Moneybag

API Reference

Welcome to the Moneybag API documentation. Our RESTful API provides a simple and secure way to integrate payment processing into your application

Base URLs

All API requests should be made to one of the following base URLs:

  • Sandbox Environment: https://sandbox.api.moneybag.com.bd/api/v2
  • Production Environment: https://api.moneybag.com.bd/api/v2

Start with Sandbox

Always test your integration in the sandbox environment before going live. The sandbox simulates the payment flow for safe testing.

Authentication

All API requests require authentication using your merchant API key:

X-Merchant-API-Key: your_api_key_here

Learn more about Authentication

Available Endpoints

Checkout API

Create payment sessions and generate checkout URLs for customers

POST/payments/checkout

View Documentation →

Verify API

Check payment status and verify transaction details

GET/payments/verify/{id}

View Documentation →

Webhooks

Receive real-time notifications for payment events

POSTYour webhook URL

View Documentation →

API Playground

Test our API endpoints interactively with real responses:

Open API Playground

The playground allows you to:

  • Test endpoints with your sandbox credentials
  • See real-time request and response data
  • Export code snippets in multiple languages
  • Debug integration issues quickly

Request & Response Format

Request Headers

All API requests should include these headers:

X-Merchant-API-Key: your_api_key
Content-Type: application/json
Accept: application/json

Response Format

All responses follow a consistent JSON structure:

Success Response

{
  "success": true,
  "message": "Operation completed successfully",
  "data": {
    // Response data specific to the endpoint
  }
}

Error Response

{
  "success": false,
  "error": {
    "code": "ERROR_CODE",
    "message": "Human-readable error message",
    "field": "field_name" // Optional, for validation errors
  }
}

HTTP Status Codes

Status CodeDescription
200Success - Request completed successfully
201Created - Resource created successfully
400Bad Request - Invalid request parameters
401Unauthorized - Invalid or missing API key
403Forbidden - Access denied
404Not Found - Resource not found
422Unprocessable Entity - Validation errors
429Too Many Requests - Rate limit exceeded
500Internal Server Error - Server error
503Service Unavailable - Temporary unavailability

Security Best Practices

API Key Security

  • Store keys in environment variables
  • Never expose keys in client-side code
  • Rotate keys regularly
  • Use different keys for different environments

Data Protection

  • Always use HTTPS
  • Implement webhook signature verification
  • Validate all input data
  • Log security events

PCI Compliance

  • Never store card details
  • Use tokenization when possible
  • Follow PCI DSS guidelines
  • Regular security audits

Support Resources

📚 Documentation

Comprehensive guides
Get Started →

🔧 Troubleshooting

Common issues & solutions
View Guide →

📧 Support

Get help from our team
Contact Us →

Next Steps

Ready to start integrating? Here's what to do:

  1. Create a Sandbox Account
  2. Get Your API Keys
  3. Make Your First API Call
  4. Test Your Integration
  5. Go Live with Production

Getting Started

Start accepting payments with Moneybag in minutes. Follow these simple steps to get started

Checkout API

The Checkout endpoint initiates a payment session for a customer order and returns a checkout URL where the customer can complete the payment