Skip to content

Cards

Card payments are available for Visa, Mastercard, and co-branded cards, and since the flow may differ slightly depending on the exact use case, so, in this section we will describe the one-time purchase, but you can also have access to a couple of different use cases.

Info

Besides Visa and Mastercard, co-branded cards as Cartes Bancaires are also supported by SIBS Gateway.

Use the one-time purchase flow when you want to charge the shopper immediately.

Payment optionCategoryCountriesCurrenciesFeaturesIntegrations
CardCredit and debit cardsCzech Republic, France, Germany, Hungary, Portugal, Poland, Romania, Slovakia, SloveniaCZK, EUR, HUF, PLN, RON3D Secure
OneClick/Without a code
Pre-authorized Capture
One-Time Purchase
Partial captures
Partial refund
Recurring
Refunds
Cancellation
Virtual Terminal
API
Payment Form
Prestashop Plugin
WooCommerce Plugin
Magento Plugin

One-time purchase

Check below the available environments where you can perform a server-to-server POST request to generate the transaction.

EnvironmentURLOperation Method & EndpointOperation Description
PRODapi.sibsgateway.comPOST version-id/{id}/card/purchaseRequests the payment registered by the previous checkout using card details inserted by the customer.
TESTstargate-cer.qly.site[1|2].sibs.ptPOST
api/v1/payments/:transactionId/card/purchase
Requests the payment registered by the previous checkout using card details inserted by the customer.

Before you make a payment

Ensure the order has been created and submitted.

Notification

In this request, the Bearer Token is replaced by the checkout response transactionSignature.

The message below represents the one-time purchase where the payment is performed immediately, and no additional services (3D Secure, Tokenization, and Card OneClick) are identified for calling.

Path id

string

Mandatory

An element to query transaction status by Transaction Id.

Show more
Header parameters
Content-type

string

Mandatory

application/json

Show more
Authorization

string

Mandatory

Bearer Token. Based on OAuth2 authentication performed in a pre-step.

Show more
x-ibm-client-id

string

Mandatory

Token that identifies a client organization. It is provided during onboarding process and must be used in every call.

Show more
Request parameters
cardInfo

object

Mandatory

Object that defines the payment operation request fields.

Show more
PAN

string <= 40 characters

Optional

The Primary Account Number (credit card number).

Show more
secureCode

string <= 40 characters

Optional

The security code (CVV/CVC) associated with the credit card.

Show more
validationDate

ISODateTime

Mandatory

The expiration date of the credit card.

Show more
cardholderName

string

Mandatory

The name of the cardholder as it appears on the credit card.

Show more
createToken

boolean

Mandatory

A flag indicating whether to create a token for future use or not (true/false).

Show more

Here is an example of how to make a one-time purchase:

{
 "cardInfo": {
 "PAN": "5236410030000927",
 "secureCode": "776",
 "validationDate": "2026-05-26T00:00:00.000Z",
 "cardholderName": "Jane Smith",
 "createToken": false
 }
}

What’s next?

Have a look at the other Card payment features you can use.

After you make the payment, you will receive a response comprising a paymentStatus in the message. It informs whether the transaction was accepted, declined, still pending a final result, or requires additional action.

  • Success: The purchase has been processed successfully and the customer has been debited.
  • Declined: The purchase has been declined.
  • Pending: The final result of the purchase is not yet known. You will need to inquiry on the status of this transaction until it reaches a final state, or you decide to cancel it.
  • Partial: The purchase is partially accepted, but requires additional actions to the completed (e.g. 3D-Secure authentication). The actionResponse element is provided for instructions on how to proceed.

Get the payment status

Afterwards, once the payment has been processed, you can check the status of your transaction making a GET request.

The Authorisation HTTP header is set to the Bearer token as it was used in the initial Checkout.

Request URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/status
Request Headers:
Autorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6I (...)
X-IBM-Client-Id: b4480347-9fc8-4790-b359-100a99c60ea3
Content-Type: application/json

A successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.

Here are some examples of the possible result codes:

Result CodestatusMsgDescriptionAction
HTTP-200SuccessSuccess responseN/A
HTTP-400Bad RequestThe JSON payload is not matching the API definition or some mandatory HTTP headers are missing.Please check in API Market for the correct syntax.
HTTP-401UnauthorizedOn the Authorization, Bearer token is invalid/expired or not associated with the Terminal used.Please check in SIBS Backoffice under the Credentials if the token is valid and create a new one if needed.
HTTP-403ForbiddenThe ClientID set on the X-IBM-Client-Id HTTP header is not valid or does not possess a valid subscription to the API.Please check in SIBS Backoffice under the SPG APP 2.0 if the ClientID is correct. If the problem persists contact SIBS Gateway support for a ClientID reset.
HTTP-405Method Not AllowedThe HTTP Method used is not matching any of the API definitions available.Please check in API Market for the correct HTTP Method.
HTTP-429Too Many RequestsThe API calls rate limit has been exceeded.Please check in API Market for information on the rate limits that apply to the API.
HTTP-500Internal Server ErrorThe API call has failed… and its most likely on our side.You should retry the operation, and if the problem persists contact SIBS Gateway support for assistance.
HTTP-503Service UnavailableThe API call is not currently available. Usually we are always on, but short availability issues may occur during scheduled maintenance.You should wait and try again later.

Cartes Bancaires

SIBS Gateway also supports co-branded cards as Cartes Bancaires. Please check below how you can perform a server-to-server POST request to generate the transaction with Cartes Bancaires.

  1. Create the order using CRTB as payment method.

Below an example on how to perform an order:

  1. After completing the order successfully, the purchase request can be performed.

The message below presents a one-time purchase where the payment is performed. Please find below the request message parameters details:

Request parameters
cardInfo

object

Mandatory

Object that defines the payment operation request fields.

Show more
PAN

string <= 40 characters

Optional

The Primary Account Number (credit card number).

Show more
secureCode

string <= 40 characters

Optional

The security code (CVV/CVC) associated with the credit card.

Show more
validationDate

ISODateTime

Mandatory

The expiration date of the credit card.

Show more
cardholderName

string

Mandatory

The name of the cardholder as it appears on the credit card.

Show more
createToken

boolean

Mandatory

A flag indicating whether to create a token for future use or not (true/false).

Show more
cardBrandRoutingType

string

Mandatory

Card Brand Routing Type – for Cartes Bancaire should be set to CRTB.

Show more

After performing the payment, a response will be received containing a paymentStatus in the message. It informs whether the transaction was accepted, declined, still pending a final result, or requires additional action.

  1. Get the Payment Status

Afterwards, once the payment has been processed, you can check the status of your transaction making a GET request