Use transaction APIs for customer-facing views and webhook events for backend synchronization. The Card Issuing API exposes transaction history, transaction details, pending 3D Secure challenges, and challenge response.
curl "https://issuing-stage.xmoney.com/v1/transactions?page=1&size=20" \
-H "Authorization: Bearer CUSTOMER_ACCESS_TOKEN"You can filter by type, status, startDate, and endDate.
Retrieve one transaction:
curl "https://issuing-stage.xmoney.com/v1/transactions/TRANSACTION_ID" \
-H "Authorization: Bearer CUSTOMER_ACCESS_TOKEN"curl "https://issuing-stage.xmoney.com/v1/transactions/3d-secure" \
-H "Authorization: Bearer CUSTOMER_ACCESS_TOKEN"curl -X PATCH "https://issuing-stage.xmoney.com/v1/transactions/3d-secure/TRANSACTION_AUTH_ID" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer CUSTOMER_ACCESS_TOKEN" \
-d '{
"authType": "pinCode",
"authStatus": "success"
}'authType identifies the customer authentication method. Possible values are pinCode, pattern, other, faceRecognition, and fingerprint.
authStatus is the result submitted by your app. Possible values are success, failed, canceled, and timeout.
Use webhooks to update backend state when transactions are created, settled, require 3D Secure, or complete 3D Secure. Your backend should deduplicate webhook events, verify the signature, and process updates asynchronously.