Welcome to the API documentation provided by Astra Payments. In our documentation, you will find the necessary information to integrate with our APIs.
Standards
We follow market standards and best practices for developing our APIs. Below are some of the API standards at Astra Payments.
Environments
Astra Payments APIs have Sandbox environments. The Sandbox environment works as a Testing environment, using fictitious and simulated data to allow developers to have their first contact and understand how the API works.
Attention: as these are simulated data, the Sandbox environment will return data for unit and integration testing purposes.
In the Production environment, only real data should be used.
API Principles
Our APIs follow these principles:
- Restful: our APIs adhere to Restful concepts whenever possible.
- Implementation Agnostic: our APIs are implementation agnostic, meaning they can be implemented in various programming languages.
- Security: our APIs are developed observing all security criteria expected for banking transactions.
- Developer and Client Experience: our APIs are always developed with the goal of offering the best experience for both developers and our clients.
HTTP Status Code Standards
In our APIs, responses follow the HTTP status code standard [RFC 7231]:
- 200-299 – The request was received and executed successfully.
- 400-499 - The request contains syntax or formatting error and cannot be executed.
- 500-599 - The server has an error and cannot execute an apparently valid request.
Our most used HTTP Status Codes are:
| Status | Description |
|---|---|
| 200 | OK |
| 201 | Created |
| 400 | Invalid Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 405 | Method Not Allowed |
| 429 | Too Many Requests |
| 500 | Internal Server Error |
| 503 | Service Unavailable |
Error Object Standard
The error object and error table should be consulted in each API's documentation.
SLA - Service Level Agreement
Our Sandbox environment is stable and has response times similar to operations in the production environment; however, as it is a testing structure, it is not recommended for load testing.
In the Production environment, the Service Level Agreement for our APIs is the same as applied to services provided to our clients through our channels; it is also not recommended for load testing.