Partner API
This guide explains how to integrate with the TrustistTransfer Partner API.
The base URLs for the Partner API environments are:
Sandbox: https://partnersapi-sandbox.trustist.com
Production: https://partnersapi.trustist.com
1. Obtain an Access Token
Before making any API calls, you need to obtain an access token using the Client Credentials flow.
This token is used to authenticate your requests to the API.
Endpoint
POST /token
Request Parameters
client_idstring, required: your client IDclient_secretstring, required: your client secretgrant_typestring, required: must beclient_credentials
Example Request
POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
client_id=your_client_id&client_secret=your_client_secret&grant_type=client_credentials
Example Response
{
"access_token": "your_access_token",
"token_type": "Bearer",
"expires_in": 3600
}
2. List Invitations
Retrieve a list of invitations sent by the partner.
Endpoint
GET /invitations
Headers
Authorization: Bearer {access_token}
Example Request
GET /invitations HTTP/1.1
Authorization: Bearer your_access_token
Example Response
[
{
"id": "invitation_id",
"status": "sent"
}
]
3. Get Invitation by ID
Retrieve details of a specific invitation using its ID.
Endpoint
GET /invitations/{id}
Headers
Authorization: Bearer {access_token}
Example Request
GET /invitations/invitation_id HTTP/1.1
Authorization: Bearer your_access_token
Example Response
{
"id": "invitation_id",
"status": "sent"
}
4. Create a New Invitation
Create a new invitation for a client.
The payment types offered to a client can be affected by the paymentTypes property on the request.
This currently only affects the merchant's ability to take card payments. If cards is removed, the merchant will not see card payments as an available option.
Trying to remove openbanking has no effect, as Open Banking is a mandatory service offered by TrustistTransfer at this time.
Endpoint
POST /invitations
Headers
Authorization: Bearer {access_token}
Content-Type: application/json
Request Body
{
"email": "client_email",
"name": "client_name",
"paymentTypes": [
"openbanking",
"cards"
]
}
Example Request
POST /invitations HTTP/1.1
Authorization: Bearer your_access_token
Content-Type: application/json
{
"email": "client_email",
"name": "client_name",
"paymentTypes": [
"openbanking"
]
}
Example Response
{
"id": "new_invitation_id",
"status": "pending"
}
5. Get Merchant Keys
Retrieve API keys associated with a merchant for a specific invitation.
Endpoint
GET /invitations/invitation_id/merchant/keys HTTP/1.1
Authorization: Bearer your_access_token
Example Response
{
"items": [
{
"apiKey": "merchant_api_key"
}
]
}
6. Merchants Report
Lists merchants that have been created following an invitation from your partner account.
Endpoint
GET /reports/merchants HTTP/1.1
Authorization: Bearer your_access_token
Query String Values
exportToCsvoptional,trueorfalse: changes the response from JSON to CSV
7. Payments Report
Lists successful payments that have been made by merchants invited from your partner account.
Endpoint
GET /reports/payments HTTP/1.1
Authorization: Bearer your_access_token
Query String Values
exportToCsvoptional,trueorfalse: changes the response from JSON to CSVstartDateyyyy-MM-dd: the earliest created date of payments to include in the reportendDateyyyy-MM-dd: the latest created date of payments to include in the report
Error Handling
All endpoints may return standard HTTP status codes to indicate the success or failure of your request.
Common status codes include:
200 OK: the request was successful400 Bad Request: the request was invalid or cannot be served401 Unauthorized: authentication failed or the user does not have permission404 Not Found: the requested resource could not be found500 Internal Server Error: an error occurred on the server
Notes
Handle the authentication token properly and refresh it when needed, especially as it has an expiry time shown by expires_in.
For further details, contact the API support team.