Skip to main content

The REST Admin API is a legacy API as of October 1, 2024. Starting April 1, 2025, all new public apps must be built exclusively with the GraphQL Admin API. For details and migration steps, visit our migration guide.

Payment

Multiple access scopes needed — refer to each endpoint for access scope requirements.
Requires access to protected customer data.
Note

Sales channels require elevated permissions to interact with the Payment resource. For more information, see the Request Payment Processing section on the Start building a sales channel app page.

The Payment resource allows sales channels to build a fully native checkout experience by submitting a customer's payment details directly to Shopify.

To complete a payment using the Payment resource, first create a payment session by submitting the card details to Shopify's card vault in exchange for a session ID. The session ID can then be used to create a payment for an existing Checkout.

The Payment resource is compatible only with direct payment gateways. For a list of all supported payment gateways, see Direct and external credit card payment providers.

Was this section helpful?
#

Endpoints

Anchor to

The Payment resource

Anchor to

Properties

credit_card

The details of the credit card used for payment. The following attributes are available:

Show credit_card properties
  • first_name: The first name of the cardholder.
  • last_name: The last name of the cardholder.
  • first_digits: The first six digits of the credit card.
  • last_digits: The last four digits of the credit card.
  • brand: The credit card brand.
  • expiry_month: The expiry month of the credit card.
  • expiry_year: The expiry year of the credit card.
id

A unique identifer for the payment generated by Shopify.

payment_processing_error_message

A message describing the error that occured when attempting to process payment, if any.

next_action

Specifies the URL that your app or sales channel needs to send the customer to so that they can authenticate their payment. To learn more about how to use this property, refer to Payments apps overview.

transaction

The details of the transaction, including the following attributes:

Show transaction properties
  • amount: The amount of the transaction.
  • amount_in: The amount in before rounding is applied. Not applicable to credit card payments.
  • amount_out: The amount out after rounding is applied. Not applicable to credit card payments.
  • amount_rounding: The amount of rounding applied. Not applicable to credit card payments.
  • authorization: The authorization code returned by the payment provider.
  • created_at: The date and time when the transaction was created.
  • currency: The currency of the transaction.
  • error_code: The error code returned by the payment provider, if any.
  • gateway: The name of the payment provider which processed the transaction.
  • id: The unique identifier of the transaction.
  • kind: The kind of transaction processed, either authorization or sale.
  • message: The message returned by the payment provider, if any.
  • status: The status of the transaction, either success or failure.
  • test: Whether or not the transaction was a test.
unique_token

A unique idempotency token generated by the app that created the payment request. For more information, refer to Idempotent requests.

Was this section helpful?
{}

The Payment resource

{
"credit_card": {
"first_name": "Bob",
"last_name": "Norman",
"first_digits": "424242",
"last_digits": "4242",
"brand": "visa",
"expiry_month": 12,
"expiry_year": 2020
},
"id": 367556198456,
"payment_processing_error_message": "Card was declined",
"next_action": {
"redirect_url": "https://shop-domain-url.myshopify.com/:shop_id/checkouts/:token/authentications/:auth_token/3ds"
},
"transaction": {
"amount": "323.17",
"amount_in": null,
"amount_out": null,
"amount_rounding": null,
"authorization": "ch_1CfBrOCNqnO8CNQxAtf5k9iX",
"created_at": "2018-06-20T15:20:53-04:00",
"currency": "USD",
"error_code": null,
"gateway": "shopify_payments",
"id": 597850423352,
"kind": "sale",
"message": "Transaction approved",
"status": "success",
"test": true
},
"unique_token": "client-side-idempotency-token"
}

Anchor to POST request, Creates a new payment
post
Creates a new payment

Creates a payment on a checkout using the session ID returned by the card vault

Anchor to Parameters of Creates a new paymentParameters

amount
required

The amount of the payment.

api_version
string
required
request_details
required

The details of the request, including the following attributes:

Show request_details properties

  • ip_address: The IP address of the customer.

  • accept_language: The language preferences of the customer, in the same format as a standard Accept-Language request header.

  • user_agent: The user agent string for the customer's device.

session_id
required

A session ID provided by the card vault when creating a payment session.

token
string
required
unique_token
required

A unique idempotency token generated by your app. This can be any value, but must be unique across all payment requests.

Was this section helpful?

Anchor to post-checkouts-token-payments-examplesExamples

Create an authorization using a valid session_id stored in the vault

Path parameters
token=7yjf4v2we7gamku6a6h7tvm8h3mmvs4x
string
required
Request body
payment
Payment resource
Show payment properties
payment.unique_token:"client-side-idempotency-token"

A unique idempotency token generated by the app that created the payment request. For more information, refer to Idempotent requests.

Creating an authorization with a valid session ID but an invalid credit card number fails and returns errors

Path parameters
token=7yjf4v2we7gamku6a6h7tvm8h3mmvs4x
string
required
Request body
payment
Payment resource
Show payment properties
payment.unique_token:"client-side-idempotency-token"

A unique idempotency token generated by the app that created the payment request. For more information, refer to Idempotent requests.

Creating an authorization with a valid session can fail for various reasons

Path parameters
token=7yjf4v2we7gamku6a6h7tvm8h3mmvs4x
string
required
Request body
payment
Payment resource
Show payment properties
payment.unique_token:"client-side-idempotency-token"

A unique idempotency token generated by the app that created the payment request. For more information, refer to Idempotent requests.

Creating an authorization with an invalid session ID fails and returns errors

Path parameters
token=7yjf4v2we7gamku6a6h7tvm8h3mmvs4x
string
required
Request body
payment
Payment resource
Show payment properties
payment.unique_token:"client-side-idempotency-token"

A unique idempotency token generated by the app that created the payment request. For more information, refer to Idempotent requests.

Was this section helpful?
post

/admin/api/2025-07/checkouts/7yjf4v2we7gamku6a6h7tvm8h3mmvs4x/payments.json

curl -d '{"payment":{"request_details":{"ip_address":"123.1.1.1","accept_language":"en-US,en;q=0.8,fr;q=0.6","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36"},"amount":"421.88","session_id":"global-eaaf564807ee89cd","unique_token":"client-side-idempotency-token"}}' \
-X POST "https://your-development-store.myshopify.com/admin/api/2025-07/checkouts/7yjf4v2we7gamku6a6h7tvm8h3mmvs4x/payments.json" \
-H "X-Shopify-Access-Token: {access_token}" \
-H "Content-Type: application/json"

{}

Response

JSON
HTTP/1.1 202 Accepted
{
"payment": {
"id": 1071573808,
"unique_token": "client-side-idempotency-token",
"payment_processing_error_message": null,
"next_action": {
"redirect_url": null
},
"fraudulent": false,
"transaction": null,
"credit_card": {
"first_name": "Bob",
"last_name": "Norman",
"first_digits": "424242",
"last_digits": "4242",
"brand": "bogus",
"expiry_month": 9,
"expiry_year": 2026,
"customer_id": 207119551
},
"checkout": {
"completed_at": null,
"created_at": "2012-10-12T07:05:27-04:00",
"currency": "USD",
"presentment_currency": "USD",
"customer_id": 207119551,
"customer_locale": "en",
"device_id": null,
"discount_code": null,
"discount_codes": [],
"email": "bob.norman@mail.example.com",
"legal_notice_url": null,
"location_id": null,
"name": "#446514532",
"note": "",

Anchor to GET request, Retrieves a single payment
get
Retrieves a single payment

Requires checkouts access scope.

Retrieves the payment information for an existing payment

Anchor to Parameters of Retrieves a single paymentParameters

api_version
string
required
payment_id
string
required
token
string
required
Was this section helpful?

Anchor to get-checkouts-token-payments-payment-id-examplesExamples

Retrieve a payment with a failed transaction

Retrieve a payment with a succesful transaction

Was this section helpful?
get

/admin/api/2025-07/checkouts/7yjf4v2we7gamku6a6h7tvm8h3mmvs4x/payments/25428999.json

curl -X GET "https://your-development-store.myshopify.com/admin/api/2025-07/checkouts/7yjf4v2we7gamku6a6h7tvm8h3mmvs4x/payments/25428999.json" \
-H "X-Shopify-Access-Token: {access_token}"

{}

Response

JSON
HTTP/1.1 200 OK
{
"payment": {
"id": 25428999,
"unique_token": "e01e661f4a99acd9dcdg6f1422d0d6f7",
"payment_processing_error_message": null,
"next_action": {
"redirect_url": null
},
"fraudulent": false,
"transaction": {
"amount": "419.49",
"amount_in": null,
"amount_out": null,
"amount_rounding": null,
"authorization": null,
"created_at": "2025-07-01T14:43:36-04:00",
"currency": "USD",
"error_code": null,
"parent_id": null,
"gateway": "bogus",
"id": 1068278491,
"kind": "authorization",
"message": null,
"status": "failure",
"test": false,
"receipt": {},
"location_id": null,
"user_id": null,
"transaction_group_id": null,
"device_id": null,
"payment_details": null
},
"credit_card": null,
"checkout": {
"completed_at": null,