Skip to content


giropay is a German payment method that simplifies online purchases through fast, secure and guaranteed bank transfers.

It is an online banking-based payment method that allows customers to complete transactions online, with funds directly debited from their bank accounts. Depending on their bank, customers may confirm payments using a second-factor authentication or a PIN.

Payment optionCategoryCountryCurrencyFeaturesIntegrations
giropayOnline BankingGermanyEURPartial refund
Payment form
Prestashop plugin
WooCommerce plugin
Magento plugin

How to use giropay

The journey proceeds as follows:

  1. On the merchant’s website, the customer chooses to pay online via giropay.
  2. The customer is guided to a page where they can select their preferred bank and is redirected to the bank’s online banking page.
  3. Following this, the customer securely logs in to their chosen bank using their account credentials.
  4. A transaction summary is then presented to the customer, enabling them to review all transaction details prior to authorizing the payment.
  5. Once authorized, a transaction confirmation promptly reassures the customer, while the consumer is redirected to the merchant’s website.
  6. Merchant is notified of the successful payment.

How it works

Below you will find a detailed overview of the key steps essential for integrating the giropay payment method.

Step 1: Create the Order
Step 2: Get the Payment Link
Step 3: Get the Payment Status
Step 1: Create the Order

Ensure you have initiated the order request with giropay (“GRPY”) selected as the designated payment method (transaction.paymentMethod) and configured the customer’s language preference in customerInfo.customerLanguage.

Step 2: Get the Payment Link

Follow the instructions provided to obtain the payment link, to redirect the customer to a secure payment page for authentication and payment authorization.

Please be aware that the request below requires an Authorization Header containing the transactionSignature obtained on the previous step.

EnvironmentURLOperation Method & EndpointOperation Description
PRODapi.sibsgateway.comPOST {version-id}/payments/{id}/pbl/payment-linkPerform the transaction and redirect user to Payment Host.[1|2].sibs.ptPOST {version-id}/payments/{id}/pbl/payment-linkPerform the transaction and redirect user to Payment Host.

Ensure that you include these essential elements as specified:

LocationData ElementTypeConditionDescription
PathidStringMandatoryUsed to identify the transaction
Header parameters:
LocationData ElementTypeConditionDescription
Request HeaderContent-TypeStringMandatoryapplication/json
Request HeaderAuthorizationStringMandatoryAuthorization Digest
Request parameters:
LocationData ElementTypeConditionDescription
Request BodyuserAcceptanceIndicatorBooleanMandatoryIndicates if the user has accepted the Terms and Conditions, in order to continue with the payment.
Request BodygatewayIdStringMandatoryPayment Channel identifier for the channel the Customer is going to use for their payment.
Value: ‘giropay’ – giropay;
Request BodyinfoInfoMandatoryObject that defines the transaction additional information.
Request Body.infodeviceInfoDeviceInfoOptionalObject that defines the customer device information.
Request Accept Header
Request Java Enabled
Request Language
Request Color Depth
Request Screen Height
Request Screen Width
Request Time Zone
Request User Agent
Request Family
Request Version
Request Architecture
Request Manufacturer
Request Model
Request Unique Identification
Request Name
Request Version
Request Address
Request BodycustomerInfoCustomerInfoOptionalKey Value tuple array.
Request Body.customerInfokeystringMandatoryUsed to supply “customerName”, “customerEmail”.
Request Body.customerInfovaluestringMandatoryUsed to supply “customerName”, “customerEmail”.
Request BodymerchantMerchantOptionalMerchant Data
Request Body.merchantmerchantURLstringMandatoryMerchant Shop URL for redirect.
Request Body.infoaccountInfoAccountInfoOptionalAccount related data. 
Applicable when gatewayId is ‘giropay’,
Request Holder Name. UTF-8 Format. 
Request CodeOptionalCustomer Country Code. Alpha2

Here’s a model of how to get the payment link:

 "userAcceptanceIndicator": true,
 "gatewayId": "giropay",
 "info": {
 "deviceInfo": {
 "browserAcceptHeader": "application/json, text/plain, */*",
 "browserJavaEnabled": "false",
 "browserLanguage": "en",
 "browserColorDepth": "24",
 "browserScreenHeight": "1080",
 "browserScreenWidth": "1920",
 "browserTZ": "-60",
 "browserUserAgent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36",
 "geoLocalization": "Lat: 38.7350528 | Long: -9.2143616",
 "systemFamily": "Windows",
 "systemVersion": "Windows",
 "deviceID": "498bfd4c3a3645b38667a7037b616c18",
 "applicationName": "Chrome",
 "applicationVersion": "106"
 "customerInfo": [
 "key": "customerName",
 "value": "Test Name"
 "key": "customerEmail",
 "accountInfo": {
 "holderName": "Test Name",
 "customerCountry": "DE"
 "merchant": {

After successfully completing the operation, a ‘pending’ paymentStatus is received.

The user is then redirected to a payment confirmation environment before being seamlessly returned to the merchant’s URL.

Step 3: Get the Payment Status

You can perform a “Get Status” operation to check the status at any time.

The Authorization HTTP header is set to the Bearer token as it was used in the initial Checkout.

GET {transactionID}/status
Request URL:{transactionID}/status
Request Headers:
Authorization: ‘Bearer <AuthToken>’
X-IBM-Client-Id: ‘<ClientId>’
Content-Type: application/json

A successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.

Here are some examples of the possible result codes:

Result CodestatusMsgDescriptionAction
HTTP-200SuccessSuccess responseN/A
HTTP-400Bad RequestThe JSON payload is not matching the API definition or some mandatory HTTP headers are missing.Please check in API Market for the correct syntax.
HTTP-401UnauthorizedOn the Authorization, Bearer token is invalid/expired or not associated with the Terminal used.Please check in SIBS Backoffice under the Credentials if the token is valid and create a new one if needed.
HTTP-403ForbiddenThe ClientID set on the X-IBM-Client-Id HTTP header is not valid or does not possess a valid subscription to the API.Please check in SIBS Backoffice under the SPG APP 2.0 if the ClientID is correct. If the problem persists contact SIBS Gateway support for a ClientID reset.
HTTP-405Method Not AllowedThe HTTP Method used is not matching any of the API definitions available.Please check in API Market for the correct HTTP Method.
HTTP-429Too Many RequestsThe API calls rate limit has been exceeded.Please check in API Market for information on the rate limits that apply to the API.
HTTP-500Internal Server ErrorThe API call has failed… and its most likely on our side.You should retry the operation, and if the problem persists contact SIBS Gateway support for assistance.
HTTP-503Service UnavailableThe API call is not currently available. Usually we are always on, but short availability issues may occur during scheduled maintenance.You should wait and try again later.