📘
This is the latest documentation
This documentation you are reading is for the latest version.
If you are integrated with the old payment page integration (v1), please find its documentation here.

Overview

Welcome to PagSeguro's Payment Page API reference guide.
This document contains the basic concepts and technical details to pay for transactions using our Payment PAPI for countries that we have available. It also has practical examples of requests and pertinent notes on how our API works.

Concepts and Terms

List the main definitions and standards that developers may need to successfully integrate with PagSeguro's Checkout API.

Term	Concept
API	Application Programming Interface (API) is a way to allow third parties to use your application's resources.
REST	Representational State Transfer (REST) is a style of software architecture for API services.
HTTPS	Hypertext Transfer Protocol Secure (HTTPS) is the secure version of HTTP, which is the main protocol used to send data between a web browser and a website. HTTPS is encrypted to increase data transfer security.
cURL	cURL is a computer software tool for transferring data using various network protocols.
JSON	JavaScript Object Notation (JSON) is a lightweight data interchange format.
TLD	Top-Level Domain is the last segment of your domain name, that element located after the last dot. Since it is at the end of the address, it is also known as the domain suffix.
Sandbox	Safe dummy domain beyond production, suitable for a smooth integration experience.
Merchant	Person or organization that provides work or supplies goods for a particular niche.
Store	Store or commercial establishment used in the integration.
Customer	Person or organization that makes the payment, for work performed or goods received.
transaction-code	Transaction code is generated by PagSeguro after the completion of a payment request. This code is returned through the Notify API.
checkout-code	PagSeguro generated code to identify the Checkout created by the request.
OBT	Offline bank transfer (OBT), in this method the buyer receives a reference number during the payment process. They will be able to complete the purchase through their internet banking, or directly at a bank service station, informing the reference number or payment details to complete the transaction, in which case the authorization is not immediate.
EFT	Real-Time transfer\Electronic Funds Transfer(EFT). In this method, the customer pays using some of the bank's online functionality, like internet banking. In most cases payment authorization is immediate.
prepay	The buyer must be in possession of or purchase a card/voucher before initiating a transaction. These cards are generally not associated with acquisitions and authorization is usually immediate. Most prepay products have a fund limit and some do not allow multiple cards/vouchers to move a single transaction.
postpay	When the shopper makes an online transaction and pays later at an affiliated network of stores or a banking network. These are usually methods that allow payment in cash.
e-wallet	e-Wallet is an electronic device, online service, or software program that allows one party to make electronic transactions with another party bartering digital currency units for goods and services. This can include purchasing items online with a computer or using a smartphone to purchase something at a store.

Considerations

Checkout API uses REST architecture. The protocol used is HTTPS. PagSeguro Checkout’s API uses the Basic Authentication The API’s requests and responses bodies are in JSON format.

Onboarding

The merchant who wants to transact with PagSeguro must contact our sales team through the website: https://international.pagseguro.com/talk-to-us.

Credentials

To carry out the authentication process, the Merchant needs the credentials (Merchant ID and Password) made available in its registration with PagSeguro, through the page: https://myaccount.international.pagseguro.com.

Environments

Test environment available to assist in the development of the integration and simulate transaction requests and status changes available on the platform. Attention: the environment only simulates the creation of a transaction.

Sandbox

All transactions generated in the sandbox environment can be manipulated manually by developers to simulate the possible situations that PagSeguro returns through the site: https://billing-partner.boacompra.com.

In the Sandbox Environment section we explain how to use the sandbox environment.

🚧
Base URL for Sandbox
https://api.sandbox.international.pagseguro.com

Production

The environment is used to create transactions in real-time. All transactions generated in this environment will be processed by PagSeguro.

📘
Base URL for Production
https://api.international.pagseguro.com

Authentication

All requests made to the PagSeguro APIs must be authenticated. PagSeguro Checkout’s API uses the Basic Authentication approach. That means the Merchant has to send the HTTP requests with the Authorization header.

The Authorization header must contain the word Basic followed by a space and a base64-encoded string with merchant_id:secret_key.

For example:

Authorization: Basic MTIzNDozN2IzNmUxNy1lZGIyLTRkNjAtOWFmZC05MTA2MmJlYmY1ZTQ=

Because base64 is easily decoded, PagSeguro Checkout’s API only accepts requests throughout HTTPS/SSL/TLS.

Once the Merchant’s On-boarding is concluded, the Merchant’s Developers will have a credential pair (merchant_id and secret_key) to use in the requests. Anyone in possession of the credential pair will be able to create checkouts with PagSeguro.

Be sure to keep both, merchant_id and secret_key, in a safe and private place. Do not share it in client-side applications or public repositories.

The code snippet below shows an Authorization header’s example:

<php
$key = '1234';
$secret = '37b36e17-edb2-4d60-9afd-91062bebf5e4';
$encoded = base64_encode(sprintf('%s:%s', $key, $secret));
$header = sprintf('Authorization: Basic %s', $encoded);

echo $header;

// Authorization: Basic MTIzNDozN2IzNmUxNy1lZGIyLTRkNjAtOWFmZC05MTA2MmJlYmY1ZTQ=

String key = "1234";
String secret = "37b36e17-edb2-4d60-9afd-91062bebf5e4";

String encoded = Base64.getEncoder().encodeToString((key + ":" + secret).getBytes());
String header = "Authorization: Basic " + encoded;

System.out.println(header);

//Authorization: Basic MTIzNDozN2IzNmUxNy1lZGIyLTRkNjAtOWFmZC05MTA2MmJlYmY1ZTQ=

require "base64"

key = '1234'
secret = '37b36e17-edb2-4d60-9afd-91062bebf5e4'

encoded = Base64.encode64(key + ':' + secret)
header = 'Authorization: Basic ' + encoded

puts header

// Authorization: Basic MTIzNDozN2IzNmUxNy1lZGIyLTRkNjAtOWFmZC05MTA2MmJlYmY1ZTQ=

import base64

key = "1234"
secret = "37b36e17-edb2-4d60-9afd-91062bebf5e4"
key_secret = key + ":" + secret

encoded = key_secret.encode("ascii")
header = "Authorization: Basic " + base64.b64encode(encoded).decode()

print(header)

// Authorization: Basic MTIzNDozN2IzNmUxNy1lZGIyLTRkNjAtOWFmZC05MTA2MmJlYmY1ZTQ=

Checkout API

Sequence Flow

Customer → Merchant: Customer finalizes the purchase through Merchants Store
Merchant → PagSeguro: Merchant sends a Create Checkout request to PagSeguro with the Customer's data
PagSeguro → Merchant: PagSeguro processes the requested data and returns a Checkout URL to the Merchant
Merchant → Customer: Merchant redirects Customer to the Checkout URL generated by PagSeguro
Customer → PagSeguro: Customer completes the payment flow at PagSeguro Checkout;
PagSeguro → Merchant: PagSeguro redirects the customer to the Merchant Store.

Environments

Production

📘
Checkout API URL for Production
https://api.international.pagseguro.com/v3/checkouts
Method: POST

Sandbox

🚧
Checkout API URL for Sandbox
https://api.sandbox.international.pagseguro.com/v3/checkouts
Method: POST

Request

To create a Checkout with the PagSeguro API, the following objects will be used: integration, order, checkout, charge and payer.

To perform authentication, use the default authentication method defined in Authentication Section
Use Content-Type header with the value "application/json".

Integration

The “integration” object contains integration data referring to the Merchant Store. The available parameters are:

Parameter	Description	Type	Validation	Mandatory
integration	General integration information.	Object	-	Yes
integration.reference	Merchant reference code.	String	Min. 4, Max. 64 Pattern: ^([A-Za-z0-9-_/])$	Yes
integration.notification_url	URL (must bind ports 80 or 443) used to send transaction status change notifications by HTTP	String	A valid URL, Max. 200	Yes
integration.project	Integration project identifier. The default value is 1	Integer	Min. 1	No

Order

The “order” object contains the value and list of products that the Customer purchased from the Merchant store. The available parameters are:

Parameter	Description	Type	Validation	Mandatory
order	General order information.	Object	-	Yes
order.currency	Currency of order (ISO 4217)	String	*[]**	Yes
order.items[]	Set of items	Array	Min. 1, Max. 100	Yes
order.items[].quantity	Item quantity	Integer	Min. 1	Yes
order.items[].description	Item description	String	Max. 180	Yes
order.items[].unit_price	Price per unit	Float	Min. 0.01	Yes

Validation Currency

ISO Code	Currency
ARS	Argentine Peso (Argentina)
BOB	Bolivian Boliviano (Bolivia)
BRL	Brazilian Real (Brazil)
CLP	Chilean Peso (Chile)
COP	Colombian Peso (Colombia)
CRC	Costa Rican Colon (Costa Rica)
EUR	Euro (Portugal, Spain)
GTQ	Guatemalan Quetzal (Guatemala)
MXN	Mexican Peso (Mexico)
NIO	Cordoba (Nicaragua)
PEN	Nuevo Sol (Peru)
PYG	Guarani (Paraguay)
RON	Leu Romeno (Romania)
TRY	Turkish Lira (Turkey)
USD	Dollar (Ecuador, El Salvador, Panama, Puerto Rico, USA)
UYU	Uruguayan Peso (Uruguay)

Checkout

The “checkout” object contains information on how the PagSeguro Checkout will be displayed to the Customer, the available parameters are:

Parameter	Description	Type	Validation	Mandatory
checkout	Checkout information	Object	-	Yes
checkout.language	Checkout language	String	*[]**	Yes
checkout.redirect_urls	Checkout redirect URLs	Object	A Valid URL	Yes
checkout.redirect_urls.success	Checkout redirect URL success	String	Max. 200	Yes

Validation Language

List of translations available for PagSeguro Checkout:

Language	Locate
en_US	English
es_ES	Spanish
pt_BR	Brazilian Portuguese
pt_PT	Portugal Portuguese
tr_TR	Turkish

Charge

The “charge” object contains the payment information to generate the transaction. Checkout can present the payment methods to the Customer in two ways, via the type or via the specific method.

The type is a group of payment methods, making it possible to inform only the type, which will show all linked methods at checkout, or directly inform the payment method.
Eg: it is possible to inform the credit card type, which will open options to inform the brand, or inform the VISA payment method directly.

The type can also be omitted, in which case checkout would present all payment methods to the customer.

The available parameters are:

Parameter	Description	Type	Validation	Mandatory
charge	Object that contains the Billing data for a transaction.	Object	-	Yes
charge.country	Country of origin of the collection.	String	*[]**	Yes
charge.type	Grouper with the Type of charge to be presented at Checkout	String	*[]**	No
charge.credit_card	Credit Card specific payment method.	String	*[]**	No
charge.debit_card	Debit Card-Specific Payment Method	String	*[]**	No
charge.e_wallet	Specific payment method for Electronic Wallet	String	*[]**	No
charge.eft	Specific payment method for Real-Time transfer\Electronic Funds Transfer(EFT)	String	*[]**	No
charge.obt	Specific payment method for Offline bank transfer (OBT)	String	*[]**	No
charge.postpay	Postpay specific payment method	String	*[]**	No
charge.prepay	Prepay specific payment method	String	*[]**	No

Country Validation

The list of all payment methods by country can be found in the section: Available payment methods by country.

ISO	Country
AR	Argentina
BO	Bolivia
BR	Brazil
CL	Chile
CO	Colombia
CR	Costa Rica
EC	Ecuador
SV	El Salvador
GT	Guatemala
MX	Mexico
NI	Nicaragua
PA	Panama
PY	Paraguay
PE	Peru
PT	Portugal
PR	Puerto Rico
RO	Romania
ES	Spain
TR	Turkey
US	United States
UY	Uruguay