Forward

Forward an API request

Beta

Forwards an API request to a third-party endpoint.

For example, you can forward payment credentials you've stored in our Vault to a third-party payment processor.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Request

Request Body schema: application/json
required

required	object (ForwardRequestSource) The payment source to enrich the forward request with. You can provide placeholder values in `destination_request.body`. The request will be enriched with the respective payment credentials from the token or payment instrument you specified. For example, `{{card_number}}`.
required	object The parameters of the forward request.
reference	string <= 80 characters The unique reference for the forward request.
processing_channel_id	string^(pc)_(\w{26})$ The processing channel ID to associate the billing for the forward request with.
	object (ForwardRequestNetworkToken) Specifies if and how a network token should be used in the forward request.

Responses

200

The request was successfully forwarded.

401

Unauthorized

422

Invalid data was sent.

500

Internal Error

post/forward

Request samples

Payload
curl
Java
C#
Python

application/json

{"source": {"id": "src_v5rgkf3gdtpuzjqesyxmyodnya",
"type": "id"
},
"reference": "ORD-5023-4E89",
"processing_channel_id": "pc_azsiyswl7bwe2ynjzujy7lcjca",
"network_token": {"enabled": true,
"request_cryptogram": false
},
"destination_request": {"url": "https://example.com/payments",
"method": "POST",
"headers": {"encrypted": "<JWE encrypted JSON object with string values>",
"raw": {"Idempotency-Key": "xe4fad12367dfgrds",
"Content-Type": "application/json"
}
},
"body": "{\"amount\": 1000, \"currency\": \"USD\", \"reference\": \"some_reference\", \"source\": {\"type\": \"card\", \"number\": \"{{card_number}}\", \"expiry_month\": \"{{card_expiry_month}}\", \"expiry_year\": \"{{card_expiry_year_yyyy}}\", \"card_pin\": \"{{card_pin}}\", \"name\": \"Ali Farid\"}, \"payment_type\": \"Regular\", \"authorization_type\": \"Final\", \"capture\": true, \"processing_channel_id\": \"pc_xxxxxxxxxxx\", \"risk\": {\"enabled\": false}, \"merchant_initiated\": true}",
"signature": {"type": "dlocal",
"dlocal_parameters": {"secret_key": "9f439fe1a9f96e67b047d3c1a28c33a2e"
}
},
"variables": [{"name": "card_data",
"value": "{\"card_number\":\"{{card_number}}\",\"expiry\":\"{{card_expiry_month}}\"}"
},
{"name": "public_key",
"value": "{\"kty\":\"RSA\",\"e\":\"AQAB\",\"use\":\"enc\",\"kid\":\"key-001\"}"
}
],
"query": [{"name": "api_key",
"value": "1234567890"
},
{"name": "user_id",
"value": "1234567890"
}
]
}
}

Response samples

application/json

{"request_id": "fwd_01HK153X00VZ1K15Z3HYC0QGPN",
"destination_response": {"status": 201,
"headers": {"Cko-Request-Id": ["5fa7ee8c-f82d-4440-a6dc-e8c859b03235"
],
"Content-Type": ["application/json"
]
},
"body": "{\"id\": \"pay_mbabizu24mvu3mela5njyhpit4\", \"action_id\": \"act_mbabizu24mvu3mela5njyhpit4\", \"amount\": 6540, \"currency\": \"USD\", \"approved\": true, \"status\": \"Authorized\", \"auth_code\": \"770687\", \"response_code\": \"10000\", \"response_summary\": \"Approved\", \"_links\": {\"self\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4\"}, \"action\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/actions\"}, \"void\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/voids\"}, \"capture\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/captures\"}}}"
},
"source": {"id": "src_evls5rkafabudm3x6gejc4bbo4",
"bin": "45434748",
"last4": "9996",
"fingerprint": "B086A9386241A0BDCBEFAFC1E4FD5C3DD04684AAD21A126CB426C05555AC86A9"
}
}

Get forward request

Retrieve the details of a successfully forwarded API request.

The details can be retrieved for up to 14 days after the request was initiated.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Request

path Parameters

required

string^fwd_[A-Z0-9]{26}$

The unique identifier of the forward request.

Responses

200

Forward request retrieved successfully

401

Unauthorized

404

Forward request not found

500

Internal Server Error

get/forward/{id}

Request samples

curl
Java
C#
Python

Response samples

application/json

{"request_id": "fwd_01HK153X00VZ1K15Z3HYC0QGPN",
"reference": "ORD-5023-4E89",
"entity_id": "ent_lp6h57qskk6ubewfk3pq4f2c2y",
"destination_request": {"url": "https://example.com/payments",
"method": "POST",
"headers": {"Authorization": "***redacted***",
"Idempotency-Key": "xe4fad12367dfgrds",
"Content-Type": "application/json"
},
"body": "{\"amount\": 1000, \"currency\": \"USD\", \"reference\": \"some_reference\", \"source\": {\"type\": \"card\", \"number\": \"{{card_number}}\", \"expiry_month\": \"{{card_expiry_month}}\", \"expiry_year\": \"{{card_expiry_year_yyyy}}\", \"card_pin\": \"{{card_pin}}\", \"name\": \"Ali Farid\"}, \"payment_type\": \"Regular\", \"authorization_type\": \"Final\", \"capture\": true, \"processing_channel_id\": \"pc_xxxxxxxxxxx\", \"risk\": {\"enabled\": false}, \"merchant_initiated\": true}"
},
"destination_response": {"status": 201,
"headers": {"Cko-Request-Id": ["5fa7ee8c-f82d-4440-a6dc-e8c859b03235"
],
"Content-Type": ["application/json"
]
},
"body": "{\"id\": \"pay_mbabizu24mvu3mela5njyhpit4\", \"action_id\": \"act_mbabizu24mvu3mela5njyhpit4\", \"amount\": 6540, \"currency\": \"USD\", \"approved\": true, \"status\": \"Authorized\", \"auth_code\": \"770687\", \"response_code\": \"10000\", \"response_summary\": \"Approved\", \"_links\": {\"self\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4\"}, \"action\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/actions\"}, \"void\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/voids\"}, \"capture\": {\"href\": \"https://{prefix}.api.sandbox.checkout.com/payments/pay_mbabizu24mvu3mela5njyhpit4/captures\"}}}"
},
"created_on": "2024-01-02T15:04:05+00:00"
}

Create secret

Create a new secret with a plaintext value.

Validation Rules:

name: 1-64 characters, alphanumeric + underscore
value: max 8KB
entity_id (optional): when provided, secret is scoped to this entity

Response: Returns metadata.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Request

Request Body schema: application/json
required

name required	string [ 1 .. 64 ] characters ^[a-zA-Z0-9_]{1,64}$ Secret name. Format – 1-64 characters. Alphanumeric and underscore.
value required	string <= 8192 characters Plaintext secret value. Max 8KB.
entity_id	string Optional.When provided, the secret is scoped to this entity

Responses

201

Secret created successfully.

401

Unauthorized

409

Conflict - secret with this name already exists

422

Invalid data was sent

500

Internal Error

post/forward/secrets

Request samples

Payload
curl
Java
C#
Python

application/json

{"name": "secret_name",
"value": "plaintext",
"entity_id": "ent_12345"
}

Response samples

application/json

{"name": "secret_name",
"created_at": "2025-10-14T00:00:00Z",
"updated_at": "2025-10-14T00:00:00Z",
"version": 1,
"entity_id": "ent_123"
}

List secrets

Returns metadata for secrets scoped for client_id.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Responses

200

List of secrets

401

Unauthorized

500

Internal Error

get/forward/secrets

Request samples

curl
Java
C#
Python

Response samples

application/json

{"data": [{"name": "secret_name_1",
"created_at": "2025-10-14T00:00:00Z",
"updated_at": "2025-10-14T00:00:00Z",
"version": 1,
"entity_id": "ent_123"
},
{"name": "secret_name_2",
"created_at": "2025-10-14T01:00:00Z",
"updated_at": "2025-10-14T01:00:00Z",
"version": 2,
"entity_id": "ent_456"
},
{"name": "secret_name_3",
"created_at": "2025-10-14T02:00:00Z",
"updated_at": "2025-10-14T02:00:00Z",
"version": 3,
"entity_id": "ent_789"
}
]
}

Update secret

Update an existing secret. After updating, the version is automatically incremented.

Validation Rules:

Only value and entity_id can be updated
value: max 8KB

Response: Returns updated metadata with incremented version.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Request

path Parameters

name

required

string^[a-zA-Z0-9_]{1,64}$

Secret name.

Request Body schema: application/json
required

entity_id	string Update the entity scope.
value	string <= 8192 characters New plaintext secret value. Max 8KB.

Responses

200

Secret updated successfully

401

Unauthorized

404

Secret not found

422

Invalid data was sent

500

Internal Error

patch/forward/secrets/{name}

Request samples

Payload
curl
Java
C#
Python

application/json

{"entity_id": "ent_1234",
"value": "NEW_VALUE_1"
}

Response samples

application/json

{"name": "secret_name_1",
"created_at": "2025-10-14T00:00:00Z",
"updated_at": "2025-10-14T12:00:00Z",
"version": 2,
"entity_id": "ent_123"
}

Delete secret

Permanently delete a secret by name.

SecurityOAuth2: OAuth or API Key: ApiSecretKey

Request

path Parameters

name

required

string^[a-zA-Z0-9_]{1,64}$

Secret name.

Responses

204

Secret deleted successfully

401

Unauthorized

404

Secret not found

500

Internal Error

delete/forward/secrets/{name}

Request samples

curl
Java
C#
Python

➔ Next to Standalone

Forward

Forward an API request

Request Body schema: application/jsonrequired

Get forward request

path Parameters

Create secret

Request Body schema: application/jsonrequired

List secrets

Update secret

path Parameters

Request Body schema: application/jsonrequired

Delete secret

path Parameters

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required