This guide walks you through everything you need to accept payments with Banked, from initial setup to processing your first transaction. Whether you're implementing single payments for e-commerce or recurring payments for subscriptions, this guide covers both payment types.
This guide will walk you through these key steps:
- Prerequisites and Setup: Get your account and credentials ready
- Choose Your Payment Type: Understand single payments vs mandates
- Create Your First Payin: Make your first API call
- Handle Customer Flow: Guide customers through authorization
- Monitor and Test: Check payin status and test scenarios
- Error Handling: Implement robust error handling
- Go Live: Deploy to production with confidence
Step 1: Prerequisites and Setup
Account Requirements
Before you begin, ensure you have:
- A Banked merchant account (create account here)
- Access to your API credentials (view authentication guide)
- Access to the Bank account Ids that have been setup for you (create account here)
- A development environment for testing (development environment)
API Credentials
You'll receive two sets of credentials:
- Test Credentials: For sandbox environment testing
- Live Credentials: For production payments (available after due diligence)
API Request Headers
All API requests require these headers:
{
"Authorization": "Bearer YOUR_OAUTH_TOKEN",
"Content-Type": "application/json",
"Idempotency-Key": "YOUR_IDEMPOTENCY_KEY",
"Signature": "YOUR_SIGNATURE"
}
Basic Authentication: Use "Basic <base64_encoded_credentials>" instead of OAuth authentication if your API account has been setup for Basic Auth
Idempotency keys prevent duplicate operations. Use unique values for each request.
Test Bank Account
For test payments use the test bank account id provided to you by our support team.
Base URL
The base URL for all API requests in sandbox or production is:
https://api.banked.com
Step 2: Choose Your Payment Type
Banked supports two payment types, each suited for different scenarios and regions:
Best for: e-commerce, invoice payments, service fees, donations
- Trigger a one-time payment
- Customer authorizes each payment individually
- Settles within minutes (AU can settle within seconds)
Best for: e-commerce, Subscription services, membership fees, installment payments, account on file payments
Recurring payments is where multiple payins can be triggered against one PayTo agreement and this is done with our mandates API.
- Create Payin API calls can be made against an active mandate
- Customer authorizes once, then payments process automatically
- Requires mandate setup before first payment
- Currently available in Australia, expanding to other regions
Step 3: Create Your First Payin
For one-time payments, create a payin with complete payment details:
curl --location --request POST 'https://api.banked.com/v3/payins' \
--header 'Authorization: Bearer YOUR_OAUTH_TOKEN' \
--header 'Content-Type: application/json' \
--header 'Idempotency-Key: YOUR_IDEMPOTENCY_KEY' \
--header 'Signature: YOUR_SIGNATURE' \
--data-raw '{
"amount": 100,
"currency": "AUD",
"checkout_config": {
"redirect_url": "http://example.com/"
},
"payment_identification": {
"end_to_end_identification": "order123"
},
"ultimate_creditor": {
"identity_type": "PARTY_IDENTIFICATION",
"name": "Payments R Us"
},
"remittance_information": {
"unstructured": "Description value which displays in the payers internet banking",
"structured": {
"creditor_reference_information": {
"reference": "InternalMerchantID123"
}
}
},
"processing_method": {
"method_type": "ACCOUNT_TO_ACCOUNT",
"creditor_account": {
"account_type": "BANKED_BANK_ACCOUNT_ENTITY",
"bank_account_id": "YOUR_BANK_ACCOUNT_ID"
}
}
}'
Single payments should be canceled if the payment doesn't proceed for any reason. See the payin cancellation section
For recurring payments, you'll need to set up a mandate first, then create payins against it.
Prerequisite: Make sure an active mandate exists see our Mandates Overview for details on setting up and managing mandates.
curl --location --request POST 'https://api.banked.com/v3/payins' \
--header 'Authorization: Bearer YOUR_OAUTH_TOKEN' \
--header 'Content-Type: application/json' \
--header 'Idempotency-Key: YOUR_IDEMPOTENCY_KEY' \
--header 'Signature: YOUR_SIGNATURE' \
--data-raw '{
"amount": 100,
"currency": "AUD",
"payment_identification": {
"end_to_end_identification": "order123"
},
"ultimate_creditor": {
"identity_type": "PARTY_IDENTIFICATION",
"name": "Payments R Us"
},
"remittance_information": {
"structured": {
"creditor_reference_information": {
"reference": "InternalMerchantID123"
}
}
},
"processing_method": {
"method_type": "MANDATE",
"mandate": {
"token": "YOUR_MANDATE_TOKEN"
},
"creditor_account": {
"account_type": "BANKED_BANK_ACCOUNT_ENTITY",
"bank_account_id": "YOUR_BANK_ACCOUNT_ID"
}
},
"actions": [
{
"action_type": "initiate_attempt"
}
]
}'
Key Differences:
- Mandate payins don't require the
creditor_accountfield if set in the mandate (inherited from mandate). You can still override it if needed. - No customer interaction needed after mandate is active
- Must include
initiate_attemptaction to process automatically, otherwise you will have to manually initiate each payin using the actions endpoint.
Note: All amounts are in minor currency units (cents for AUD).
Refer to the API Reference for detailed field descriptions and optional fields.
Step 4: Customer Authorization Flow
Once you create a payin, customers complete the authorization process:
- Customer chooses their bank from the list of available providers
- Customer logs into their bank to authorize the payment
- Customer returns to your redirect URL depending on the payment status - see Redirects.
Choose your integration method:
For recurring payments using mandates, the flow is slightly different:
- One-time setup: Customer authorizes recurring payments during mandate creation
- Ongoing Authorization: Future payments process without the payer needing to re-authorize
- Merchant notification: Merchants receive payment status notifications and can present or notify customers of payment success as needed
Choose your integration method:
Step 5: Monitor Payin Status
You can check the payin status at any time:
curl --location --request GET 'https://api.banked.com/v3/payins/{payin_id}' \
--header 'Authorization: Bearer YOUR_OAUTH_TOKEN' \
--header 'Signature: YOUR_SIGNATURE'
The payin status is returned in the status_details.status field of the response.
Payin Statuses
CREATED: Payin created, customer hasn't selected a bank yetAWAITING_AUTHORIZATION: Customer is authorizing with their bankINITIATED: Bank has accepted the payment requestPENDING: Payment is processingSENT: Payment successful - money has left customer's accountFAILED: Payment unsuccessfulCANCELED: Payin was canceled
Testing simulated test scenarios (Mock Bank)
See the Simulator (Mockbank) page here to see how do simulate approved and declined test scenarios.
Handle Redirect URLs
Set a redirect_url in your payin request to return the customer to your site after the checkout journey completes. Banked will redirect the customer here for all outcomes — success, failure, and cancellation.
{
"redirect_url": "https://yoursite.com/payment/redirect"
}
Optionally, set a nonsuccess_redirect_url if you want to send failed or canceled payments to a different URL than successful ones.
Banked appends the following query parameters to the redirect URL:
payment_id: Unique ID of the payinpayment_result: Status of the payin (SENT,FAILED, etc.)banked-checkout-result: Result of the Banked checkout process
Set Up Webhook Notifications (Recommended)
Set up webhooks to receive real-time payin status updates:
Key webhook events:
payin_initiated: Payin authorized by customerpayin_sent: Payin successfulpayin_failed: Payin failedpayin_pending: Payin is processingpayin_canceled: Payin was canceled
Step 6: Error Handling
Error Handling Best Practices
- Always implement comprehensive error handling
- Provide clear error messages to users
- Log errors for debugging and monitoring
- Have fallback payment methods available
- Monitor payment success rates and set up alerts
Payin Actions
The payin object includes a next_actions field that dynamically surfaces which actions are available based on the payment's current state. Check this field before calling the actions endpoint — attempting an action that isn't listed will return an invalid_action error.
next_actions has two arrays:
completion_paths— actions that move the payment forward toward completionalternate_paths— alternative actions available alongside the primary completion path
The following actions are available on a payin:
| Action | Path | Description |
|---|---|---|
initiate_attempt | completion_paths | Triggers the transfer to the payment network. For mandated payments, pass this in the actions array at creation. |
cancel_current_payment_attempt | alternate_paths | Cancels the active payment attempt without permanently cancelling the payin. |
cancel_payment | alternate_paths | Permanently cancels the payin. |
retry_payment | completion_paths | Re-submits a failed payment made against an active mandate. |
Payin Cancellation
If you're using single payments and the payer doesn't proceed with the payment, or if your website or application isn't proceeding with the payment, then you should cancel the payin to avoid the risk of the payment being processed at a later date.
curl --location --request POST 'https://api.banked.com/v3/payins/{payin_id}/actions' \
--header 'Authorization: Bearer YOUR_OAUTH_TOKEN' \
--header 'Content-Type: application/json' \
--header 'Idempotency-Key: YOUR_IDEMPOTENCY_KEY' \
--header 'Signature: YOUR_SIGNATURE' \
--data-raw '{
"action_type": "cancel_payment"
}'
Payin Retry
Payments made against an active mandate that fail due to a recoverable condition may be reattempted without creating a new payin — check next_actions.completion_paths for retry_payment.
curl --location --request POST 'https://api.banked.com/v3/payins/{payin_id}/actions' \
--header 'Authorization: Bearer YOUR_OAUTH_TOKEN' \
--header 'Content-Type: application/json' \
--header 'Idempotency-Key: YOUR_IDEMPOTENCY_KEY' \
--header 'Signature: YOUR_SIGNATURE' \
--data-raw '{
"action_type": "retry_payment"
}'
For retry limits, retryable error codes, and guidance on when to retry, see Retryable Errors.
Step 7: Go Live
Pre-Launch Checklist
Complete these steps before accepting live payments:
- [ ] Complete due diligence process with Banked
- [ ] Receive live API credentials
- [ ] Update API endpoints to use production environment
- [ ] Configure live webhook endpoints with proper security
- [ ] Update creditor account details to live accounts
- [ ] Test complete payment flow in live environment
- [ ] Set up monitoring and alerting systems
- [ ] Verify all error handling works correctly
Production Testing: Always test your complete integration in production with small amounts before full launch.
Best Practices Summary
Security
- Always use HTTPS for all API requests
- Store API credentials securely (use environment variables)
- Implement webhook signature verification
- Use idempotency keys for all payment creation requests
User Experience
- Use clear, descriptive payment references
- Set appropriate redirect URLs with meaningful content
- Provide alternative payment methods as fallback
Next Steps
Now that you've completed your first payin integration, explore these advanced features:
- Payin Webhooks - Set up real-time notifications
- Payin Status - Understand all possible payin statuses
- Payin Errors - Comprehensive error handling guide