Getting Started with the Arrow API!!!!

The Arrow API lets you programmatically process transactions within your merchant account. You can use the API to integrate payment processing into your own web site, mobile application or any other application you may have.

REST & JSON

The API follows REST conventions, and can be invoked by any language or tool than can communicate over HTTP. JSON is the format for sending and receiving data.

Production vs. Demo Gateway

Arrow runs two environments against which you can use the API - production (where your real merchant account lives), and demo - a sandbox for development.

Production is available at https://gateway.arrowpayments.com
Demo is available at http://demo.arrowpayments.com

Each environment has completely separate accounts, API Keys, and data.

Enabling the API

You must enable the API before you can use it. To do this:

Sign in to the Arrow Gateway as an adminstrator (either production or demo)
Click Merchant Setup in the header
Click API in left navigation
Check Enable API, then Save Changes
note the API Key -- you'll need this to connect to the API

Authenticating via the API Key

The API Key obtained above must be passed with each API call to identify you.

Note that you can regenerate your API key the same page you enabled the API. Use this if the key becomes compromised and you need to invalidate it.

Identifying Your Mechant Account via the MID

Many API calls also required an Account MID. This your merchant account number, available under Merchant Setup / Account Configuration in the Arrow Gateway.

Open Test Credentials

You can experiment with the API today without opening a real account or requesting a demo account by using the following credentials:

API Key:	5cbb15c1d87d480f8b82ee1a3abba353
MID:	1231616282
Environment:	demo (http://demo.arrowpayments.com)

Note you will not be able to sign in to this demo account through the web user interface to see the transactions you post. For that, contact Arrow Payments to request a full demo account.

Conventions for Calling the API

Each action or operation you can perform via the API is represented by a URL. If the action changes data, you POST to the URL. If it only retrieves data, you GET from the URL.

POST methods have these characteristics:

URL is in the format /api/{object}/{action}
Parameters are passed in via a JSON object posted to the URL
The API Key is included as a field in the JSON parameter object
Data is returned via a JSON object

GET methods have these characteristics:

URL to get a collection of ojects is in the format /api/{API Key}/{objects}
URL to get a single object is in the format /api/{API Key}/{object}/{id}
Parameters (including the API Key) are passed on the URL string
Data is returned via a JSON object

Using SSL

When connecting to the production environment, you must use SSL (https) protocol to invoke the API.

When connecting to the demo environment, you must use standard http protocol to invoke the API.

How Status & Errors are Returned

The API will indicate the success of each call by returning one of the following HTTP status codes in the response:

200 — call was successful
404 — requested object not found
500 — an error occurred

If the call was not successful (i.e., status is 404 or 500), error message information will be returned in a HTTP Header named "Error".