SaltPay, all rights reserved. 2022 ©

Getting started

SaltPay's Restful Payment Gateway enables merchants to accept payments in a variety of ways. After receiving Public and Private access tokens from SaltPay you can start accepting payments.

  • Private Access Token is your secret token and should be treated as confidential and sensitive information. This token gives you full access to RPG's functionality.

  • Public Access Token is your public token and can safely be embedded into client applications and websites. This token can only be used to create single use card tokens that can then be used to charge the card using the Private access token.

FunctionalityPrivate Access TokenPublic Access Token
Charge cardsYesNo
Get payment informationYesNo
Cancel paymentYesNo
Refund paymentYesNo
Create Single Use Card TokenYesYes
Disable Single Use Card TokenYesNo
Create Multi Use Card TokenYesNo
Disable Multi Use Card TokenYesNo
Access Notification eventsYesNo
MPI connection functionalityYesNo

Documentation Topics

Accepting and working with payments

Single use card tokens

Multi use card tokens

Connecting Webhook notifications

Example JSON requests and responses

API Reference

Action Codes Reference


Term Description
RPG Restful Payment Gateway.
Access Token A token issued by SaltPay that can be used to access RPG and related services.
Private Access Token A token issued by SaltPay that can be used to access all RPG functionality. See Getting Started.
Public Access Token A token issued by SaltPay that can be used to access non sensitive functions of RPG. See Getting Started.
PreAuthorization A specific amount that has been set aside on a customers card, this amount can be captured to make it a complete transaction. Useful when charging of card occurs later.
Sale A charge on a card.
Transaction A financial transaction, transactions can be of type Sale or PreAuthorization.
ActionCode A code returned from SaltPay that indicates status of a financial operations. See Action Codes Reference.
PCI DSS Payment Card Industry Data Security Standard designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
PAN Primary Account Number (Usually Credit or Debit card number).
Single Use Card Token Token generated by RPG that expires after use or after a set amount of time. Can be used to charge a card once.
Multi Use Card Token Token generated by RPG that can be used to charge a card multiple times.
Webhooks Notifications Notification events that are pushed to a server by SaltPay when a specified event occurrs such as when a transaction has been created.
3DSecure A method for cardholder verification. More information
Merchant Plugin Interface (MPI) A service interface that merchants connect to when performing 3DSecure authentication.