Core Endpoints

Tonder’s Direct API provides a streamlined set of endpoints for processing payments and withdrawals. The unified design eliminates complex multi-step integrations, allowing you to handle transactions through a single endpoint.

Endpoints Summary

There are two endpoints available for processing transactions:

Process Transaction

Unified endpoint for processing both payments and withdrawals through a single API call.

Check Transaction Status

Retrieve the current status and details of any transaction (payment or withdrawal).

Process Transaction Endpoint

Here you can see the details of how to use the Process Transaction Endpoint.

POST /process/

This is the primary endpoint for creating and processing both payments and withdrawals through a single API call.

Endpoint

`POST /process/`

For request details, see the items below.

Show Request Headers

Headers

Authorization: Token your_api_key
X-Signature-Transaction: calculated_hmac_signature
Content-Type: application/json

Show Request Body

The request body varies based on the operation_type field:

Request Body

{
"operation_type": "payment|withdrawal",
"amount": 1000.50,
"currency": "MXN",
"customer": {
    "name": "Customer Name",
    "email": "customer@email.com"
},
// Additional fields based on operation type
}

Payment Processing

See the request and response examples for payment processing below.

Show Basic Payment Request

Example for payment operations (operation_type: "payment").

Request Body Example

{
"operation_type": "payment",
"amount": 150.00,
"currency": "MXN",
"customer": {
    "name": "Ana María Rodríguez",
    "email": "ana.rodriguez@email.com"
},
"payment_method": {
    "type": "CARD",
    "card_number": "9230-0892-4469-1474",
    "cardholder_name": "c05d89b2-299c-4f93-b49a-42be00d3b64b",
    "cvv": "d31f0da3-0ed3-4ad8-8b68-14c2669a99a7",
    "expiration_month": "e401a32e-4174-424f-9688-727005f6a80e",
    "expiration_year": "bd9ccc23-3d00-4109-9626-fc6581389063"
},
"client_reference": "order-789",
"return_url": "https://mystore.com/payment/return"
}

Show Payment Response

Example for payment response.

Response Example

{
"id": "550e8400-e29b-41d4-a716-446655440000",
"operation_type": "payment",
"status": "authorized",
"amount": 150.00,
"currency": "MXN",
"merchant_reference": "order-789",
"payment_id": 12345,
"transaction_id": "txn_abc123",
"provider": "stripe",
"created_at": "2024-07-26T10:30:00Z",
"status_code": 201
}

Withdrawal Processing

See the request and response examples for withdrawal processing below.

Show SPEI Withdrawal Request

Example for SPEI withdrawal operations (operation_type: "withdrawal").

Request Body Example

{
  "operation_type": "withdrawal",
  "amount": 750.00,
  "currency": "MXN",
  "reference": "payout-001",
  "transfer_method": "SPEI",
  "description": "Commission payment",
  "beneficiary": {
    "account": "012345678901234567",
    "name": "Roberto Martínez García",
    "rfc": "MAGR850920XY1",
    "institution": "40012",
    "email": "roberto.martinez@email.com"
  }
}

Show Withdrawal Response

Example for withdrawal response.

Response Example

{
  "id": "550e8400-e29b-41d4-a716-446655440001",
  "operation_type": "withdrawal",
  "status": "processing",
  "amount": 750.00,
  "currency": "MXN",
  "merchant_reference": "payout-001",
  "created_at": "2024-07-26T10:30:00Z",
  "status_code": 201
}

Transaction Status Endpoint

Here you can see the details of how to use the Transaction Status Endpoint.

GET /transactions/{transaction_id}/

Retrieve the current status and details of any transaction (payment or withdrawal).

Endpoint

GET /transactions/{transaction_id}/

For request details, see the items below.

Show Request Headers

Headers

Authorization: Token your_api_key
X-Signature-Transaction: calculated_hmac_signature
Content-Type: application/json

Show Path Parameters

transaction_id

string

required

The unique transaction identifier returned from the /process/ endpoint

Show Example Request

Request Example

GET /transactions/550e8400-e29b-41d4-a716-446655440000/
Authorization: Token your_api_key
X-Signature-Transaction: 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
Content-Type: application/json

Show Example Response

Response Example

{
"id": "550e8400-e29b-41d4-a716-446655440000",
"operation_type": "payment",
"status": "success",
"amount": 150.00,
"currency": "MXN",
"merchant_reference": "order-789",
"created_at": "2024-07-26T10:30:00Z",
"updated_at": "2024-07-26T10:32:15Z",
"completion_details": {
    "completed_at": "2024-07-26T10:32:15Z",
    "authorization_code": "AUTH123456"
}
}

Response Codes

The following are the response codes that you may receive in the response.

Success Codes

Code	Description	When Used
200	OK	Status check successful
201	Created	Transaction created successfully
202	Accepted	Transaction accepted for processing

Error Codes

Code	Description	Action Required
400	Bad Request	Fix request format
401	Unauthorized	Check authentication
402	Payment Required	Payment declined
404	Not Found	Check transaction ID
422	Validation Error	Fix request data
429	Rate Limited	Retry with backoff
500	Server Error	Retry request

Implementation Examples

Here you can see the implementation examples for the Process Transaction Endpoint.

import requests
import json

class TonderAPI:
    def __init__(self, api_key, base_url):
        self.api_key = api_key
        self.base_url = base_url
        self.headers = {
            'Authorization': f'Token {api_key}',
            'Content-Type': 'application/json'
        }
    
    def process_payment(self, payment_data):
        """Process a payment transaction"""
        response = requests.post(
            f"{self.base_url}process/",
            headers=self.headers,
            json=payment_data
        )
        
        if response.status_code in [200, 201, 202]:
            return response.json()
        else:
            raise Exception(f"Payment failed: {response.status_code} - {response.text}")
    
    def process_withdrawal(self, withdrawal_data):
        """Process a withdrawal transaction"""
        response = requests.post(
            f"{self.base_url}process/",
            headers=self.headers,
            json=withdrawal_data
        )
        
        if response.status_code in [200, 201, 202]:
            return response.json()
        else:
            raise Exception(f"Withdrawal failed: {response.status_code} - {response.text}")
    
    def get_transaction_status(self, transaction_id):
        """Get transaction status"""
        response = requests.get(
            f"{self.base_url}transactions/{transaction_id}/",
            headers=self.headers
        )
        
        if response.status_code == 200:
            return response.json()
        else:
            raise Exception(f"Status check failed: {response.status_code} - {response.text}")

# Example usage
def main():
    # Initialize API client
    api = TonderAPI(
        api_key="your_api_key",
        base_url="https://stage.tonder.io/api/v1/"
    )
    
    # Process a payment
    payment_data = {
        "operation_type": "payment",
        "amount": 100.00,
        "currency": "MXN",
        "customer": {
            "name": "Test Customer",
            "email": "test@example.com"
        },
        "payment_method": {
            "type": "CARD",
            "card_number": "4242424242424242",
            "cardholder_name": "Test Customer",
            "cvv": "123",
            "expiration_month": "12",
            "expiration_year": "2027"
        },
        "client_reference": "test-001"
    }
    
    try:
        # Process payment
        payment_result = api.process_payment(payment_data)
        print(f"Payment processed: {payment_result['id']}")
        
        # Check status
        status = api.get_transaction_status(payment_result['id'])
        print(f"Payment status: {status['status']}")
        
    except Exception as e:
        print(f"Error: {e}")

Rate Limits

There are rate limits for the Process Transaction Endpoint.

Endpoint	Limit	Window
POST /process/	100 requests	per minute
GET /transactions/	300 requests	per minute

Rate limit headers are included in responses:

X-RateLimit-Limit: Request limit per window
X-RateLimit-Remaining: Requests remaining in current window
X-RateLimit-Reset: Unix timestamp when limit resets

Next Steps

Request Structure – for proper API formatting
Response Format – for handling API responses
Payment Methods – for supported options
Error Handling – for comprehensive error management

Getting Started

API Reference

Payment Processing

Integration

Regional Reference

Resources

Core Endpoints

Endpoints Summary

Process Transaction

Check Transaction Status

Process Transaction Endpoint

Transaction Status Endpoint

Response Codes

Success Codes

Error Codes

Implementation Examples

Rate Limits

Next Steps

Getting Started

API Reference

Payment Processing

Integration

Regional Reference

Resources

​Endpoints Summary

Process Transaction

Check Transaction Status

​Process Transaction Endpoint

​Transaction Status Endpoint

​Response Codes

​Success Codes

​Error Codes

​Implementation Examples

​Rate Limits

​Next Steps

Endpoints Summary

Process Transaction Endpoint

Transaction Status Endpoint

Response Codes

Success Codes

Error Codes

Implementation Examples

Rate Limits

Next Steps