1. Non Secure Payment
Sipay API Documentation
  • Overview
    • Getting Started
    • Status Codes
    • PreAuthorization / Authorization
    • Webhook
  • Authentication
    • Generating Token
      POST
  • Installments
    • Getting Installment Information
      POST
    • Installments
      POST
  • Commissions
    • Commission
      POST
  • Non Secure Payment
    • Non-Secure Payment Flow
    • Non-Secure Card Payment
      POST
    • Non-Secure Recurring Payment
      POST
    • Non-Secure Insurance Payment
      POST
    • Non-Secure PreAuthorization Payment
      POST
  • 3D Secure Payment
    • 3D Secure Payment Flow
    • 3D Secure Card Payment
      POST
    • 3D Secure Recurring Payment
      POST
    • 3D Secure PreAuthorization Payment
      POST
  • Payment
    • CheckStatus
      POST
    • ConfirmPayment
      POST
    • CompletePayment
      POST
    • Non-Secure and 3D Payment with Sipay
      POST
    • Refund
      POST
  • Cards
    • Card Registration
    • Pay by Card Token
    • Retrieving Saved Card
    • Edit Saved Card
    • Delete Saved Card
    • NonSecure Payment with Hidden Card
  • HASH
    • Hash Information
  • Recurring
    • Recurring Query Search
    • Recurring Plan Process
    • Recurring Plan Update
  • Cashout
    • Cashout to bank
  • Report
    • Settlement API
  1. Non Secure Payment

Non-Secure Card Payment

Testing
Testing Env
https://provisioning.sipay.com.tr
Testing Env
https://provisioning.sipay.com.tr
POST
/ccpayment/api/paySmart2D
The Payment API is used to send order and credit card details to the Sipay payment integration system. The merchant’s website should verify the payment status after the transaction using the /api/checkstatus endpoint. Based on the API’s success status, the shopping cart and order status should be updated accordingly. In this Payment API, unlike other payment APIs, there is no need to call the getpos API.
Details of Exceptions in Response:
payment_status == 0 : means that operation failed.
The hash_key is used by the merchant to verify that the request came from Sipay. Also, the Transaction Status service verifies whether the operation was successful or unsuccessful.
Details of Insurance Payment:
vpos_type : only applicable for PaySmart2d solution to initiate an insurance payment by an insurance Merchant. If presents value must be “insurance”, otherwise it will throw a validation exception
identity_number : only applicable for PaySmart2d Solution to initiate an insurance payemt by an insurance Merchant when “vpos_type”:”insurance” is present. Value (tckn/vkn/tin) must be within 10-11 digits
cc_no : must be sent in the format : “first_six_digits + **** + last_four_digits”, i.e. if cc_no is 1234567897891234 then cc_no should be sent like “123456****1234” (please consider the number of asterisks, it should always come as the count of four (4) ), otherwise exception will be thrown.
cvv, expiry_month, expiry_year are optional for Insurance payment

Request

Authorization
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
Body Params application/jsonRequired

Examples

Responses

🟢200Success
application/json
Body

🟠401Failed
Request Request Example
Shell
JavaScript
Java
Swift
cURL
curl --location --request POST 'https://provisioning.sipay.com.tr/ccpayment/api/paySmart2D' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '[
  {
    "cc_holder_name": "John Doe",
    "cc_no": "4508034508034509",
    "expiry_month": 12,
    "expiry_year": 2026,
    "cvv": 000,
    "currency_code": "TRY",
    "installments_number": 1,
    "invoice_id": 5874544,
    "invoice_description": "Description",
    "name": "John",
    "surname": "Doe",
    "total": 458,
    "merchant_key": "$2y$10$HmRgYosneqcwHj.UH7upGuyCZqpQ1ITgSMj9Vvxn.t6f.Vdf2SQFO",
    "items": "[\n  {\"name\":\"pr001\",\"price\":\"2.30\",\"quantity\":1,\"description\":\"pr001\"},\n  {\"name\":\"pr001\",\"price\":\"2.70\",\"quantity\":1,\"description\":\"pr001\"},\n  {\"name\":\"pr001\",\"price\":\"5.00\",\"quantity\":2,\"description\":\"pr001\"}\n]\n",
    "cancel_url": "string",
    "return_url": "string",
    "is_commission_from_user": 1,
    "commission_by": "merchant",
    "hash_key": "string",
    "bill_address1": "string",
    "bill_address2": "string",
    "bill_city": "string",
    "bill_postcode": "string",
    "bill_state": "string",
    "bill_country": "string",
    "bill_email": "string",
    "bill_phone": "string",
    "card_program": "string",
    "ip": "string",
    "transaction_type": "Auth",
    "metadata": "string",
    "sale_web_hook_key": "string",
    "app_lang": "en",
    "payment_completed_by": "app"
  }
]'
Response Response Example
200 - Success
{
    "status_code": 100,
    "status_description": "Payment process successful",
    "data": {
        "sipay_status": 1,
        "order_no": "VP17695119746674758",
        "order_id": "VP17695119746674758",
        "invoice_id": "5626563233",
        "sipay_payment_method": 1,
        "credit_card_no": "450803****4509",
        "transaction_type": "Auth",
        "payment_status": 1,
        "payment_method": 1,
        "error_code": 100,
        "error": "",
        "auth_code": "P81865",
        "merchant_commission": 0.1,
        "user_commission": 0,
        "merchant_commission_percentage": 2,
        "merchant_commission_fixed": 0,
        "installment": 1,
        "amount": 5,
        "payment_reason_code": "",
        "payment_reason_code_detail": "",
        "hash_key": "d4d98847f5733692:2c95:ew75EgYQcez2cQ9oMmukOeR6GQZ752e6KPD1Llk4TVhFJvFgIjA4PpPKsi6RWo9J",
        "original_bank_error_code": "",
        "original_bank_error_description": "",
        "host_reference_id": "602700434484"
    }
}
Modified at 2026-03-31 15:36:53
Previous
Non-Secure Payment Flow
Next
Non-Secure Recurring Payment
Built with