verified API catalog

Public integration docs

Quickstart

Start by getting a PayCore API key, choose Direct Gateway or All-in-One payment project, then call the create payment API. Use the search box above to find gateways, methods, fields or endpoints.

1. API authenticationX-API-KEY

2. gateway_credentialsGateway-specific merchant credentials

3. Create paymentPOST /api/paycore/pay/{gateway}/{method}

X-API-KEY

API authentication

PayCore APIs authenticate callers with the X-API-KEY header. Gateway merchant credentials are sent in gateway_credentials in the request body.

Direct / All-in-One

Integration modes

Direct Gateway lets merchants pass gateway credentials directly. All-in-One projects use a PayCore project API key to manage payment pages and methods centrally.

Webhook

Webhook concept

Gateway callbacks update PayCore payment status first. If payok_url is provided, PayCore notifies the merchant system after payment succeeds. Payment pages also poll status in the background to reduce manual refreshes.

COMMON

Common APIs

Shared query, sync and overview APIs.

Merchant APIs

Production ready

Query payment

Query payment status and payment info by payment_no.

GET /api/paycore/payments/{paymentNo}

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`X-API-KEY`	header	Required	`string`	PayCore API key.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`paymentNo`	path	Required	`string`	PayCore payment_no.	`PAY202606220001ABCDEFGH`

Request / Response examples

cURL

curl -X GET "https://api-core.cc/api/paycore/payments/{paymentNo}" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY"

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->get('https://api-core.cc/api/paycore/payments/{paymentNo}');

return $response->json();

Success response highlights

payment transaction data

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`smilepay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Payment status.	`pending\|paid\|failed\|expired`
`data.payment_url`	`string\|null`	PayCore payment page URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	Gateway payment instructions or frontend payment data.	`{...}`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "smilepay",
        "method": "atm",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "bank_code": "809",
            "bank_name": "凱基銀行",
            "virtual_account": "8011773423689453",
            "expire_at": "2026-06-28 23:59:59"
        }
    },
    "message": "Payment found"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PAYMENT_NOT_FOUND

Production ready

Sync payment status

For supported gateways, query third-party status and update PayCore.

POST /api/paycore/payments/{paymentNo}/sync

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`paymentNo`	path	Required	`string`	PayCore payment_no.	`PAY202606220001ABCDEFGH`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/payments/{paymentNo}/sync" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{}'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/payments/{paymentNo}/sync', []);

return $response->json();

Success response highlights

PaymentSyncResult + transaction data

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`smilepay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Payment status.	`pending\|paid\|failed\|expired`
`data.payment_url`	`string\|null`	PayCore payment page URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	Gateway payment instructions or frontend payment data.	`{...}`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "smilepay",
        "method": "atm",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "bank_code": "809",
            "bank_name": "凱基銀行",
            "virtual_account": "8011773423689453",
            "expire_at": "2026-06-28 23:59:59"
        }
    },
    "message": "Payment synced"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

gateway_sync_not_supported
PAYMENT_NOT_FOUND

Production ready

Home overview

Safe stats for PayCore public home; supports browser timezone for today calculation.

GET /api/paycore/home/overview

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`X-PayCore-Timezone`	header	Optional	`IANA timezone`	Browser timezone, for example Asia/Taipei.	`Asia/Taipei`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`timezone`	query	Optional	`IANA timezone`	Timezone query parameter.	`Asia/Taipei`

Request / Response examples

cURL

curl -X GET "https://api-core.cc/api/paycore/home/overview" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY"

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->get('https://api-core.cc/api/paycore/home/overview');

return $response->json();

Success response highlights

today_amount
month_amount
recent_transactions

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "home",
        "method": "overview",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

No gateway-specific error is listed for this API. Generic validation errors may still be returned.

ECPAY

ECPay

Supports ECPay AIO redirect payments and ATM / CVS / BARCODE background code generation.

Merchant APIs

Production ready

Create ECPay AIO payment

Create an ECPay AIO redirect payment. It defaults to ChoosePayment=ALL, and the payer chooses an available method on the ECPay page.

POST /api/paycore/pay/ecpay/aio

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/aio" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/aio', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
merchant_order_no
gateway=ecpay
method=all
status=pending
payment_url
redirect_form

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "aio",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
INVALID_ARGUMENT
Payment gateway error

AIO code generation remains pending and does not mean the payment is paid.

Production ready

Create ECPay AIO credit card payment

Create an ECPay AIO credit-card redirect payment with ChoosePayment=Credit.

POST /api/paycore/pay/ecpay/aio/credit

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/aio/credit" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/aio/credit', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
merchant_order_no
gateway=ecpay
method=credit
status=pending
payment_url
redirect_form

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "aio",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
INVALID_ARGUMENT
Payment gateway error

ECPay AIO payments currently accept TWD only.

Production ready

Create ECPay AIO ATM payment

Create an ECPay AIO ATM redirect payment. After ECPay generates the code, PayCore stores the bank code, virtual account and expiry.

POST /api/paycore/pay/ecpay/aio/atm

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/aio/atm" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/aio/atm', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
merchant_order_no
gateway=ecpay
method=atm
status=pending
payment_url
redirect_form

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "aio",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
ECPAY amount mismatch

AIO ATM first redirects to ECPay; after return, the token payment page displays the generated payment instructions.

Production ready

Create ECPay AIO CVS code payment

Create an ECPay AIO CVS redirect payment. After ECPay generates the code, PayCore displays the CVS code and expiry.

POST /api/paycore/pay/ecpay/aio/cvs

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/aio/cvs" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/aio/cvs', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
merchant_order_no
gateway=ecpay
method=cvs
status=pending
payment_url
redirect_form

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "aio",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ECPAY amount mismatch

The payment page provides an ECPay CVS payment guide link.

Production ready

Create ECPay AIO barcode payment

Create an ECPay AIO barcode redirect payment. After ECPay generates the barcode, PayCore displays the three barcode lines and expiry.

POST /api/paycore/pay/ecpay/aio/barcode

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/aio/barcode" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/aio/barcode', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
merchant_order_no
gateway=ecpay
method=barcode
status=pending
payment_url
redirect_form

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`barcode`
`data.payment_url`	`string\|null`	PayCore barcode payment page URL. The payer opens it at the store to scan the three barcode lines.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_user_copy_url`	`string`	Recommended payment page URL to copy for the payer.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_segments_copyable`	`boolean`	Always false; Barcode1/2/3 are used to render scannable barcodes, not as primary copy targets.	`false`
`data.payment_info.*.barcode_intro_url`	`string\|null`	Gateway-specific official barcode payment intro URL. ECPay shows ECPay; SmilePay shows SmilePay.	`https://...`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "barcode",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "ecpay": {
                "selected_payment_method": "barcode",
                "barcode1": "150630A1F",
                "barcode2": "6763618191673429",
                "barcode3": "00000980000000000000",
                "barcode_user_copy_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
                "barcode_segments_copyable": false,
                "barcode_user_action": "copy_payment_page_url_and_scan_rendered_barcodes",
                "barcode_intro_url": "https://www.ecpay.com.tw/introcvs",
                "expire_at": "2026-06-28 23:59:59"
            }
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ECPAY amount mismatch

For Taiwan barcode payments, copy the payment page URL and scan the three rendered barcodes at the store. The payment page only shows ECPay barcode help links.

Production ready

Create ECPay ATM background code

PayCore calls ECPay GenPaymentCode directly to obtain an ATM virtual account without redirecting to the ECPay payment page.

POST /api/paycore/pay/ecpay/atm

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/atm" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/atm', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
bank_code
virtual_account
expire_at
payment_url
status=pending

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "bg",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
ECPAY_BACKGROUND_CODE_FAILED

Successful background code generation only means payment instructions were generated, not that the payment is paid.

Production ready

Create ECPay CVS background code

PayCore calls ECPay GenPaymentCode directly to obtain a CVS code without redirecting to the ECPay payment page.

POST /api/paycore/pay/ecpay/cvs

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/cvs" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/cvs', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_code
payment_code_url
expire_at
payment_url
status=pending

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "bg",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
ECPAY_BACKGROUND_CODE_FAILED

The payment page provides an ECPay CVS payment guide link.

Production ready

Create ECPay barcode background code

PayCore calls ECPay GenPaymentCode directly to obtain three barcode lines without redirecting to the ECPay payment page.

POST /api/paycore/pay/ecpay/barcode

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`merchant_id`	gateway_credentials	Required	`string`	ECPay merchant ID. MerchantID is also accepted.	`2000132`
`hash_key`	gateway_credentials	Required	`string`	ECPay HashKey.	`5294y06JbISpM5x9`
`hash_iv`	gateway_credentials	Required	`string`	ECPay HashIV.	`v77hoKGq4kWxNNIS`
`environment`	gateway_credentials	Optional	`stage\|production`	Environment. Accepts stage/staging/test/testing or production/prod.	`stage`
`platform_id`	gateway_credentials	Optional	`string`	Optional ECPay PlatformID.

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/ecpay/barcode" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "merchant_id": "YOUR_ECPAY_MERCHANT_ID",
      "hash_key": "YOUR_HASH_KEY",
      "hash_iv": "YOUR_HASH_IV",
      "environment": "stage"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/ecpay/barcode', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
barcode1
barcode2
barcode3
expire_at
payment_url
status=pending

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`barcode`
`data.payment_url`	`string\|null`	PayCore barcode payment page URL. The payer opens it at the store to scan the three barcode lines.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_user_copy_url`	`string`	Recommended payment page URL to copy for the payer.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_segments_copyable`	`boolean`	Always false; Barcode1/2/3 are used to render scannable barcodes, not as primary copy targets.	`false`
`data.payment_info.*.barcode_intro_url`	`string\|null`	Gateway-specific official barcode payment intro URL. ECPay shows ECPay; SmilePay shows SmilePay.	`https://...`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "ecpay",
        "method": "barcode",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "ecpay": {
                "selected_payment_method": "barcode",
                "barcode1": "150630A1F",
                "barcode2": "6763618191673429",
                "barcode3": "00000980000000000000",
                "barcode_user_copy_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
                "barcode_segments_copyable": false,
                "barcode_user_action": "copy_payment_page_url_and_scan_rendered_barcodes",
                "barcode_intro_url": "https://www.ecpay.com.tw/introcvs",
                "expire_at": "2026-06-28 23:59:59"
            }
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPAY_CREDENTIAL_INVALID
ORDER_CONFLICT
ECPAY_BACKGROUND_CODE_FAILED

For Taiwan barcode payments, copy the payment page URL instead of raw Barcode1/2/3 strings. The payment page only shows ECPay barcode help links.

Webhooks / Returns

Production ready

ECPay ReturnURL / PaymentInfoURL / background notification receiver

Used by ECPay callbacks. Merchants should not call it manually. Supports AIO PaymentInfoURL and background-code payment result notifications; encrypted Data in background JSON callbacks is parsed automatically.

POST /api/paycore/webhooks/ecpay

Parameters

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`MerchantID`	body	Optional	`string`	ECPay merchant ID, used by AIO and background-code JSON callbacks.	`2000132`
`RqHeader`	body	Optional	`object`	Transport header in ECPay background-code JSON callbacks.	`{"Timestamp":1782144000}`
`Data`	body	Optional	`string`	AES encrypted data in ECPay background-code JSON callbacks. PayCore tolerates base64 + converted to spaces.	`encrypted-data`
`TransCode`	body	Optional	`integer`	Transport code for ECPay background-code JSON callbacks.	`1`
`MerchantTradeNo`	body	Optional	`string`	ECPay trade number, maps to gateway_order_no.	`PC202606220001`
`CustomField1`	body	Optional	`string`	PayCore payment_no.	`PAY202606220001ABCDEFGH`
`TradeAmt`	body	Optional	`integer`	Returned amount; PayCore compares it to transaction amount.	`980`
`RtnCode`	body	Optional	`string`	ECPay return code. Code generation success does not mean paid.	`2`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/webhooks/ecpay" \
  -H "Content-Type: application/json" \
  -d '{
    "event_type": "example.event",
    "resource": {
      "payment_no": "PAY202606220001ABCDEFGH"
    }
  }'

Success response highlights

1|OK

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "success": true,
    "message": "Webhook received"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

ECPay MerchantID mismatch.
ECPay amount mismatch.
ECPay CheckMacValue verification failed.
ECPay encrypted background callback transaction not found.

SMILEPAY

SmilePay

Supports ATM virtual accounts, CVS code payments and a dedicated barcode payment endpoint.

Merchant APIs

Production ready

Create SmilePay ATM virtual account

Create a SmilePay ATM payment. PayCore automatically uses the ATM payment parameters.

POST /api/paycore/pay/smilepay/atm

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`dcvc`	gateway_credentials	Required	`string`	SmilePay merchant code. Dcvc is also accepted.	`2109`
`rvg2c`	gateway_credentials	Required	`string`	SmilePay Rvg2c, usually 1.	`1`
`verify_key`	gateway_credentials	Required	`string`	SmilePay Verify_key.	`YOUR_VERIFY_KEY`
`validation_token`	gateway_credentials	Optional	`string`	Optional PayCore-side callback validation token.	`optional-token`
`default_cvs_type`	gateway_credentials	Optional	`ibon\|fami\|famiport\|barcode`	Default CVS type when cvs_type is omitted.	`ibon`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/smilepay/atm" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "dcvc": "YOUR_SMILEPAY_DCVC",
      "rvg2c": "1",
      "verify_key": "YOUR_VERIFY_KEY"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/smilepay/atm', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
SmilePayNO
AtmBankNo
AtmNo
PayEndDate
status

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "smilepay",
        "method": "atm",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

SMILEPAY_CREDENTIAL_INVALID
SmilePay amount mismatch.
SmilePay Dcvc mismatch.

Amount must match the original payment amount.

Production ready

Create SmilePay CVS code payment

Create a SmilePay CVS code payment. Use cvs_type to choose ibon, fami, famiport or family; Taiwan code payments expose a copyable payment code.

POST /api/paycore/pay/smilepay/cvs

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`
`cvs_type`	body	Optional	`ibon\|fami\|famiport\|family`	CVS code type. family is normalized to fami. Use /api/paycore/pay/smilepay/barcode for barcode payments.	`ibon`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`dcvc`	gateway_credentials	Required	`string`	SmilePay merchant code. Dcvc is also accepted.	`2109`
`rvg2c`	gateway_credentials	Required	`string`	SmilePay Rvg2c, usually 1.	`1`
`verify_key`	gateway_credentials	Required	`string`	SmilePay Verify_key.	`YOUR_VERIFY_KEY`
`validation_token`	gateway_credentials	Optional	`string`	Optional PayCore-side callback validation token.	`optional-token`
`default_cvs_type`	gateway_credentials	Optional	`ibon\|fami\|famiport\|barcode`	Default CVS type when cvs_type is omitted.	`ibon`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/smilepay/cvs" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "cvs_type": "ibon",
    "gateway_credentials": {
      "dcvc": "YOUR_SMILEPAY_DCVC",
      "rvg2c": "1",
      "verify_key": "YOUR_VERIFY_KEY"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/smilepay/cvs', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
SmilePayNO
payment_code
PayEndDate
status

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "smilepay",
        "method": "cvs",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

SMILEPAY_CREDENTIAL_INVALID
SmilePay amount mismatch.
SmilePay validation token mismatch.

SmilePay CVS-code help only shows SmilePay-specific guide links.

Production ready

Create SmilePay barcode payment

Create a SmilePay barcode payment. PayCore generates SmilePay barcode instructions and displays three scannable barcode lines on the payment page. For Taiwan barcode payments, copy the payment page URL instead of copying raw Barcode1/2/3 strings.

POST /api/paycore/pay/smilepay/barcode

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`dcvc`	gateway_credentials	Required	`string`	SmilePay merchant code. Dcvc is also accepted.	`2109`
`rvg2c`	gateway_credentials	Required	`string`	SmilePay Rvg2c, usually 1.	`1`
`verify_key`	gateway_credentials	Required	`string`	SmilePay Verify_key.	`YOUR_VERIFY_KEY`
`validation_token`	gateway_credentials	Optional	`string`	Optional PayCore-side callback validation token.	`optional-token`
`default_cvs_type`	gateway_credentials	Optional	`ibon\|fami\|famiport\|barcode`	Default CVS type when cvs_type is omitted.	`ibon`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/smilepay/barcode" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "dcvc": "YOUR_SMILEPAY_DCVC",
      "rvg2c": "1",
      "verify_key": "YOUR_VERIFY_KEY"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/smilepay/barcode', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
SmilePayNO
barcode1
barcode2
barcode3
barcode_user_copy_url
barcode_intro_url
PayEndDate
status

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.gateway`	`string`	Gateway code.	`smilepay`
`data.method`	`string`	Payment method.	`barcode`
`data.payment_url`	`string\|null`	PayCore barcode payment page URL. The payer opens it at the store to scan the three barcode lines.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_user_copy_url`	`string`	Recommended payment page URL to copy for the payer.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info.*.barcode_segments_copyable`	`boolean`	Always false; Barcode1/2/3 are used to render scannable barcodes, not as primary copy targets.	`false`
`data.payment_info.*.barcode_intro_url`	`string\|null`	Gateway-specific official barcode payment intro URL. ECPay shows ECPay; SmilePay shows SmilePay.	`https://...`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "smilepay",
        "method": "barcode",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "smilepay": {
                "selected_payment_method": "barcode",
                "barcode1": "150630A1F",
                "barcode2": "6763618191673429",
                "barcode3": "00000980000000000000",
                "barcode_user_copy_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
                "barcode_segments_copyable": false,
                "barcode_user_action": "copy_payment_page_url_and_scan_rendered_barcodes",
                "barcode_intro_url": "https://www.smilepay.net/es/index_gz_index.asp",
                "expire_at": "2026-06-28 23:59:59"
            }
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

SMILEPAY_CREDENTIAL_INVALID
SMILEPAY_BARCODE_SERVICE_NOT_ENABLED
SmilePay amount mismatch.
SmilePay validation token mismatch.

The payment page only shows SmilePay barcode help links, never ECPay help links.

If SmilePay returns Can not use this Pay_zg service(Store), PayCore returns 422 with SMILEPAY_BARCODE_SERVICE_NOT_ENABLED, does not issue a payment order, and does not return 502.

Webhooks / Returns

Production ready

SmilePay Roturl callback

Used by SmilePay payment notification. Data_id maps to merchant_order_no and SmilePayNO maps to gateway_trade_no.

POST /api/paycore/webhooks/smilepay

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Optional	`form/json`	SmilePay may send form payload; PayCore simulations may use JSON.	`application/x-www-form-urlencoded`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`Dcvc`	body	Required	`string`	Merchant code. PayCore compares it with stored credentials.	`2109`
`Data_id`	body	Required	`string`	Merchant order number, maps to merchant_order_no.	`ORDER202606220202111`
`SmilePayNO`	body	Optional	`string`	SmilePay transaction number. PayCore first matches it with gateway_trade_no.	`062223689453`
`Amount`	body	Required	`integer\|string`	Payment amount. Must match the original payment amount.	`980`
`Status`	body	Required	`string\|integer`	Status. Status=1 means succeeded.	`1`
`AtmBankNo`	body	Optional	`string`	ATM bank code.	`809`
`AtmNo`	body	Optional	`string`	ATM virtual account.	`8011773423689453`
`PayEndDate`	body	Optional	`datetime\|string`	Payment expiry datetime.	`2026/06/28 23:59:59`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/webhooks/smilepay" \
  -H "Content-Type: application/json" \
  -d '{
    "event_type": "example.event",
    "resource": {
      "payment_no": "PAY202606220001ABCDEFGH"
    }
  }'

Success response highlights

plain text acknowledgement

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`text/plain`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`OK`

Success response example

text/plain

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8

OK

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

SmilePay Dcvc mismatch.
SmilePay amount mismatch.
SmilePay validation token mismatch.

If SmilePay amount mismatch is returned, check paycore.log for SmilePay amount mismatch detail: expected_amount, received_amount, matched_by, payload_data_id and payload_smilepay_no.

PAYPAL

PayPal

Supports PayPal Checkout order creation, return capture and webhook.

Merchant APIs

Production ready

Create PayPal Checkout

Create a PayPal Order and receive approval_url. After approval, the payer returns to PayCore for capture.

POST /api/paycore/pay/paypal/checkout

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`client_id`	gateway_credentials	Required	`string`	PayPal REST API client_id.	`PAYPAL_CLIENT_ID`
`client_secret`	gateway_credentials	Required	`string`	PayPal REST API client_secret.	`PAYPAL_CLIENT_SECRET`
`environment`	gateway_credentials	Optional	`sandbox\|live\|production`	PayPal environment. production is normalized to live.	`sandbox`
`webhook_id`	gateway_credentials	Optional	`string`	PayPal webhook_id for webhook verification. Recommended for production.	`WH-xxxxxxxx`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/paypal/checkout" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "client_id": "PAYPAL_CLIENT_ID",
      "client_secret": "PAYPAL_CLIENT_SECRET",
      "webhook_id": "PAYPAL_WEBHOOK_ID",
      "environment": "sandbox"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/paypal/checkout', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url / approval_url
status
created

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "paypal",
        "method": "checkout",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PAYPAL_CLIENT_ID_REQUIRED
PAYPAL_CLIENT_SECRET_REQUIRED
PAYPAL_ENVIRONMENT_INVALID
PAYPAL_REQUEST_REJECTED

PayPal production usage usually requires a PayPal Business account.

Webhooks / Returns

Production ready

PayPal return capture

When the payer returns from PayPal, PayCore captures the order and shows a result page.

GET /{locale}/payment/paypal/return/{paymentNo}

Parameters

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`paymentNo`	path	Required	`string`	PayCore payment_no.	`PAY202606220001ABCDEFGH`
`token`	query	Optional	`string`	PayPal return token / order ID.	`PAYPAL_ORDER_ID`

Request / Response examples

cURL

curl -X GET "https://api-core.cc/{locale}/payment/paypal/return/{paymentNo}" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY"

Success response highlights

PayCore result page

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "type": "html",
    "description": "PayCore result page"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PayPal capture failed

Production ready

PayPal webhook

Receives PayPal webhook events and synchronizes payment status.

POST /api/paycore/webhooks/paypal

Parameters

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`event_type`	body	Required	`string`	PayPal webhook event type.	`CHECKOUT.ORDER.APPROVED`
`resource`	body	Required	`object`	PayPal webhook resource object.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`webhook_id`	gateway_credentials	Optional	`string`	Recommended in production for webhook verification.	`WH-xxxx`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/webhooks/paypal" \
  -H "Content-Type: application/json" \
  -d '{
    "event_type": "example.event",
    "resource": {
      "payment_no": "PAY202606220001ABCDEFGH"
    }
  }'

Success response highlights

JSON ack

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "success": true,
    "message": "Webhook received"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PAYPAL_WEBHOOK_VERIFY_FAILED

STRIPE

Stripe

Supports cards, Alipay, WeChat Pay and Southeast Asia local payment methods through Stripe PaymentIntents and Payment Element.

Merchant APIs

Production ready

Create Stripe card payment

Create a Stripe card payment. PayCore returns a hosted payment URL where the payer completes payment securely.

POST /api/paycore/pay/stripe/credit

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/credit" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/credit', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=card

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "credit",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_SECRET_KEY_INVALID
STRIPE_PUBLISHABLE_KEY_INVALID
STRIPE_AUTH_FAILED
STRIPE_PAYMENT_INTENT_CREATE_FAILED

Production ready

Create Stripe Alipay payment (China)

Create a Stripe Alipay payment. PayCore creates a PaymentIntent with payment_method_types[]=alipay.

POST /api/paycore/pay/stripe/alipay

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/alipay" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/alipay', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=alipay

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "alipay",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

Allowed currencies: CNY, AUD, CAD, EUR, GBP, HKD, JPY, MYR, NZD, SGD and USD. Stripe may still reject the request if Alipay is not available for the merchant account.

Production ready

Create Stripe WeChat Pay payment (China)

Create a Stripe WeChat Pay payment. The public API uses wechat-pay and maps it to Stripe enum wechat_pay internally.

POST /api/paycore/pay/stripe/wechat-pay

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/wechat-pay" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/wechat-pay', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=wechat_pay

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "wechat",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

Allowed currencies: CNY, AUD, CAD, EUR, GBP, HKD, JPY, SGD, USD, DKK, NOK, SEK and CHF. The merchant Stripe account must be eligible for WeChat Pay.

Production ready

Create Stripe GrabPay payment (Singapore / Malaysia)

Create a Stripe GrabPay payment. PayCore creates a PaymentIntent with payment_method_types[]=grabpay.

POST /api/paycore/pay/stripe/grabpay

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/grabpay" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/grabpay', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=grabpay

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "grabpay",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

Allowed currencies: SGD and MYR.

Production ready

Create Stripe PayNow payment (Singapore)

Create a Stripe PayNow payment. The payer sees a PayNow QR code on the payment page and scans it with a supported app.

POST /api/paycore/pay/stripe/paynow

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/paynow" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/paynow', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=paynow

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "paynow",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

PayNow currently requires SGD.

Production ready

Create Stripe PromptPay payment (Thailand)

Create a Stripe PromptPay payment. The payer sees a PromptPay QR code and scans it with a Thailand bank app.

POST /api/paycore/pay/stripe/promptpay

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/promptpay" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/promptpay', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=promptpay

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "promptpay",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

PromptPay currently requires THB.

Production ready

Create Stripe FPX payment (Malaysia)

Create a Stripe FPX payment. The payer is redirected from the PayCore payment page to FPX online banking and then returns.

POST /api/paycore/pay/stripe/fpx

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`secret_key`	gateway_credentials	Required	`string`	Stripe secret key. Must start with sk_test_ or sk_live_.	`sk_test_xxxxx`
`publishable_key`	gateway_credentials	Required	`string`	Stripe publishable key. Must start with pk_test_ or pk_live_.	`pk_test_xxxxx`
`webhook_secret`	gateway_credentials	Optional	`string`	Stripe webhook secret. If provided it must start with whsec_.	`whsec_xxxxx`
`callback_secret`	gateway_credentials	Optional	`string`	Optional PayCore callback secret.	`optional-secret`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/stripe/fpx" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "secret_key": "sk_test_xxxxx",
      "publishable_key": "pk_test_xxxxx",
      "webhook_secret": "whsec_xxxxx"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/stripe/fpx', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
status
payment_info.stripe_payment_method=fpx

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "stripe",
        "method": "fpx",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_PAYMENT_METHOD_CURRENCY_UNSUPPORTED
STRIPE_PAYMENT_INTENT_CREATE_FAILED
STRIPE_AUTH_FAILED

FPX currently requires MYR. Stripe may also require the merchant to provide a Business Registration Number.

Webhooks / Returns

Production ready

Stripe webhook

Receives Stripe webhook events and synchronizes PaymentIntent status.

POST /api/paycore/webhooks/stripe

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Stripe-Signature`	header	Optional	`string`	Stripe webhook signature header.	`t=...,v1=...`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`type`	body	Required	`string`	Stripe event type.	`payment_intent.succeeded`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`webhook_secret`	gateway_credentials	Optional	`string`	If provided, used to verify Stripe webhook.	`whsec_xxxxx`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/webhooks/stripe" \
  -H "Content-Type: application/json" \
  -d '{
    "event_type": "example.event",
    "resource": {
      "payment_no": "PAY202606220001ABCDEFGH"
    }
  }'

Success response highlights

JSON ack

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "success": true,
    "message": "Webhook received"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

STRIPE_WEBHOOK_SIGNATURE_INVALID

PLUS

Current code supports PLUS ATM payment, balance action, return and webhook.

Merchant APIs

Production ready

Create PLUS ATM payment

Create a PLUS ATM payment. PLUS small/large amount routing belongs only to PLUS payment methods.

POST /api/paycore/pay/plus/atm

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`merchant_order_no`	body	Required	`string\|max:100`	Merchant order number. It should be unique. Existing active orders may return the existing payment or an order conflict.	`ORDER202606220001`
`amount`	body	Required	`integer\|min:1`	Payment amount. ECPay, SmilePay and PLUS use integer TWD amounts. Stripe uses minor units; PayPal uses major amount strings, and TWD / JPY / HUF are sent without decimals.	`980`
`currency`	body	Optional	`string\|max:10`	Currency. ECPay and SmilePay are TWD-only. PayPal currency support is determined by PayPal.	`TWD`
`payer_account`	body	Optional	`string\|max:100`	Optional payer/member identifier for tracking.	`uid811118A`
`success_url`	body	Optional	`url`	Merchant success URL.	`https://merchant.example/success`
`return_url`	body	Optional	`url`	Compatibility field. Some payment methods use it as success_url.	`https://merchant.example/return`
`cancel_url`	body	Optional	`url`	Merchant cancel URL.	`https://merchant.example/cancel`
`payok_url`	body	Optional	`url`	Merchant notification URL called by PayCore after payment succeeds.	`https://merchant.example/paycore/payok`
`item_name`	body	Optional	`string\|max:200`	Item name. Used by gateways that require item text.	`PayCore 測試商品`
`description`	body	Optional	`string\|max:200`	Payment description; can be used as fallback item/trade description.	`Order payment`
`buyer_name`	body	Optional	`string\|max:100`	Buyer name, mainly used by offline payment methods such as SmilePay.	`王小明`
`buyer_mobile`	body	Optional	`string\|max:30`	Buyer mobile number.	`0912345678`
`buyer_phone`	body	Optional	`string\|max:30`	Buyer phone; may be used as fallback for mobile/tel fields.	`0912345678`
`buyer_tel`	body	Optional	`string\|max:30`	Buyer telephone number.	`02-12345678`
`buyer_email`	body	Optional	`email\|max:150`	Buyer email.	`[email protected]`
`expire_days`	body	Optional	`integer\|min:1\|max:60`	Expiration days for offline payments. Used by SmilePay and ECPay ATM/CVS.	`7`
`gateway_credentials`	body	Required	`object`	Gateway merchant credentials. Required fields vary by gateway.	`{...}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`appid`	gateway_credentials	Required	`string`	PLUS appid.	`PLUS_APPID`
`secret_key`	gateway_credentials	Required	`string`	PLUS secret_key.	`PLUS_SECRET_KEY`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/pay/plus/atm" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "merchant_order_no": "ORDER202606220001",
    "amount": 980,
    "currency": "TWD",
    "description": "PayCore test order",
    "success_url": "https://merchant.example/success",
    "cancel_url": "https://merchant.example/cancel",
    "payok_url": "https://merchant.example/payok",
    "gateway_credentials": {
      "appid": "PLUS_APPID",
      "secret_key": "PLUS_SECRET_KEY"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/pay/plus/atm', [
    'merchant_order_no' => 'ORDER202606220001',
    'amount' => 980,
    'currency' => 'TWD',
    'gateway_credentials' => [
        // Fill the credentials shown in this section.
    ],
]);

return $response->json();

Success response highlights

payment_no
payment_url
account_code
plat_no
status

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.payment_no`	`string`	PayCore payment number.	`PAY202606220001ABCDEFGH`
`data.merchant_order_no`	`string`	Merchant order number.	`ORDER202606220001`
`data.gateway`	`string`	Gateway code.	`ecpay`
`data.method`	`string`	Payment method.	`atm`
`data.amount`	`integer`	Transaction amount.	`980`
`data.currency`	`string`	Currency.	`TWD`
`data.status`	`string`	Status after creation. Offline payments are usually pending.	`pending`
`data.payment_url`	`string\|null`	PayCore payment page or gateway redirect URL.	`https://pay-core.app/zh-tw/pay/PAY...`
`data.payment_info`	`object`	ATM / CVS / frontend payment info.	`{...}`
`data.created`	`boolean`	Whether the payment was newly created. False when an existing active payment is returned.	`true`

Success response example

JSON

{
    "success": true,
    "data": {
        "payment_no": "PAY202606220001ABCDEFGH",
        "merchant_order_no": "ORDER202606220001",
        "gateway": "plus",
        "method": "atm",
        "amount": 980,
        "currency": "TWD",
        "status": "pending",
        "payment_url": "https://pay-core.app/zh-tw/pay/PAY202606220001ABCDEFGH?token=...",
        "payment_info": {
            "payment_code": "A12345678901234",
            "expire_at": "2026-06-28 23:59:59"
        },
        "created": true
    },
    "message": "Payment created successfully"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PLUS appid is required.
PLUS secret_key is required.
PLUS money mismatch.

Production ready

Query PLUS balance

PLUS-only gateway action. The public action currently available is plus/balance.

POST /api/paycore/gateways/plus/balance

Parameters

Header parameters

Field	Location	Required	Type	Description	Example
`Content-Type`	header	Required	`string`	Use application/json when creating payments.	`application/json`
`X-API-KEY`	header	Required	`string`	PayCore API authentication key. This is not the gateway merchant credential.	`pc_live_xxxxx`

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`gateway_credentials`	body	Required	`object`	PLUS appid / secret_key.	`{"appid":"...","secret_key":"..."}`

gateway_credentials fields

Field	Location	Required	Type	Description	Example
`appid`	gateway_credentials	Required	`string`	PLUS appid.	`PLUS_APPID`
`secret_key`	gateway_credentials	Required	`string`	PLUS secret_key.	`PLUS_SECRET_KEY`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/gateways/plus/balance" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY" \
  -d '{
    "gateway_credentials": {
      "appid": "PLUS_APPID",
      "secret_key": "PLUS_SECRET_KEY"
    }
  }'

Laravel

use Illuminate\Support\Facades\Http;

$response = Http::withHeaders([
    'X-API-KEY' => env('PAYCORE_API_KEY'),
])->post('https://api-core.cc/api/paycore/gateways/plus/balance', [
    'gateway_credentials' => [
        'appid' => 'PLUS_APPID',
        'secret_key' => 'PLUS_SECRET_KEY',
    ],
]);

return $response->json();

Success response highlights

gateway=plus
balance
raw_response

Response fields

Field	Type	Description	Example
`success`	`boolean`	Whether the request succeeded.	`true`
`data.gateway`	`string`	Gateway code.	`plus`
`data.balance`	`integer\|string\|null`	PLUS balance returned by the gateway.	`10000`
`message`	`string`	PayCore response message.	`Gateway action completed`

Success response example

JSON

{
    "success": true,
    "data": {
        "gateway": "plus",
        "balance": 10000,
        "raw_response": {
            "status": "ok"
        }
    },
    "message": "Gateway action completed"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

Unsupported gateway action
Gateway action failed

Webhooks / Returns

Production ready

PLUS return page

Payer return page from PLUS to PayCore.

GET /{locale}/payment/plus/return/{paymentNo}

Parameters

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`paymentNo`	path	Required	`string`	PayCore payment_no.	`PAY202606220001ABCDEFGH`

Request / Response examples

cURL

curl -X GET "https://api-core.cc/{locale}/payment/plus/return/{paymentNo}" \
  -H "X-API-KEY: YOUR_PAYCORE_API_KEY"

Success response highlights

PayCore PLUS return page

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "type": "html",
    "description": "PayCore result page"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

Payment not found

Production ready

PLUS webhook

Receives PLUS callback_url notifications.

POST /api/paycore/webhooks/plus

Parameters

Path / Query / Body parameters

Field	Location	Required	Type	Description	Example
`appid`	body	Required	`string`	PLUS appid.	`PLUS_APPID`
`money`	body	Required	`integer\|string`	Callback amount; PayCore compares it to the transaction amount.	`980`

Request / Response examples

cURL

curl -X POST "https://api-core.cc/api/paycore/webhooks/plus" \
  -H "Content-Type: application/json" \
  -d '{
    "event_type": "example.event",
    "resource": {
      "payment_no": "PAY202606220001ABCDEFGH"
    }
  }'

Success response highlights

JSON ack

Response fields

Field	Type	Description	Example
`HTTP status`	`integer`	HTTP status code. SmilePay success uses 200.	`200`
`Content-Type`	`string`	Response content type. SmilePay uses text/plain.	`application/json`
`body`	`string\|object`	Gateway-required ACK or PayCore result page.	`{"success":true}`

Success response example

JSON

{
    "success": true,
    "message": "Webhook received"
}

Error response example

JSON

{
    "success": false,
    "message": "Validation failed",
    "error": {
        "error_code": "VALIDATION_FAILED",
        "fields": {
            "amount": [
                "The amount field is required."
            ]
        }
    }
}

Errors and notes

PLUS appid mismatch.
PLUS money mismatch.

You have reached the end

Pico is here with you at the end.

Need to find another API, return to the catalog, or review the integration flow? Jump back to search or continue from the API catalog.

Back to search Back to API catalog View integration flow

Browse every verified API method by payment gateway.

PayCore public API catalog

Quickstart

API authentication

Integration modes

Webhook concept

Common APIs

Merchant APIs

Header parameters

Path / Query / Body parameters

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

Success response highlights

Response fields

Success response example

Error response example

ECPay

Merchant APIs

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields

Success response highlights

Response fields

Success response example

Error response example

Header parameters

Path / Query / Body parameters

gateway_credentials fields