• Example searches: “transaction”, “CreateOrder”, “/v2/locations”, “inventory”, “delete customer”

You are viewing an old version of the API
Create payment

POST /v2/payments

Creates a payment using the provided source.

You can use this endpoint to charge a card (credit/debit card or
Square gift card) or record a payment that the seller received outside of Square (cash payment from a buyer or a payment that an external entity processed on behalf of the seller).

The endpoint creates a Payment object and returns it in the response.

Permissions
PAYMENTS_WRITE
Guide
Take Payments Try in API Explorer

Request Body

Example code
Name Description
source_id
string
Required

The ID for the source of funds for this payment. This can be a payment token (card nonce) generated by the Square payment form or a card on file made with the Customers API. If recording a payment that the seller received outside of Square, specify either "CASH" or "EXTERNAL". For more information, see Take Payments.

Min Length 1
idempotency_key
string
Required

A unique string that identifies this CreatePayment request. Keys can be any valid string but must be unique for every CreatePayment request.

Note: The number of allowed characters might be less than the stated maximum, if multi-byte characters are used.

For more information, see Idempotency.

Min Length 1 Max Length 45
amount_money
Money
Required

The amount of money to accept for this payment, not including tip_money.

The amount must be specified in the smallest denomination of the applicable currency (for example, US dollar amounts are specified in cents). For more information, see Working with Monetary Amounts.

The currency code must match the currency associated with the business that is accepting the payment.
tip_money
Money

The amount designated as a tip, in addition to amount_money.

The amount must be specified in the smallest denomination of the applicable currency (for example, US dollar amounts are specified in cents). For more information, see Working with Monetary Amounts.

The currency code must match the currency associated with the business that is accepting the payment.
app_fee_money
Money

The amount of money that the developer is taking as a fee for facilitating the payment on behalf of the seller.

The amount cannot be more than 90% of the total amount of the payment.

The amount must be specified in the smallest denomination of the applicable currency (for example, US dollar amounts are specified in cents). For more information, see Working with Monetary Amounts.

The fee currency code must match the currency associated with the seller that is accepting the payment. The application must be from a developer account in the same country and using the same currency code as the seller.

For more information about the application fee scenario, see Take Payments and Collect Fees.

To set this field, PAYMENTS_WRITE_ADDITIONAL_RECIPIENTS OAuth permission is required. For more information, see Permissions.
delay_duration
string

The duration of time after the payment's creation when Square automatically either completes or cancels the payment depending on the delay_action field value. For more information, see Time threshold.

This parameter should be specified as a time duration, in RFC 3339 format.

Note: This feature is only supported for card payments. This parameter can only be set for a delayed capture payment (autocomplete=false).

Default:

  • Card-present payments: "PT36H" (36 hours) from the creation time.
  • Card-not-present payments: "P7D" (7 days) from the creation time.

Example for 2 days, 12 hours, 30 minutes, and 15 seconds: P2DT12H30M15S
delay_action
string

The action to be applied to the payment when the delay_duration has elapsed. The action must be CANCEL or COMPLETE. For more information, see Time Threshold.

Default: CANCEL
autocomplete
boolean

If set to true, this payment will be completed when possible. If set to false, this payment is held in an approved state until either explicitly completed (captured) or canceled (voided). For more information, see Delayed capture.

Default: true
order_id
string

Associates a previously created order with this payment.
customer_id
string

The Customer ID of the customer associated with the payment.

This is required if the source_id refers to a card on file created using the Customers API.
location_id
string

The location ID to associate with the payment. If not specified, the default location is used.
team_member_id
string

An optional TeamMember ID to associate with this payment.
reference_id
string

A user-defined ID to associate with the payment.

You can use this field to associate the payment to an entity in an external system (for example, you might specify an order ID that is generated by a third-party shopping cart).

Max Length 40
verification_token
string

An identifying token generated by payments.verifyBuyer(). Verification tokens encapsulate customer device information and 3-D Secure challenge results to indicate that Square has verified the buyer identity.

For more information, see SCA Overview.
accept_partial_authorization
boolean

If set to true and charging a Square Gift Card, a payment might be returned with amount_money equal to less than what was requested. For example, a request for $20 when charging a Square Gift Card with a balance of $5 results in an APPROVED payment of $5. You might choose to prompt the buyer for an additional payment to cover the remainder or cancel the Gift Card payment. This field cannot be true when autocomplete = true.

For more information, see Partial amount with Square Gift Cards.

Default: false
buyer_email_address
string

The buyer's email address.

Max Length 255
billing_address
Address

The buyer's billing address.
shipping_address
Address

The buyer's shipping address.
note
string

An optional note to be entered by the developer when creating a payment.

Max Length 500
statement_description_identifier
string

Optional additional payment information to include on the customer's card statement as part of the statement description. This can be, for example, an invoice number, ticket number, or short description that uniquely identifies the purchase.

Note that the statement_description_identifier might get truncated on the statement description to fit the required information including the Square identifier (SQ *) and name of the seller taking the payment.

Max Length 20
cash_details
CashPaymentDetails

Additional details required when recording a cash payment (source_id is CASH).
external_details
ExternalPaymentDetails

Additional details required when recording an external payment (source_id is EXTERNAL).

Response Fields
Name Description
errors
Error [ ]

Information about errors encountered during the request.
payment
Payment

The newly created payment.

Examples

You are viewing an old version of the API
POST /v2/payments
cURL
  • cURL
  • Ruby
  • Python
  • C#
  • Java
  • PHP
  • Node.js 
curl https://connect.squareup.com/v2/payments \
  -X POST \
  -H 'Square-Version: 2022-06-16' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "idempotency_key": "7b0f3ec5-086a-4871-8f13-3c81b3875218",
    "amount_money": {
      "amount": 1000,
      "currency": "USD"
    },
    "source_id": "ccof:GaJGNaZa8x4OgDJn4GB",
    "autocomplete": true,
    "customer_id": "W92WH6P11H4Z77CTET0RNTGFW8",
    "location_id": "L88917AVBK2S5",
    "reference_id": "123456",
    "note": "Brief description",
    "app_fee_money": {
      "amount": 10,
      "currency": "USD"
    }
  }'
Response JSON 
{
  "payment": {
    "id": "R2B3Z8WMVt3EAmzYWLZvz7Y69EbZY",
    "created_at": "2021-10-13T21:14:29.577Z",
    "updated_at": "2021-10-13T21:14:30.504Z",
    "amount_money": {
      "amount": 1000,
      "currency": "USD"
    },
    "app_fee_money": {
      "amount": 10,
      "currency": "USD"
    },
    "status": "COMPLETED",
    "delay_duration": "PT168H",
    "source_type": "CARD",
    "card_details": {
      "status": "CAPTURED",
      "card": {
        "card_brand": "VISA",
        "last_4": "1111",
        "exp_month": 11,
        "exp_year": 2022,
        "fingerprint": "sq-1-Hxim77tbdcbGejOejnoAklBVJed2YFLTmirfl8Q5XZzObTc8qY_U8RkwzoNL8dCEcQ",
        "card_type": "DEBIT",
        "prepaid_type": "NOT_PREPAID",
        "bin": "411111"
      },
      "entry_method": "ON_FILE",
      "cvv_status": "CVV_ACCEPTED",
      "avs_status": "AVS_ACCEPTED",
      "auth_result_code": "vNEn2f",
      "statement_description": "SQ *EXAMPLE TEST GOSQ.C",
      "card_payment_timeline": {
        "authorized_at": "2021-10-13T21:14:29.732Z",
        "captured_at": "2021-10-13T21:14:30.504Z"
      }
    },
    "location_id": "L88917AVBK2S5",
    "order_id": "pRsjRTgFWATl7so6DxdKBJa7ssbZY",
    "reference_id": "123456",
    "risk_evaluation": {
      "created_at": "2021-10-13T21:14:30.423Z",
      "risk_level": "NORMAL"
    },
    "note": "Brief Description",
    "customer_id": "W92WH6P11H4Z77CTET0RNTGFW8",
    "total_money": {
      "amount": 1000,
      "currency": "USD"
    },
    "approved_money": {
      "amount": 1000,
      "currency": "USD"
    },
    "receipt_number": "R2B3",
    "receipt_url": "https://squareup.com/receipt/preview/EXAMPLE_RECEIPT_ID",
    "delay_action": "CANCEL",
    "delayed_until": "2021-10-20T21:14:29.577Z",
    "application_details": {
      "square_product": "ECOMMERCE_API",
      "application_id": "sq0ids-TcgftTEtKxJTRF1lCFJ9TA"
    },
    "version_token": "TPtNEOBOa6Qq6E3C3IjckSVOM6b3hMbfhjvTxHBQUsB6o"
  }
}

Error Descriptions
400 Bad request ADDRESS_VERIFICATION_FAILURE

The card issuer declined the request because the postal code is invalid.

 >
400 Bad request CARDHOLDER_INSUFFICIENT_PERMISSIONS

The card issuer has declined the transaction due to restrictions on where the card can be used. For example, a gift card is limited to a single merchant.

 >
400 Bad request CARD_EXPIRED

The card issuer declined the request because the card is expired.

 >
400 Bad request CARD_NOT_SUPPORTED

The card is not supported either in the geographic region or by the merchant category code (MCC).

 >
400 Bad request CARD_TOKEN_EXPIRED

The provided card token (nonce) has expired.

 >
400 Bad request CARD_TOKEN_USED

The provided card token (nonce) was already used to process payment.

 >
400 Bad request CVV_FAILURE

The card issuer declined the request because the CVV value is invalid.

 >
400 Bad request EXPIRATION_FAILURE

The card expiration date is either invalid or indicates that the card is expired.

 >
400 Bad request GENERIC_DECLINE

Square received a decline without any additional information. If the payment information seems correct, the buyer can contact their issuer to ask for more information.

 >
400 Bad request GIFT_CARD_AVAILABLE_AMOUNT

When a Gift Card is a payment source, you can allow taking a partial payment by adding the accept_partial_authorization parameter in the request. However, taking such a partial payment does not work if your request also includes tip_money, app_fee_money, or both. Square declines such payments and returns the GIFT_CARD_AVAILABLE_AMOUNT error. For more information, see CreatePayment errors (additional information).

 >
400 Bad request INSUFFICIENT_FUNDS

The funding source has insufficient funds to cover the payment.

 >
400 Bad request INSUFFICIENT_PERMISSIONS

The Square account does not have the permissions to accept this payment. For example, Square may limit which merchants are allowed to receive gift card payments.

 >
400 Bad request INVALID_ACCOUNT

The issuer was not able to locate the account on record.

 >
400 Bad request INVALID_CARD

The credit card cannot be validated based on the provided details.

 >
400 Bad request INVALID_CARD_DATA

Generic error - the provided card data is invalid.

 >
400 Bad request INVALID_EMAIL_ADDRESS

The provided email address is invalid.

 >
400 Bad request INVALID_EXPIRATION

The expiration date for the payment card is invalid. For example, it indicates a date in the past.

 >
400 Bad request INVALID_FEES

The app_fee_money on a payment is too high.

 >
400 Bad request INVALID_LOCATION

The Square account cannot take payments in the specified region. A Square account can take payments only from the region where the account was created.

 >
400 Bad request INVALID_PIN

The card issuer declined the request because the PIN is invalid.

 >
400 Bad request INVALID_POSTAL_CODE

The postal code is incorrectly formatted.

 >
400 Bad request MANUALLY_ENTERED_PAYMENT_NOT_SUPPORTED

The card must be swiped, tapped, or dipped. Payments attempted by manually entering the card number are declined.

 >
400 Bad request PAN_FAILURE

The specified card number is invalid. For example, it is of incorrect length or is incorrectly formatted.

 >
400 Bad request PAYMENT_LIMIT_EXCEEDED

Square declined the request because the payment amount exceeded the processing limit for this merchant.

 >
400 Bad request TRANSACTION_LIMIT

The card issuer has determined the payment amount is either too high or too low. The API returns the error code mostly for credit cards (for example, the card reached the credit limit). However, sometimes the issuer bank can indicate the error for debit or prepaid cards (for example, card has insufficient funds).

 >
400 Bad request VOICE_FAILURE

The card issuer declined the request because the issuer requires voice authorization from the cardholder.

 >
402 Payment required ALLOWABLE_PIN_TRIES_EXCEEDED

The card has exhausted its available pin entry retries set by the card issuer. Resolving the error typically requires the card holder to contact the card issuer.

 >
402 Payment required BAD_EXPIRATION

The card expiration date is either missing or incorrectly formatted.

 >
402 Payment required CARD_DECLINED_VERIFICATION_REQUIRED

The payment card was declined with a request for additional verification.

 >
402 Payment required CHIP_INSERTION_REQUIRED

The card issuer requires that the card be read using a chip reader.

 >
403 Forbidden CARD_PROCESSING_NOT_ENABLED

The location provided in the API call is not enabled for credit card processing.

 >
503 Service unavailable TEMPORARY_ERROR

A temporary internal error occurred. You can safely retry your call using the same idempotency key.

 >
400 Bad request 
{
  "errors": [
    {
      "code": "ADDRESS_VERIFICATION_FAILURE",
      "category": "PAYMENT_METHOD_ERROR"
    }
  ]
}