DocsRecipesAPI Rest
DocsAPI RestRecipesTutorialsHelpLog In
Docs
DocsAPI RestRecipesTutorialsHelp

API Integration

Caribbean
Chile
Colombia
Mexico
Panama

Merchants or Banks partners can test RESTful API for testing DCC in their own website, software, or terminal. Each request consists of the Header followed by the Request body.

Get Rate

This API provides the exchange rate based on merchant hierarchy setup on OpenFX 2.0 platform. It uses Source currency, Client cross Reference ID and Merchant Cross Reference ID and Bin to determine the exchange rate.

Get BINs by Currency

This API will provide the list of available BINs in OpenFX for the given currency code.

Environments

FX Solution has different environments that allow the consumption of our RESTful APIs for client development and customer testing. For ease of use, only the testing environment will be available once you are in contact with our Commercial Team with a signed disclosure.

Sandbox

https://int.api.fiservapps.com

  • Uses Sandbox credentials.
  • Test APIs before certifying for production.
  • View the response format of a specific API.
  • Experiment, develop code and fix bugs.

Authentication

API keys are used to authenticate requests. You can request TEST API Keys from your Fiserv Sales or FX Solutions Product team.

Please keep the TEST API Keys secure, these belong to you. Do not share your secret API Keys in publicly accessible websites. All API requests must be made over HTTPS - calls made using HTTP will fail.

Access FX Solution APIs

Follow the steps below to get access to FX Solutions APIs.

  1. Get your TEST API Key and Secret.
  2. You may require a MID (Merchant ID) to construct an API Request to use the Exchange Rate APIs in TEST environment.
  3. Use 1) GET RATE and 2)GET BINS BY CURRENCY.

Endpoints

EnvironmentHost
Integration Testhttps://int.api.firstdata.com

Request Header

FX Solutions RESTful API has a consistent header structure based on a set of parameters. To create the header, provide the following values:

Header NameValueDescription
Api-KeyYesAPI KEY
TimestampYesRequest initiation UTC timestamp, formatted as Epoch time. The value is in milliseconds. Sample value format is 1499961987232
AuthorizationYesHMAC {{signature}}
Client-Request-IdYesContains a unique ID generated by the client that is used for enforcing idempotence on POST actions.
Content-TypeYesapplication/json

Generate HMAC Signature JAVA

private static Mac sha256HMAC = null;

private String generateHmac(final String apiKey, final String clientSecret, final String time, final String clientRequestId, final String payload) throws NoSuchAlgorithmException, InvalidKeyException, JsonProcessingException {

    final StringBuilder rawSignature = new StringBuilder();
    rawSignature.append(apiKey);
    rawSignature.append(clientRequestId);
    rawSignature.append(time);
    rawSignature.append(payload);

    Mac mac = getSha256HMAC();
    SecretKeySpec secretKeySpec = new SecretKeySpec(clientSecret.getBytes(), "HmacSHA256");
    mac.init(secretKeySpec);

    byte[] finalHmac = mac.doFinal(rawSignature.toString().getBytes());

    return Base64.encodeBase64String(finalHmac);
}

private static Mac getSha256HMAC() throws NoSuchAlgorithmException {
    if (sha256HMAC == null) {
        sha256HMAC = Mac.getInstance("HmacSHA256");
    }

    return sha256HMAC;
}

Postman HMAC

var key = postman.getEnvironmentVariable('clientId'); 
var secret = postman.getEnvironmentVariable('clientSecret'); 
 
var time = new Date().getTime(); 
var method = request.method; 
var ClientRequestId = Math.floor((Math.random() * 10000000) + 1); 
var requestBody = request.data; 
 
var rawSignature = key + ClientRequestId + time + requestBody; 
var computedHash = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, secret.toString()); 
computedHash.update(rawSignature); 
computedHash = computedHash.finalize(); 
 
var computedHmac = CryptoJS.enc.Base64.stringify(computedHash); 
 
postman.setEnvironmentVariable('ClientRequestId', ClientRequestId); 
postman.setEnvironmentVariable('time', time); 
postman.setEnvironmentVariable('signature', computedHmac); 
postman.setEnvironmentVariable('key', key); 

HTTP Error Codes

FX Solution uses HTTP response codes to indicate the success or failure of an API request. At a high-level, 200 code indicates success, 4xx code indicates an error that failed given the information provided, 5xx code indicates an error with servers.
Accompanying the 4xx codes will be messages with detail on the parameter causing the error.

Error Messages/Codes

HTTP StatusResponse CodeReasonMessage
OK[Eligible = Y]200RateSupplied
OK[Eligible = D]200SourceAndTargetCannotBeSame
OK[Eligible = N]200CardBrandNotSupported
BAD_REQUEST400NoLocationInfoInvalid client: {CLIENTID}{LOCATION_ID}
BAD_REQUEST400TargetCurrencyInExclusionTarget currency not permitted for client
BAD_REQUEST400TargetCurrencyNotSupported InvalidSourceAmount
NOT_FOUND404SourceCurrencyInExclusion SourceCurrencyNotSupported NoRatesAvailableNo rate available
NOT_FOUND404NoSourceCurrencySpecifiedField error: rateRequest.source Field is limited to the 3 character ISO-4217 alpha currency code.
NOT_FOUND404NoBinInfoAvailable BinNotSupportedBIN or closest match not found:
NOT_FOUND404CountryNotSupported NoPricingTypeSpecified PricingTypeNotSupported
INTERNAL_SERVER_ERROR504
INTERNAL_SERVER_ERROR 500Unhandled Exception