This is a "swagger" definition of application programming interface of the MúzaPay by Benefit Plus e-commerce payment gateway. You may leverage this API from your e-shop to integrate payments by employee-benefits-programme funds. This version of the programme uses mobile payment application MúzaPay. Requests signingAll requests except /auth/token must be signed by "SHA-256 with RSA" (RSASSA-PKCS1-v1_5, RFC 8017 chapter 8.2) electronic signatures. See online gateway documentation for details. ## Change log * v2 - 2025-06-26 * Added HEALTH value to productCode enum as mandated by the Czech state legislation. * amountAuthorized in PaymentStateResponse renamed to remainingAmount to better capture its meaining. * Added HTTP 410 Gone response to the cancelPayment() operation. * Corrected pattern of orderReferenceCode * Multiple corrections of the documentation, examples and field ordering changes - non-impacting.

Go to Download

vitexsoftware/rbczpremiumapi

4 Favers
193 Downloads

##### API Overview - Accounts list and balance - Transaction overview (also for saving accounts) - Payments import - Statement list and download - FX rates ##### Authentication Before making a call to Premium API, you need to register your app at our _Developer portal_. This is where you get the **ClientID** that your application must send in the request as `X-IBM-Client-Id`. This is the key that grants your app access to the API. However, this may not be enough. Your application needs to use mTLS to call most operations here. Thus, you not only need _https_ but also a client certificate issued by us. The exception is two operations for FX rates that are accessible also without a client certificate. Each bank client/user can issue several certificates. Each certificate can permit different sets of operations (http methods) on different bank accounts. All this must be configured in Internet Banking first by each bank client/user (bank clients need to look under _Settings_ and do not forget to download the certificate at the last step). The certificate is downloaded in **PKCS#12** format as **\*.p12** file and protected by a password chosen by the bank client/user. Yes, your app needs the password as well to get use of the **\*p12** file for establishing mTLS connection to the bank. Client certificates issued in Internet Banking for bank clients/users have limited validity (e.g. **5 years**). However, **each year** certificates are automatically blocked and bank client/user must unblock them in Internet Banking. It is possible to do it in advance and prolong the time before the certificate is blocked. Your app should be prepared for these scenarios and it should communicate such cases to your user in advance to provide seamless service and high user-experience of your app. ##### Rate Limiting The number of requests in each API operation is limited to 10 per client per sliding second and 5000 per client per sliding day. The exception is the 'Download Statement' operation with the limits lowered to 5 per client per sliding second and 1500 per client per sliding day. This is because it transports potentially sizeable binary files. The consumer must be able to handle HTTP status 429 in case of exceeding these limits. Response headers `X-RateLimit-Limit-Second` and `X-RateLimit-Limit-Day` show the actual limits configured for the specific operation. Response headers `X-RateLimit-Remaining-Second` and `X-RateLimit-Remaining-Day` are returned to help prevent the limits from being exceeded. ##### Notes Be aware, that in certain error situations, API can return specific error structures along with 5xx status code, which is not explicitely defined below. ##### Quick Start Client Feel free to download a simple Java client that gives you quick access to our API.

Go to Download

upscale/http-server-mock

5 Favers
3728 Downloads

HTTP server that responds to recognized requests with static body and headers

Go to Download

<< Previous Next >>