Features of connection to the Payoneer API
The Payoneer API is a JSON API using the popular request signing method, passing the "Authorization" header with the value 'Basic'., base64_encode ("$username:$password"), where $username and $password are provided to the developer by Payoneer.
The service provides two connection environments, the main one and the so-called sandbox, for each of which there is a pair of $username and $password. The environment is also characterized by its endpoint for sending requests, https://api.sandbox.payoneer.com/v2/programs/ - for the sandbox, https://api.payoneer.com/v2/programs/ - for the main environment.
The Payoneer personal account has a list of users to whose accounts the funds can be transferred (Fig. 1), but there is an additional layer of protection. Payoneer does not provide for free use the real identifiers of its users. To add a user to the above list, a separate request for a registration/authorization link should be made. Moreover, the developer can use its unique identifier for the "invited" user, which will later be used to identify the latter. Thus, each user in the user database can be assigned an “invited” user in Payoneer.
For example, an attempt to get a registration link for a user with Id 1 is made. It is necessary to send a POST request to "payees/registration-link" with the "payee_id" 1 value. When clicking on the received link, the user will see a registration form (Fig. 2). It is important to understand that the registration and authorization links are identical. Payoneer itself determines which request was carried out, and depending on this, renders the form. Therefore, the user of the website must choose whether he (she) is going to register or log in, the link for this will be the same.
After the user has passed registration/authorization through the provided link, he (she) will appear in the list of users to whom the transfer can be made. Now, you can check the status of the user using the request for "payees/$payeeId/status", where payeeId, in our case, has the value 1. If the status is "ACTIVE" (Fig. 3), then the funds can be transferred to the user's account. To do this, it is enough to make a POST-request for "payouts" with the parameters: "payee_id" is the user identifier in the Payoneer system (1), "amount" is the transfer amount, at least $20, "client_reference_id" is a unique transaction identifier, and "description" is a description of the transaction.
Implementing a connection to Payoneer also requires writing a handling of errors returned by Payoneer and integration with the business logic of the website.
It can be noted that Payoneer errors can be divided into two types: errors of validation of transmitted data when http status code is 200, and other errors that are returned with http status code, which is not equal to 200.