Customize Your DirectAPI Integration

Supported Protocols

The table below enables you to assess the logistics involved when integrating with DirectAPI.

Both the protocols, REST and NVP, offer the same functionality. However, there might be certain factors to consider before you make your decision.

  REST NVP
When to Use
With complex integrations that include a web application connected to an application server, database, and web server. This protocol is also suitable for simple integrations. With simple integrations that include a web page submitting a form to the web server.
Technical Skills Required
Basic knowledge of HTTP and the skills to formulate an HTTP request in the preferred server-side scripting language.
Basic knowledge of the JSON data-interchange format. See http://www.json.org/
Basic knowledge of HTTP and the skills to formulate an HTTP request in the preferred server-side scripting language.
Software Requirements
None None
Authentication
Authentication information such as password are included in the HTTP headers, rather than the body of the request. Authentication information is included in the body of the Transaction Request.
Usage of HTTPS POST POST is typically used when you want the system to create a new entry in the collection addressed by the URL. POST is the only valid HTTP method for the NVP protocol and thus used with all transaction operations.
Usage of HTTPS PUT PUT is typically used when the URL contains a member of the collection. PUT is not a supported method with the NVP protocol.
Usage of HTTPS GET GET is only enabled for retrieve operations. GET is not a supported method with the NVP protocol.

Transaction Operations

If you are integrated to the gateway via DirectAPI, you can use DirectAPI operations to process transactions, retrieve transaction details, store card details, etc. To perform an operation, you must have the requisite privilege on your merchant profile with the gateway. To check which operations are available for you to use, contact your payment service provider.

The operations available to you is limited to the capability of the acquirer(s) configured on your merchant profile with the gateway. Where a functionality is not supported for the acquirer on the gateway, any operation requests to execute that functionality will be rejected by the gateway (for that acquirer).

Gateway Security

The CommWeb payment gatewayDirectAPI supports two models of authentication: merchant certificates or passwords. Each model has its advantages and disadvantages. Depending on your integration you may need to select features that are only offered by one model.

Payment Methods

A range of payment methods are available with this type of integration.

Additional Features

DirectAPI supports a wide range of additional features.

Copyright © 2020 Commonwealth Bank of Australia