PayFacto API - v1.0 - POST /v1/recur/VerifyUser

PayFacto API - v1.0 - POST /v1/recur/VerifyUser

PayFacto API - v1.0 - POST /v1/recur/VerifyUser

Checks whether a token is valid and active in the PayFacto recurring billing vault. Returns the associated masked card details on success. No transaction is processed and no vault record is modified. Use this endpoint to confirm a cardholder registration is still valid before initiating a billing operation, or to retrieve the card details associated with a stored token.

1

Prerequisites

πŸ”‘

API Key

Generate your API key from the Payments Manager: Administrator Client β†’ API Key β†’ Add New Key. Pass it as auth-api-key in every request.

πŸͺ

Company & Merchant Numbers

Your CompanyNumber (5-digit) and MerchantNumber (8-digit) are issued by PayFacto during onboarding. Both are required on every Verify User request.

🌐

Environment Base URL

Test: https://test.api.payfacto.cloud/v1   |   Production: Provided by the PayFacto Integration team upon certification.

πŸ“¦

Request Format β€” Base64-Encoded Payload

Requests use HTTP POST with an application/x-www-form-urlencoded body. Assemble all parameters as a cleartext query string, Base64-encode it, then send: auth-api-key={key}&payload={base64}. This endpoint does not require card data, terminal numbers, or transaction amounts.

πŸ’Ύ

Token Required

The Token field identifies the cardholder vault registration to verify. It must be a token previously returned by /v1/recur/AddUser, /v1/recur/CreateSession, or /v1/recur/AddSubscription.

πŸ”

Read-Only Operation

This endpoint retrieves data only. No transaction is processed, no vault record is modified, and no charge is made to the cardholder.

2

Request

POST https://test.api.payfacto.cloud/v1/recur/VerifyUser
ℹ️

All parameters are passed inside the Base64-encoded payload form field. Raw body format: auth-api-key=<key>&payload=<base64>. This endpoint does not require card data, terminal numbers, or transaction amounts.

Required fields

FieldTypeDescription
CompanyNumberNumeric(5)Identifies the merchant on PayFacto's network. Provided by PayFacto during onboarding. Example: 12345
MerchantNumberNumeric(8)Identifies the merchant to PayFacto's network. Provided by the integration team. Example: 53400000
CustomerNumberAlphanumeric(8)Merchant-assigned customer identifier associated with the token to verify. Example: CLIENT12
LanguageCodeAlphanumeric(1)Language for PayFacto responses. F = French, E = English.
OperatorIDAlphanumeric(8)Identifies the cashier, agent, or system that initiated the request. Example: USER0001
TokenAlphanumeric(35)The token to verify. Must be a token previously returned by /v1/recur/AddUser, /v1/recur/CreateSession, or /v1/recur/AddSubscription. Example: 4111110000001111000000000000000001
3

Request β€” Code Example

⚠️

The example below uses the test endpoint and a sandbox API key. Replace credentials and base URL before going live.

cURL
# Verify User -- POST /v1/recur/VerifyUser
# Step 1: Build the cleartext payload

PAYLOAD="CompanyNumber=12345&MerchantNumber=53400000&CustomerNumber=CLIENT12&LanguageCode=E&OperatorID=USER0001&Token=4111110000001111000000000000000001"

# Step 2: Base64-encode the payload
ENCODED=$(echo -n "$PAYLOAD" | base64)

# Step 3: Submit the request
curl -X POST "https://test.api.payfacto.cloud/v1/recur/VerifyUser" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "auth-api-key=YOUR_TEST_API_KEY&payload=$ENCODED"
4

Response

Always returned

FieldTypeDescription
returnCodeAlphanumeric(4)Identifies the result of the verification. 00 = token is valid and active. 05 = token not found or no longer valid. Refer to Section 6 for all endpoint-specific codes.
serverNumberAlphanumeric(4)Identifies the PayFacto Network server that processed the request.
timeStampAlphanumeric(17)Date and time the request was processed. Format: YYYYMMDD-HHMMSSCC. Example: 20240601-09000100
companyNumberNumeric(5)Echo of the request CompanyNumber.
merchantNumberNumeric(8)Echo of the request MerchantNumber.
languageCodeAlphanumeric(1)Echo of the request LanguageCode.

Conditionally returned

Returned when returnCode is 00. These fields confirm the token is valid and describe the associated cardholder vault registration.

FieldTypeDescription
tokenAlphanumeric(35)Echo of the request Token, confirming which vault registration was verified.
cardNumberAlphanumeric(40)Masked card number associated with this token.
cardTypeAlphanumeric(1)Card brand associated with this token. A = Amex, M = Mastercard, V = Visa, I = Diners, O = Discover.
expirationDateNumeric(4)Card expiration date associated with this token, in MMYY format.
customerNumberAlphanumeric(8)Echo of the request CustomerNumber.
errorDescriptionAlphanumeric(50)Only returned when the verification fails. Human-readable description of the failure reason.
5

Response β€” Code Example

JSON β€” 200 Success (token valid)
{
"returnCode": "00",
"serverNumber": "0001",
"timeStamp": "20240601-09000100",
"companyNumber": "12345",
"merchantNumber": "53400000",
"languageCode": "E",
"token": "4111110000001111000000000000000001 ",
"cardNumber": "411111XXXXXX1111 ",
"cardType": "V",
"expirationDate": "1226",
"customerNumber": "CLIENT12"
}
JSON β€” Token not found
{
"returnCode": "05",
"errorDescription": "TOKEN NOT FOUND",
"serverNumber": "0001",
"timeStamp": "20240601-09000200",
"companyNumber": "12345",
"merchantNumber": "53400000",
"languageCode": "E"
}
6

Error / Return Codes

The following codes are most relevant to this endpoint. For the complete catalogue see the Return Code Index.

Return CodeMeaningWhen it occursRecommended Action
00Token validThe token exists in the PayFacto vault and is active. The response includes the associated masked card details.The token may be used for billing operations. Check the expirationDate to confirm the card has not expired before initiating a charge.
05Token not foundThe token does not exist in the vault, has been deleted via /v1/recur/DelUser, or is no longer valid.Do not attempt to use this token for billing. Re-register the cardholder via /v1/recur/AddUser or /v1/recur/CreateSession to obtain a new token.
9004"Null" value: company numberCompanyNumber is null or blank in the payload.Check your application. The field must correspond to the specification in the documentation.
9005 / 9006Invalid / rejected: company numberCompanyNumber does not match the required 5-digit length or is not configured in the payment solution.Make sure the application uses the correct company number provided by PayFacto. If it does, contact PayFacto customer service.
9007"Null" value: merchant numberMerchantNumber is null or blank in the payload.Check your application. The field must correspond to the specification in the documentation.
9008 / 9009Invalid / rejected: merchant numberMerchantNumber does not match the required 8-digit length or is not configured in the payment solution.Make sure the application uses the merchant number provided by PayFacto. If it does, contact PayFacto customer service.
9051Time outRequest processing timed out.Retry the request. If the problem persists, contact PayFacto customer service.
9049 / 9050Fatal errorA critical error occurred while processing the request.Retry the request. If the problem persists, contact PayFacto customer service.