Transaction

Use this call to initiate a new transaction. After this call, you should redirect the user to the issuer_authentication_url that you receive in the response of this request.

Request

POST https://api.cm.com/idin/v1.0/transaction

{
  "merchant_token": "3c01abeb-b031-4fea-9f2d-c55c283cd78e",
  "identity": true,
  "name": true,
  "gender": true,
  "address": true,
  "date_of_birth": true,
  "18y_or_older": true,
  "email_address": true,
  "telephone_number": true,
  "issuer_id": "RABONL2U",
  "entrance_code": "string",
  "merchant_return_url": "string",
  "language": "nl",
  "transaction_reference": "7defa5c6-7651-45cd-9016-f9027dc4dda9"
}

Parameters

Parameter	Description
merchant_token	a guid string that is unique and private to you as a merchant. Do not share this key, keep it safe. Example `3c01abeb-b031-4fea-9f2d-c55c283cd78e`
issuer_id	An identifier for the bank which the customer has chosen. `/[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}/`
entrance_code	This is a token that will allow you to rejoin the user to his session when he returns. It can be a maximum of 40 characters and should only contain the characters a-z, A-z and 0-9. It should only be valid once and needs to be random enough (best use a cryptographically secure random generator), to avoid the possibility of replay attacks.
merchant_return_url	The place where the issuing bank should redirect the user to at the end of the flow. The bank will append two query parameters to this url when returning the user to you, `trxid` and `ec`. The latter will contain the value of `entrance_code`, `trxid` is the `transaction_id` that you will receive in this request. When not specified, a default can you be used which you specified with CM.

Optional parameters

Parameter	Description
identity	Retrieve a uniquely identifying token with the bank for this consumer that is consistent across multiple sessions.
name	Retrieve the name information associated with this consumer.
gender	Retrieve the gender of this consumer.
address	Retrieve address information associated with this consumer.
date_of_birth	Retrieve the birthdate of the user.
18y_or_older	Retrieve if this user is known to be 18 years or older.
email_address	Retrieve the email address associated with this consumer.
telephone_number	Retrieve the telephone number associated with this consumer.
language	The 2 character language code in which to return the results. Can be either `nl` or `en` for Dutch or English. This is a preferred language, not all banks support all languages.
transaction_reference	A custom reference you can provide that we will add to the transaction, making it possible for you to distinguish transactions.

Response

{
  "transaction_id": "string",
  "issuer_authentication_url": "https://issuerserver/transaction",
  "merchant_reference": "string",
  "transaction_reference": "7defa5c6-7651-45cd-9016-f9027dc4dda9"
}

Parameters

Parameter	Description
transaction_id	A public token ID for this transaction. You should store this with your session data, so that at any point, you can make a callback to the CM API and retrieve the status and/or results. Note that it is not guaranteed that your user will return to you via your `merchant_return_url`. A connection might be dropped, a user might accidently close a window, or he might trigger the back button and return that way. This id is the only way you can retrieve any information in that case.
issuer_authentication_url	The location with the issuing bank to which you should now forward the customer.
merchant_reference	A private reference ID for accounting purposes. Send this together with the `transaction_id` when making a status request.
transaction_reference	The optional custom reference you provided when creating the transaction. If not provided, will return null.

Response codes

HTTP status	Description
200	Successful transaction
400	Invalid request. See message for details.
403	Authorization required
500	Server error. See message for details.
503	Service unavailable. See message for details.