search

PCI Subscription Creation Endpoint

circle-check

The PCI flow is available only to merchants who have achieved PCI compliance and can securely handle credit card information.

hashtag
Endpoint

POST https://cc-api-stg.onekeypayments.com/v3/subscriptions

hashtag
Process

  1. Merchant collects payment details directly from customer

  2. Merchant submits complete subscription request including credit card data

  3. System processes payment and creates subscription immediately

  4. API returns subscription confirmation directly in the response

chevron-rightRequest Examplehashtag
{
  "invoice_id": "INV123456",
  "amount": 70.00,
  "currency": "BRL",
  "country": "BR",
  "payer": {
    "id": "PAYER123",
    "document": "123456789",
    "document_type": "CPF",
    "email": "[email protected]",
    "first_name": "John",
    "last_name": "Doe"
  },
  "description": "Premium Subscription",
  "subscription": {
    "start_date": "2025-01-01",
    "plan": "MONTHLY",
    "plan_unit": 1,
    "auto_renewal": false
  },
  "credit_card": {
    "cvv": "123",
    "card_number": "4111111111111111",
    "expiration_month": "12",
    "expiration_year": "25",
    "holder_name": "John Doe"
  },
  "client_ip": "192.168.1.1",
  "back_url": "https://example.com/back",
  "success_url": "https://example.com/success",
  "error_url": "https://example.com/error",
  "notification_url": "https://example.com/notify"
}

hashtag
Create a new subscription with credit card details

post

This endpoint allows PCI merchants to create a new subscription with direct credit card details.

Header parameters
Content-TypestringRequired

Media type of the body sent to the API.

Default: application/json
X-Datestring · date-timeRequired

ISO8601 Datetime with Timezone (yyyy-MM-dd'T'HH:mm:ssZ)

X-LoginstringRequired

Merchant X-Login API Key.

AuthorizationstringRequired

Authorization control hash.

X-Idempotency-KeystringOptional

Unique idempotency key for ensuring that the same request is not processed more than once.

Body
invoice_idstringRequired

Unique identifier for the invoice

Example: INV123456
amountnumber · doubleRequired

Amount to be charged for the subscription

Example: 70
currencystringRequired

Three-letter currency code (ISO 4217)

Example: BRL
countrystringRequired

Two-letter country code (ISO 3166-1 alpha-2)

Example: BR
descriptionstringOptional

Description of the subscription

Example: Premium Subscription
client_ipstringOptional

IP address of the client

Example: 192.168.1.1
back_urlstring · uriOptional

URL to redirect after payment process

Example: https://example.com/back
success_urlstring · uriOptional

URL to redirect after successful payment

Example: https://example.com/success
error_urlstring · uriOptional

URL to redirect after failed payment

Example: https://example.com/error
notification_urlstring · uriOptional

URL to send payment status notifications

Example: https://example.com/notify
Responses
post
/v3/subscriptions

hashtag

hashtag
Successful Response Structure

Field
Type
Description
Example

subscription_id

Integer

Unique identifier of the created subscription

1234

Example response

hashtag
Error Response Structure

Field
Type
Description
Example

code

Integer

Error code indicating the type of error

400

description

String

Human-readable description of the error

"Invalid input data"

type

String

Machine-readable error type identifier

"VALIDATION_ERROR"

hashtag
Bad Request - Invalid input data

hashtag
Unprocessable Entity - Validation error

hashtag
Service Unavailable - Error creating subscription

hashtag
Subscription Plans

The following subscription frequencies are supported:

Plan
Description

DAILY

Recurring billing every day

WEEKLY

Recurring billing every week

MONTHLY

Recurring billing every month

ANNUALLY

Recurring billing every year

circle-check

hashtag
Tests in STG Environment.

To test the Subscriptions API in the staging environment, use the parameter plan with the value TEST inside the subscription[] object when calling either the OneShot or PCI endpoints.

This triggers simulated deposits every minute, along with the corresponding webhook events, so you can quickly verify the full subscription lifecycle. The number of deposits generated depends on the value of the plan_unit parameter, making it easy to observe the expected behavior in just a few minutes.

PreviousOneShot Subscription CreationNextNotifications

Last updated

Was this helpful?