Records and processes a Contribution with the payment information provided in the request body.
This endpoint should only be used in circumstances when the client or vendor has the ability to ensure PCI-compliant handling of payment data for any users of these APIs. EveryAction will ingest payment data in a manner that is PCI-compliant for EveryAction, but will not be responsible for integrating these APIs with any client systems or external vendors.
Only requests to POST payments-api.securevan.com/contributions/payments will accept payment data in the request body, and all other domains will reject requests which appear to contain payment information.
In order to process a contribution, the paymentMethod object must include all parameters associated with the specified paymentType and the paymentType may be either CreditCard or ElectronicFundsTransfer. An amount must be between $0.01 and $999,999.99.
If a contribution is processed successfully, the endpoint responds with HTTP Status Code 201 Created and the integer ID of the created Contribution in the response body.
The Idempotency-Key header is required. This header prevents the server from processing duplicate requests. If a request's Idempotency-Key matches the Idempotency-Key of an existing completed request, the server will not process a contribution and will respond with the status code and response body of the original request, with the header Idempotent-Replayed: true. If a request's Idempotency-Key matches the Idempotency-Key of an in-progress request, the server will not process a contribution and will respond with a 409 error. Idempotency Keys are temporary, but will be remembered by the system for at least 48 hours.
For EFT payments: When using the Bonterra Payments gateway, you must set an email address anywhere a contribution can be initiated so that donors can receive a bank account verification email, which contains instructions on how to verify their account and confirm their EFT payment (for contributions under $150). You must also include a mandate, legally required text that donors must agree to and that acts as a confirmation of consent from the donor for an organization to initiate a withdrawal from their bank account.