Getting Started With the Moneris API

The Moneris API use RESTful principles.
Your server sends an HTTP request to our endpoints with a JSON body as the payload, Moneris returns an HTTP response.

1. Access Your Developer Account

Go directly to Access& Credentials with the link below
Access & Credentials Learn more about Client Credentials & API Keys

You will need an account for the Moneris Developer Portal to generate your Client ID and Client Secret for OAuth authentication:

  1. Sign in or Register to the Developer Portal.

  2. From the Account navigation menu at the top of the screen, select "Access & Credentials" or use the link on the right.

  3. Click on New Client

  4. Copy the Client ID and Client Secret for the client you created.

2. Obtaining An Access Token

Now that you have credentials for OAuth, you can proceed with completing your first call to the Moneris API to obtain and access token. This access token is used in the HTTP header of all other REST API calls to authenticate your server with Moneris.

Example for Get Access Token:

POST /oauth2/token HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Host: api.sb.moneris.io

grant_type=client_credentials&client_id=[clientId]&client_secret=[clientSecret]&scope=payment.write

NOTE: Replace [ClientID] and [ClientSecret] to the credentials you obtained earlier from your Moneris Developer Portal profile.

Example Response for Get Access Token

{

  "token_type": "Bearer",

  "expires_in": "3600",

  "access_token": "[accessToken]"

}

Obtain the value from the “access_token” field for use in the header

Other Authentication Methods

Instead of OAuth, you can use API Keys to authenticate for transaction processing. Moneris does not recommend this practice, but if your integration requires it go to "Access & Credentials" for details on obtaining your API Key and using it in the HTTP header for authentication with Moneris APIs.

Access & Credentials

3. Accessing Your Sandbox Merchant Account

Go directly to Access& Credentials with the link below
Access & Credentials
  1. Sign in or Register to the Developer Portal.

  2. From the Account navigation menu at the top of the screen, select "Access & Credentials" or use the link on the right.

  3. Locate and copy your Test Merchant ID.

4. Making Your First Sandbox API Call

Basic Purchase

Provide a simple payment between a merchant and customer. This payment authorizes and captures funds in a single API call for deposit to the merchant's bank account.

Go to Basic Purchase

Now that you have your bearer access token and a test Merchant ID, you are prepared to perform your first API call with the Moneris API. For now, follow the Basic Purchase Flow to perform a test of the POST Create Payment endpoint. Our API Reference can assist you with the definitions for each field.

Sandbox URL : https://api.sb.moneris.io

5. Choosing How To Handle Card Information

Learn more about Hosted Tokenization at the link below:
Go to Hosted Tokenization

The most important part of your solution’s design is how it manages card data before authentication or authorizing payments. Payment Card Industry (PCI) standards on data security involve stringent measures regarding the protection of cardholder data. Compliance with PCI DSS is mandatory if you choose to handle card data directly on your website, but Moneris offers alternative solutions for avoiding card data touching your website directly. You can…

  • Implement a Moneris-hosted frame on your merchant website that collects the card data from the customer and returns a temporary token that can represent the card in your transaction. These tokens provide protection against card data theft and free you from compliance to PCI DSS. See the Hosted Tokenization Flow guide for details.

  • You can collect data on your merchant website itself. This will require compliance to PCI data security.

    See https://www.moneris.com/en/support/compliance-and-security/pci-data-security for advice from Moneris on PCI requirements.

6. Test Scenarios

Response Handling

Learn more about handling a response from the Moneris API, confirming the status of the request itself and building logic within your solution.

Penny Value Simulator

A simulator system where the cent value of the transaction determines the response code in the testing environment.

7. Going Live

Go directly to Access& Credentials with the link below
Go to Access & Credentials

Please note:

In order to perform API calls in Production, your Unified Developer Portal must be tied to a recognized Moneris Portal (and/or Merchant Direct) account. 

To accomplish this, you must create a Unified Developer Portal account with the same email address as your Moneris Portal (and/or Merchant Direct) account. Then, in the Access & Credentials page, you may press on the toggle to Production, and generate Production credentials for your Merchant ID.

Your business may need other optional features outside the basics. The Moneris API provides other endpoints for integrating payment processing to improve your business, such as storing card data with Moneris to ease customer experience for repeat shoppers.

Visit Additional Features to see which features fit your business. Consult their implementation flows and the API References for their endpoints to aid in adding them to your solution.

Production URL : https://api.moneris.io

Additional Information

Learn more with the API Definitions

Peruse the endpoints, request/response formats, and authentication methods covered in this scenario.

API References