. Please note that you need to contact Merchant Warrior to enable the storeID feature before you can use this parameter.
Example: Test store name

Payment Parameters

Parameter Required Description
paymentCardNumber Required Only certain card numbers are deemed valid in the test environment. See Test Data for more information. Do not send separators with the card number (e.g. 1234-5678… or 1234 5678).
Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
paymentCardExpiry Required This must be MMYY format. The month must be zero padded if it is less than 10.
Example: 0513
Valid length: 4 digits
paymentCardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
paymentCardCSC Not Required This is also known as the CVN or CVV/2. This is required by some Acquirers if the transaction is initiated by the customer. Please contact Merchant Warrior for more information.
Example: 123
Valid length: Between 3 and 4 characters
addCard Not Required This value is a boolean to denote whether the paymentCardNumber should automatically be added to the Merchant Warrior Vault after processing the transaction.
Example: 1
Valid Length: 1 digit

Global Vault Parameters

Parameter Required Description
cardGlobal Not Required This must be in a boolean format.
Example: 1
cardEmail Not Required This must be in a valid email format.
Example: john@merchantwarrior.com
cardContact Not Required This must be in a valid Australian or International mobile number format.
Example: 0486292992 or +614920202820

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
hash Required The verification hash is a combination of the MD5 of your API Passphrase, and specific parameters sent in the transaction. See Transaction Type Hash for information on how to construct the hash correctly.
Example: e9ddc296b76b3398934bfc06239073df
Valid length: 32 characters
Sample Request
Requests are generated via a form presented to the customer's browser.
Please see Transparent Redirect Sample Files for examples.
Sample 'notifyURL' Response
<?xml version="1.0" encoding="UTF-8"?>
<mwResponse>
  <responseCode>0</responseCode>
  <responseMessage>Operation successful</responseMessage>
  <cardID>FSLI56586207</cardID>
  <cardKey>qg4ecwqS0wEWqEAg</cardKey>
  <ivrCardID>56586207</ivrCardID>
  <custom1>Custom Field 1</custom1>
  <custom2>Custom Field 2</custom2>
  <custom3>Custom Field 3</custom3>
  <customHash>9c8bffd18b890aebf84b27744a205385</customHash>
  <hash>de4e91d57da02223749abdab42345970</hash>
</mwResponse>
Sample 'returnURL' Response
https://www.mydomain.com/sample.return.php?status=return&status=success&responseMessage=Operation%20successful&hash=de4e91d57da02223749abdab42345970&cardID=FSLI56586207&cardKey=qg4ecwqS0wEWqEAg&ivrCardID=56586207&custom1=Custom+Field+1&custom2=Custom+Field+2&custom3=Custom+Field+3&customHash=9c8bffd18b890aebf84b27744a205385
Please see 302 redirect (Tokenization) for the returnURL response field
definitions.

addCard


The addCard method is used to add a new card to the MW Vault.

Request-Parameters

Authentication Parameters

Parameter Required Description
merchantUUID Required The value of this parameter is provided to you by Merchant Warrior.
Example: 123456789abcd
apiKey Required The value of this parameter is provided to you by Merchant Warrior.
Example: 1a3b5c
accessToken Required The value returned by the getAccessToken method.
Example: 578de10d9a

Cardholder Data

Parameter Required Description
paymentCardName Required This must contain at the very least a space and no less than two characters. Only alphanumeric characters, hyphens, spaces and full stops are allowed.
Example: Mr. Example Person or MR E PERSON or Example Person
Valid length: Between 3 and 255 characters
paymentCardNumber Required Only certain card numbers are deemed valid in the test environment. See Test Data for more information. Do not send separators with the card number (e.g. 1234-5678… or 1234 5678).
Example: 5123456789012346 or 4557012345678902
Valid length: Between 13 and 16 digits
paymentCardExpiry Required This must be MMYY format. The month must be zero padded if it is less than 10.
Example: 0513
Valid length: 4 digits

Global Vault Parameters

Parameter Required Description
cardGlobal Not Required This must be in a boolean format.
Example: 1
cardEmail Not Required This must be in a valid email format.
Example: john@merchantwarrior.com
cardContact Not Required This must be in a valid Australian or International mobile number format.
Example: 0486292992 or +614920202820

Redirect and Notification Parameters

Parameter Required Description
returnURL Required The customer will be redirected to this URL upon completion of the transaction.
Example: https://www.example.com/return.php
notifyURL Required Asynchronous POST notifications will be sent to this URL. It is important that this URL does not contain any white space characters.
Example: https://www.example.com/notify.php

Custom Parameters

Parameter Required Description
custom1 Not Required Freeform field. Returned as <custom1> in the XML response.
Valid length: Up to 500 characters
custom2 Not Required Freeform field. Returned as <custom2> in the XML response.
Valid length: Up to 500 characters
custom3 Not Required Freeform field. Returned as <custom3> in the XML response.
Valid length: Up to 500 characters

Verification Hash

Parameter Required Description
urlHash Requried The urlHash field is a combination of your API Passphrase, and specific parameters sent in the transaction. See Web URL Hash for information on how to construct the hash correctly.
Example: Queensland
Valid Length: Up to 32 characters
hashSalt Required Used to salt the return hash used in the 302 Redirect to redirectURL upon the completion of a transaction.
Example: 3x4mpl3s4lt!
getAccessToken requests must be sent to the following API endpoints:

Production API Endpoint

https://api.merchantwarrior.com/iframe/

Sandbox API Endpoint

https://base.merchantwarrior.com/iframe/

iFrame generation requests must be sent to the following API endpoints:

Production API Endpoint

https://secure.merchantwarrior.com/iframe/

Sandbox API Endpoint

https://securetest.merchantwarrior.com/iframe/

Transparent iFrame

The following sub-sections will outline the various API methods present in the Merchant Warrior Transparent iFrame service.

Introduction

The MW Transparent iFrame service allows merchants to embed an MW iFrame in their website and/or application. The MW iFrame can process transactions and/or store credit card information in the MW Vault.

Merchants who do not wish to store, process or transmit credit card (PAN) in order to reduce their PCI DSS scope will be able to achieve this with this service.

Custom iFrame(s)

The Transparent iFrame can be fully customized to maintain the look and feel of the website and/or application(s) that it is embedded in. In order to do this the relevant (addCard, processCard or processAuth) HTML skeleton form will need to be downloaded (from here) and themed accordingly.

The HTML skeleton form can be customized to handle frontend validation and styling. After the HTML skeleton form has been customized appropriately, all assets (css, images and javascript) should be compressed and emailed to our technical team (infoservices@merchantwarrior.com) for review.

If the customized Transparent iFrame is approved by our technical team it will be made accessible on the Merchant Warrior platform and will be available by submitting the ‘style’ and ‘custom’ parameters in the appropriate transaction request (addCard, processCard or processAuth).

Request Format

API requests are submitted to the Transparent iFrame service using POST, and must be performed over HTTPS.

In order for an iFrame to be generated successfully, a request must be sent from a website or application that has its form target set as the target of the iFrame.

A simple implementation of the Transparent iFrame is made possible by creating a standard HTML form and submitting the form via javascript, AJAX or any other technology in use by the website and/or application(s).

Respone Format

The Transparent iFrame service will return responses in XML format to a specified notifyURL via an Asynchronous HTTP POST. Response paramaters are also returned in the GET string of the specified returnURL via a 302 redirect.

Available Methods

The Transparent iFrame service consists of the following methods:
getAccessToken: Generates a one time access token for submission with transactions
processCard: Performs a purchase transaction on a customer’s credit card
processAuth: Performs a pre-authorization on a customer’s credit card
addCard: Adds a card to the Local or Global Vault

Sample Request
curl -X POST \
  -d method="getAccessToken" \
  -d merchantUUID="5265f8eed6a19" \
  -d apiKey="ksmnwxab" \
  -d hash="f518187f47bc52fe5a76a18593df72c9" \
  -d urlHash="49713da3df889c861c5643107af9dcde" https://api.merchantwarrior.com/iframe/
require 'net/http'
require 'uri'

uri = URI.parse("https://api.merchantwarrior.com/iframe/")
request = Net::HTTP::Post.new(uri)
request.set_form_data(
  'method' => 'getAccessToken',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash' => '49713da3df889c861c5643107af9dcde'
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
  http.request(request)
end

puts response.body
import requests

data = {
  'method': 'getAccessToken',
  'merchantUUID': '5265f8eed6a19',
  'apiKey': 'ksmnwxab',
  'hash': 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash': '49713da3df889c861c5643107af9dcde'
}

r = requests.post('https://api.merchantwarrior.com/iframe/', data = data)

print(r.text)
<?php
// Setup the POST url
define('MW_API_ENDPOINT', 'https://api.merchantwarrior.com/iframe/');

// Setup POST data
$postData = array (
  'method' => 'getAccessToken',
  'merchantUUID' => '5265f8eed6a19',
  'apiKey' => 'ksmnwxab',
  'hash' => 'f518187f47bc52fe5a76a18593df72c9',
  'urlHash' => '49713da3df889c861c5643107af9dcde'
);

// Setup CURL defaults
$curl = curl_init();

// Setup CURL params for this request
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true