Documentation

Quick Start

This guide walks you through making your first payment charge using the Strictly API.

Prerequisites

A Strictly merchant account with sandbox mode enabled — see Sandbox & Testing
An HTTP client (curl, Postman, or any language SDK)

Get your credentials

You'll need two things to authenticate:
- Merchant credentials — your account email and password
- Key hash — an API key issued to your integration
Both are available in your merchant dashboard under Settings → Security Keys. See Authentication for how to encode them.

You need a Strictly merchant account in sandbox mode to make API calls. Reach out to your account manager or contact us to get set up.
Tokenize a card

The Strictly API does not accept raw card numbers directly — card data must first be tokenized client-side using ZeroGateway.js to produce a single-use paymentToken. Your server then uses that token to make the charge.

See Tokenization for the full setup. For quick testing in sandbox, use the pre-built test token:
```
Code
00000000-000000-000000-000000000000
```

Charge a card

Send a POST to /public/payment/charge with the paymentToken and amount. amount is in cents (e.g. 1000 = $10.00).

cURL
curl -X POST https://api.paywithzero.net/v1/public/payment/charge \
  -H "Authorization: Basic $(echo -n 'YOUR_EMAIL:YOUR_PASSWORD' | base64)" \
  -H "key-hash: YOUR_KEY_HASH" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 1000,
    "card": {
      "paymentToken": "00000000-000000-000000-000000000000"
    },
    "contact": {
      "email": "[email protected]"
    },
    "billingAddress": {
      "address": "123 Main St",
      "city": "San Jose",
      "state": "CA",
      "zipCode": "95101",
      "country": "US"
    },
    "order": {
      "amount": 1000,
      "shipping": 0,
      "tax": 0,
      "discount": 0
    },
    "capture": true
  }'

Handle the response

A successful charge returns HTTP 200 with a data object containing the transaction details:
```
Code
{
  "data": {
    "id": "txn_abc123",
    "status": "approved",
    "amount": 1000,
    "authCode": "ABC123",
    "createdAt": "2024-01-15T10:30:00.000Z"
  }
}
```
If the charge is declined or invalid, the API returns a 400 with an error body. Always check the HTTP status code and the response.code field. See Error Handling.

A declined card returns HTTP 400. The response.code tells you the reason — for example, code 300 means "Transaction was rejected by gateway."
What's next

Now that you've made your first charge, explore the rest of the API:
- Tokenization — set up ZeroGateway.js for real card collection
- Customer Vault — save cards to avoid re-collecting them
- Subscriptions — set up recurring billing
- Refunds — reverse a transaction with POST /public/payment/refund
- Webhooks — get notified when a payment status changes

Try it in the API playground

You can try any endpoint directly from the browser in the API Reference. The playground supports Basic auth — enter your email/password and key-hash to send live requests.

Last modified on March 23, 2026

Introduction Authentication

Prerequisites

A Strictly merchant account with sandbox mode enabled — see Sandbox & Testing

An HTTP client (curl, Postman, or any language SDK)

Get your credentials

You'll need two things to authenticate:
- Merchant credentials — your account email and password
- Key hash — an API key issued to your integration
Both are available in your merchant dashboard under Settings → Security Keys. See Authentication for how to encode them.

You need a Strictly merchant account in sandbox mode to make API calls. Reach out to your account manager or contact us to get set up.
Tokenize a card

The Strictly API does not accept raw card numbers directly — card data must first be tokenized client-side using ZeroGateway.js to produce a single-use paymentToken. Your server then uses that token to make the charge.

See Tokenization for the full setup. For quick testing in sandbox, use the pre-built test token:
```
Code
00000000-000000-000000-000000000000
```

Charge a card

Send a POST to /public/payment/charge with the paymentToken and amount. amount is in cents (e.g. 1000 = $10.00).

cURL
curl -X POST https://api.paywithzero.net/v1/public/payment/charge \
  -H "Authorization: Basic $(echo -n 'YOUR_EMAIL:YOUR_PASSWORD' | base64)" \
  -H "key-hash: YOUR_KEY_HASH" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 1000,
    "card": {
      "paymentToken": "00000000-000000-000000-000000000000"
    },
    "contact": {
      "email": "[email protected]"
    },
    "billingAddress": {
      "address": "123 Main St",
      "city": "San Jose",
      "state": "CA",
      "zipCode": "95101",
      "country": "US"
    },
    "order": {
      "amount": 1000,
      "shipping": 0,
      "tax": 0,
      "discount": 0
    },
    "capture": true
  }'

Handle the response

A successful charge returns HTTP 200 with a data object containing the transaction details:
```
Code
{
  "data": {
    "id": "txn_abc123",
    "status": "approved",
    "amount": 1000,
    "authCode": "ABC123",
    "createdAt": "2024-01-15T10:30:00.000Z"
  }
}
```
If the charge is declined or invalid, the API returns a 400 with an error body. Always check the HTTP status code and the response.code field. See Error Handling.

A declined card returns HTTP 400. The response.code tells you the reason — for example, code 300 means "Transaction was rejected by gateway."
What's next

Now that you've made your first charge, explore the rest of the API:
- Tokenization — set up ZeroGateway.js for real card collection
- Customer Vault — save cards to avoid re-collecting them
- Subscriptions — set up recurring billing
- Refunds — reverse a transaction with POST /public/payment/refund
- Webhooks — get notified when a payment status changes