It all starts here!

Open API specification file : Open API Specification file

Security API

SecurityAPI provides essential services for securing sensitive data in the CheckoutAPI. Among its offerings is the encryptionKey service, which allows you to retrieve a public encryption key used to encrypt sensitive data using the JWE (JSON Web Encryption) format.

JWE is a standard for securely encrypting data in a compact manner, ensuring that your sensitive information remains protected during transmission. This standard helps you maintain data confidentiality and integrity across different platforms.

Introduction

The Monext Retail API is RESTful, meaning that it uses HTTP verbs (POST, PUT, GET...) to perform functions on resources.

Specifically, POST is used to create a resource, PUT to update a resource, and GET to retrieve a resource or a collection of resources.

For example, to create a new wallet resource you would send a POST request to Wallets.

POST and PUT requests usually require data to be passed in the message body to define the attributes of the object being created or updated.

Versioning

The API version is indicated in each endpoint resource path. For example, <https://api-sandbox.retail.monext.com/v1/card> indicates the API is at version 1.

Monext increments the version number when it releases a new version containing backwards-incompatible changes.

Some minor changes, mostly for improvements, could happen without version changes.

Security

The Monext Retail API processes sensitive data. That's why we pay special attention to security.

  • Monext data centers deploy the latest in hardware and software security best practices.
  • Communication with all Monext services requires TLS1.2.
  • All communication is made by using standard features of HTTPs.
  • Monext maintains PCI-DSS compliance certifications.

Responses

Monext Retail API calls return HTTP status codes. Some API calls also return JSON response bodies that include information about the resource.
When you create any Monext resource, the system associates an internal unique identifier for referencing that resource.

HTTP Status Code

Each API call returns a success or error HTTP status codes following the RFC7231.

Success

The following status codes of HTTP are used:

2xx - the request was successfully accepted and was or will be processed.

Error

The following status codes of HTTP are used:

4xx - the request was rejected due to a problem with the information sent by the client.

5xx - something unexpected occurred while fulfilling the request; the request may or may not have been processed, depending on the error.

Whenever a client receives a 5xx response, it should not assume anything about the processing state of such request.

Authentication

Security Scheme TypeHTTPServer
HTTP Authorization Schemebasic

Query

For most REST GET calls, you can specify one or more optional query parameters on the request URI to filter, limit the size of, and sort the data in an API response. For filter parameters, see the individual GET calls.

Sorting and Pagination

Rather than return everything from a large result set, we are using some URL parameters that will influence the page size and starting page number.

Query parameter details

ParameterTypeDescription
sizeintegerThe number of items to list in the response.
pageintegerThe page index.
sortstringSorts resources in the response by a specified value and sort direction.

Response field details

ParameterTypeDescription
countintegerThe number of items to list in the response.
startIndexintegerThe sort order index of the first resource in the returned array.
endIndexintegerThe sort order index of the last resource in the returned array.
recordTotalintegercount of records